From 9c14c421f9e984d1d09af636a02fa2f2f13952d5 Mon Sep 17 00:00:00 2001 From: Marcel Plch Date: Tue, 28 Aug 2018 14:42:03 +0200 Subject: [PATCH] Fix possible memory leaks --- anacron/readtab.c | 29 +++++++++++++++++++++++++++++ anacron/runjob.c | 41 ++++++++++++++++++++++++++++++++++++++--- src/entry.c | 4 +++- 3 files changed, 70 insertions(+), 4 deletions(-) diff --git a/anacron/readtab.c b/anacron/readtab.c index e4da32d..a3f0220 100644 --- a/anacron/readtab.c +++ b/anacron/readtab.c @@ -134,8 +134,19 @@ register_env(const char *env_var, const char *value) var_len = (int)strlen(env_var); val_len = (int)strlen(value); + if (!var_len) { + return; + } + er = obstack_alloc(&tab_o, sizeof(env_rec)); + if (er == NULL) { + die_e("Cannot allocate memory."); + } + er->assign = obstack_alloc(&tab_o, var_len + 1 + val_len + 1); + if (er->assign == NULL) { + die_e("Cannot allocate memory."); + } strcpy(er->assign, env_var); er->assign[var_len] = '='; strcpy(er->assign + var_len + 1, value); @@ -167,15 +178,24 @@ register_job(const char *periods, const char *delays, return; } jr = obstack_alloc(&tab_o, sizeof(job_rec)); + if (jr == NULL) { + die_e("Cannot allocate memory."); + } jr->period = period; jr->named_period = 0; delay += random_number; jr->delay = delay; jr->tab_line = line_num; jr->ident = obstack_alloc(&tab_o, ident_len + 1); + if (jr->ident == NULL) { + die_e("Cannot allocate memory."); + } strcpy(jr->ident, ident); jr->arg_num = job_arg_num(ident); jr->command = obstack_alloc(&tab_o, command_len + 1); + if (jr->command == NULL) { + die_e("Cannot allocate memory."); + } strcpy(jr->command, command); jr->job_pid = jr->mailer_pid = 0; if (last_job_rec != NULL) last_job_rec->next = jr; @@ -208,6 +228,9 @@ register_period_job(const char *periods, const char *delays, } jr = obstack_alloc(&tab_o, sizeof(job_rec)); + if (jr == NULL) { + die_e("Cannot allocate memory."); + } if (!strncmp ("@monthly", periods, 8)) { jr->named_period = 1; } else if (!strncmp("@yearly", periods, 7) || !strncmp("@annually", periods, 9) || !strncmp(/* backwards compat misspelling */"@annualy", periods, 8)) { @@ -225,9 +248,15 @@ register_period_job(const char *periods, const char *delays, jr->delay = delay; jr->tab_line = line_num; jr->ident = obstack_alloc(&tab_o, ident_len + 1); + if (jr->ident == NULL) { + die_e("Cannot allocate memory."); + } strcpy(jr->ident, ident); jr->arg_num = job_arg_num(ident); jr->command = obstack_alloc(&tab_o, command_len + 1); + if (jr->command == NULL) { + die_e("Cannot allocate memory."); + } strcpy(jr->command, command); jr->job_pid = jr->mailer_pid = 0; if (last_job_rec != NULL) last_job_rec->next = jr; diff --git a/anacron/runjob.c b/anacron/runjob.c index 61dd0d5..247ec00 100644 --- a/anacron/runjob.c +++ b/anacron/runjob.c @@ -104,9 +104,44 @@ username(void) static void xputenv(const char *s) { - char *copy = strdup (s); - if (!copy) die_e("Not enough memory to set the environment"); - if (putenv(copy)) die_e("Can't set the environment"); + char *name = NULL, *val = NULL; + char *eq_ptr; + const char *errmsg; + size_t eq_index; + + if (s == NULL) { + die_e("Invalid environment string"); + } + + eq_ptr = strchr(s, '='); + if (eq_ptr == NULL) { + die_e("Invalid environment string"); + } + + eq_index = (size_t) (eq_ptr - s); + + name = malloc((eq_index + 1) * sizeof(char)); + if (name == NULL) { + die_e("Not enough memory to set the environment"); + } + + val = malloc((strlen(s) - eq_index) * sizeof(char)); + if (val == NULL) { + die_e("Not enough memory to set the environment"); + } + + strncpy(name, s, eq_index); + name[eq_index] = '\0'; + strcpy(val, s + eq_index + 1); + + if (setenv(name, val, 1)) { + die_e("Can't set the environment"); + } + + free(name); + free(val); + return; + } static void diff --git a/src/entry.c b/src/entry.c index 92b55f5..5b4e71f 100644 --- a/src/entry.c +++ b/src/entry.c @@ -131,8 +131,10 @@ entry *load_entry(FILE * file, void (*error_func) (), struct passwd *pw, goto eof; } ch = get_char(file); - if (ch == EOF) + if (ch == EOF) { + free(e); return NULL; + } } if (ch == '@') { -- 2.40.0