[systemd-commits] 3 commits - TODO configure.ac src/shared

Lennart Poettering lennart at kemper.freedesktop.org
Thu Sep 20 02:12:42 PDT 2012 

 TODO              |    2 ++
 configure.ac      |    2 +-
 src/shared/util.c |   16 ++++++++++++----
 src/shared/util.h |   20 +++++++++++++++++---
 4 files changed, 32 insertions(+), 8 deletions(-)

New commits:
commit 3f8cc098d218525710e5cbad9adf37001d3b6060
Author: Jan Engelhardt <jengelh at inai.de>
Date:   Thu Sep 20 10:20:49 2012 +0200

    build-sys: require certain version of libselinux
    
    ./.libs/libsystemd-core.a(libsystemd_core_la-selinux-access.o):
    In function "selinux_access_check":
    src/core/selinux-access.c:487: undefined reference to
    "selinux_check_access"

diff --git a/configure.ac b/configure.ac
index b989136..9cb9d83 100644
--- a/configure.ac
+++ b/configure.ac
@@ -203,7 +203,7 @@ fi
 have_selinux=no
 AC_ARG_ENABLE(selinux, AS_HELP_STRING([--disable-selinux], [Disable optional SELINUX support]))
 if test "x$enable_selinux" != "xno"; then
-        PKG_CHECK_MODULES(SELINUX, [ libselinux ],
+        PKG_CHECK_MODULES([SELINUX], [libselinux >= 2.1.9],
                 [AC_DEFINE(HAVE_SELINUX, 1, [Define if SELinux is available]) have_selinux=yes], have_selinux=no)
         if test "x$have_selinux" = xno -a "x$enable_selinux" = xyes; then
                 AC_MSG_ERROR([*** SELinux support requested but libraries not found])

commit 040f18ea8a682dc80c9f3940cf234ccd1135e115
Author: Lennart Poettering <lennart at poettering.net>
Date:   Thu Sep 20 11:08:27 2012 +0200

    util: overflow hardening

diff --git a/TODO b/TODO
index 573a953..4a7fbb9 100644
--- a/TODO
+++ b/TODO
@@ -17,6 +17,8 @@ F18:
 
 * Retest multi-seat
 
+* file bugs against KDE/... to take the new key inhibitor locks
+
 Features:
 
 * instantiated [Install] for target units
diff --git a/src/shared/util.c b/src/shared/util.c
index b48bad4..02ee637 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -1184,8 +1184,11 @@ char *strnappend(const char *s, const char *suffix, size_t b) {
         assert(suffix);
 
         a = strlen(s);
+        if ((size_t) -1 - a > b)
+                return NULL;
 
-        if (!(r = new(char, a+b+1)))
+        r = new(char, a+b+1);
+        if (!r)
                 return NULL;
 
         memcpy(r, s, a);
@@ -5014,12 +5017,17 @@ char *strjoin(const char *x, ...) {
 
                 for (;;) {
                         const char *t;
+                        size_t n;
 
                         t = va_arg(ap, const char *);
                         if (!t)
                                 break;
 
-                        l += strlen(t);
+                        n = strlen(t);
+                        if (n > ((size_t) -1) - l)
+                                return NULL;
+
+                        l += n;
                 }
         } else
                 l = 0;
@@ -5291,7 +5299,7 @@ int signal_from_string(const char *s) {
         int offset = 0;
         unsigned u;
 
-        signo =__signal_from_string(s);
+        signo = __signal_from_string(s);
         if (signo > 0)
                 return signo;
 
@@ -5683,7 +5691,7 @@ void warn_melody(void) {
         if (fd < 0)
                 return;
 
-        /* Yeah, this is synchronous. Kinda sucks. Bute well... */
+        /* Yeah, this is synchronous. Kinda sucks. But well... */
 
         ioctl(fd, KIOCSOUND, (int)(1193180/440));
         usleep(125*USEC_PER_MSEC);
diff --git a/src/shared/util.h b/src/shared/util.h
index e23d706..2e49cfd 100644
--- a/src/shared/util.h
+++ b/src/shared/util.h
@@ -551,7 +551,7 @@ _malloc_  static inline void *malloc_multiply(size_t a, size_t b) {
         return malloc(a * b);
 }
 
-static inline void *memdup_multiply(const void *p, size_t a, size_t b) {
+_malloc_ static inline void *memdup_multiply(const void *p, size_t a, size_t b) {
         if (_unlikely_(a > ((size_t) -1) / b))
                 return NULL;
 

commit 4b8772bf5f2887aa2bdb74efa2f5dfd40fff946d
Author: Lennart Poettering <lennart at poettering.net>
Date:   Thu Sep 20 00:02:01 2012 +0200

    util: make sure heap allocators fail when array allocations are out of bounds
    
    https://bugzilla.redhat.com/show_bug.cgi?id=858777

diff --git a/src/shared/util.h b/src/shared/util.h
index e5728bd..e23d706 100644
--- a/src/shared/util.h
+++ b/src/shared/util.h
@@ -111,13 +111,13 @@ size_t page_size(void);
 
 bool streq_ptr(const char *a, const char *b);
 
-#define new(t, n) ((t*) malloc(sizeof(t)*(n)))
+#define new(t, n) ((t*) malloc_multiply(sizeof(t), (n)))
 
 #define new0(t, n) ((t*) calloc((n), sizeof(t)))
 
 #define newa(t, n) ((t*) alloca(sizeof(t)*(n)))
 
-#define newdup(t, p, n) ((t*) memdup(p, sizeof(t)*(n)))
+#define newdup(t, p, n) ((t*) memdup_multiply(p, sizeof(t), (n)))
 
 #define malloc0(n) (calloc((n), 1))
 
@@ -514,7 +514,7 @@ char *format_bytes(char *buf, size_t l, off_t t);
 
 int fd_wait_for_event(int fd, int event, usec_t timeout);
 
-void* memdup(const void *p, size_t l);
+void* memdup(const void *p, size_t l) _malloc_;
 
 int is_kernel_thread(pid_t pid);
 
@@ -543,3 +543,17 @@ void fclosep(FILE **f);
 void closep(int *fd);
 void closedirp(DIR **d);
 void umaskp(mode_t *u);
+
+_malloc_  static inline void *malloc_multiply(size_t a, size_t b) {
+        if (_unlikely_(a > ((size_t) -1) / b))
+                return NULL;
+
+        return malloc(a * b);
+}
+
+static inline void *memdup_multiply(const void *p, size_t a, size_t b) {
+        if (_unlikely_(a > ((size_t) -1) / b))
+                return NULL;
+
+        return memdup(p, a * b);
+}

More information about the systemd-commits mailing list