From 43d0f3fc76542d0859c9b84402c0483a22e02b68 Mon Sep 17 00:00:00 2001 From: Roy Marples Date: Mon, 7 Jan 2008 12:29:30 +0000 Subject: rc_getline keeps expanding it's malloced buffer until it has read a whole line or EOF. All functions which read into static buffers have been changed to use fhis function to avoid any potential overflows and to ensure we really do read a long long config line. --- src/librc/librc-daemon.c | 41 ++++++++++++++++------------------------- src/librc/librc-depend.c | 43 +++++++++++++++++++++---------------------- src/librc/librc-misc.c | 42 ++++++++++++++++++++++++++---------------- src/librc/librc.c | 43 ++++++++++++------------------------------- src/librc/librc.h | 1 + src/librc/rc.h | 4 ++++ src/librc/rc.map | 1 + 7 files changed, 81 insertions(+), 94 deletions(-) (limited to 'src/librc') diff --git a/src/librc/librc-daemon.c b/src/librc/librc-daemon.c index fe9509de..04852e0e 100644 --- a/src/librc/librc-daemon.c +++ b/src/librc/librc-daemon.c @@ -265,7 +265,7 @@ static bool _match_daemon (const char *path, const char *file, const char *mexec, const char *mname, const char *mpidfile) { - char *buffer; + char *line; char *ffile = rc_strcatpaths (path, file, (char *) NULL); FILE *fp; int lc = 0; @@ -281,19 +281,14 @@ static bool _match_daemon (const char *path, const char *file, if (! mpidfile) m += 100; - buffer = xmalloc (sizeof (char) * RC_LINEBUFFER); - memset (buffer, 0, RC_LINEBUFFER); - while ((fgets (buffer, RC_LINEBUFFER, fp))) { - int lb = strlen (buffer) - 1; - if (buffer[lb] == '\n') - buffer[lb] = 0; - - if (strcmp (buffer, mexec) == 0) + while ((line = rc_getline (fp))) { + if (strcmp (line, mexec) == 0) m += 1; - else if (mname && strcmp (buffer, mname) == 0) + else if (mname && strcmp (line, mname) == 0) m += 10; - else if (mpidfile && strcmp (buffer, mpidfile) == 0) + else if (mpidfile && strcmp (line, mpidfile) == 0) m += 100; + free (line); if (m == 111) break; @@ -302,7 +297,6 @@ static bool _match_daemon (const char *path, const char *file, if (lc > 5) break; } - free (buffer); fclose (fp); free (ffile); @@ -460,7 +454,7 @@ bool rc_service_daemons_crashed (const char *service) struct dirent *d; char *path; FILE *fp; - char *buffer = NULL; + char *line; char *exec = NULL; char *name = NULL; char *pidfile = NULL; @@ -481,9 +475,6 @@ bool rc_service_daemons_crashed (const char *service) return (false); } - buffer = xmalloc (sizeof (char) * RC_LINEBUFFER); - memset (buffer, 0, RC_LINEBUFFER); - while ((d = readdir (dp))) { if (d->d_name[0] == '.') continue; @@ -494,17 +485,17 @@ bool rc_service_daemons_crashed (const char *service) if (! fp) break; - while ((fgets (buffer, RC_LINEBUFFER, fp))) { - int lb = strlen (buffer) - 1; - if (buffer[lb] == '\n') - buffer[lb] = 0; - - p = buffer; - if ((token = strsep (&p, "=")) == NULL || ! p) + while ((line = rc_getline (fp))) { + p = line; + if ((token = strsep (&p, "=")) == NULL || ! p) { + free (line); continue; + } - if (strlen (p) == 0) + if (strlen (p) == 0) { + free (line); continue; + } if (strcmp (token, "exec") == 0) { if (exec) @@ -519,6 +510,7 @@ bool rc_service_daemons_crashed (const char *service) free (pidfile); pidfile = xstrdup (p); } + free (line); } fclose (fp); @@ -563,7 +555,6 @@ bool rc_service_daemons_crashed (const char *service) name = NULL; } - free (buffer); free (exec); free (name); free (dirpath); diff --git a/src/librc/librc-depend.c b/src/librc/librc-depend.c index 0ce95e60..aece3858 100644 --- a/src/librc/librc-depend.c +++ b/src/librc/librc-depend.c @@ -124,7 +124,7 @@ rc_depinfo_t *rc_deptree_load (void) rc_depinfo_t *deptree = NULL; rc_depinfo_t *depinfo = NULL; rc_deptype_t *deptype = NULL; - char buffer [RC_LINEBUFFER]; + char *line; char *type; char *p; char *e; @@ -133,26 +133,26 @@ rc_depinfo_t *rc_deptree_load (void) if (! (fp = fopen (RC_DEPTREE, "r"))) return (NULL); - while (fgets (buffer, RC_LINEBUFFER, fp)) + while ((line = rc_getline (fp))) { - p = buffer; + p = line; e = strsep (&p, "_"); if (! e || strcmp (e, "depinfo") != 0) - continue; + goto next; e = strsep (&p, "_"); if (! e || sscanf (e, "%d", &i) != 1) - continue; + goto next; if (! (type = strsep (&p, "_="))) - continue; + goto next; if (strcmp (type, "service") == 0) { /* Sanity */ e = get_shell_value (p); if (! e || strlen (e) == 0) - continue; + goto next; if (! deptree) { @@ -167,17 +167,17 @@ rc_depinfo_t *rc_deptree_load (void) memset (depinfo, 0, sizeof (rc_depinfo_t)); depinfo->service = xstrdup (e); deptype = NULL; - continue; + goto next; } e = strsep (&p, "="); if (! e || sscanf (e, "%d", &i) != 1) - continue; + goto next; /* Sanity */ e = get_shell_value (p); if (! e || strlen (e) == 0) - continue; + goto next; if (! deptype) { @@ -197,6 +197,9 @@ rc_depinfo_t *rc_deptree_load (void) deptype->type = xstrdup (type); rc_strlist_addsort (&deptype->services, e); + +next: + free (line); } fclose (fp); @@ -722,7 +725,7 @@ bool rc_deptree_update (void) rc_deptype_t *deptype = NULL; rc_deptype_t *dt; rc_deptype_t *last_deptype = NULL; - char *buffer = NULL; + char *line; int len; int i; int j; @@ -740,20 +743,14 @@ bool rc_deptree_update (void) deptree = xmalloc (sizeof (rc_depinfo_t)); memset (deptree, 0, sizeof (rc_depinfo_t)); - buffer = xmalloc (sizeof (char) * RC_LINEBUFFER); - memset (buffer, 0, RC_LINEBUFFER); /* Phase 2 */ - while (fgets (buffer, RC_LINEBUFFER, fp)) + while ((line = rc_getline (fp))) { - /* Trim the newline */ - if (buffer[strlen (buffer) - 1] == '\n') - buffer[strlen(buffer) -1] = 0; - - depends = buffer; + depends = line; service = strsep (&depends, " "); if (! service) - continue; + goto next; type = strsep (&depends, " "); for (depinfo = deptree; depinfo; depinfo = depinfo->next) @@ -778,7 +775,7 @@ bool rc_deptree_update (void) /* We may not have any depends */ if (! type || ! depends) - continue; + goto next; /* Get the type */ if (strcmp (type, "config") != 0) { @@ -844,9 +841,11 @@ bool rc_deptree_update (void) rc_strlist_delete (&dt->services, depend); } } + +next: + free (line); } pclose (fp); - free (buffer); /* Phase 3 - add our providors to the tree */ for (depinfo = deptree; depinfo; depinfo = depinfo->next) diff --git a/src/librc/librc-misc.c b/src/librc/librc-misc.c index b8f59936..8cbd6a6d 100644 --- a/src/librc/librc-misc.c +++ b/src/librc/librc-misc.c @@ -105,6 +105,30 @@ char *rc_strcatpaths (const char *path1, const char *paths, ...) } librc_hidden_def(rc_strcatpaths) +char *rc_getline (FILE *fp) +{ + char *line = NULL; + size_t len = 0; + size_t last = 0; + + if (feof (fp)) + return (NULL); + + do { + len += BUFSIZ; + line = xrealloc (line, sizeof (char) * len); + fgets (line + last, BUFSIZ, fp); + last = strlen (line + last) - 1; + } while (! feof (fp) && line[last] != '\n'); + + /* Trim the trailing newline */ + if (line[last] == '\n') + line[last] = '\0'; + + return (line); +} +librc_hidden_def(rc_getline) + char **rc_config_list (const char *file) { FILE *fp; @@ -112,26 +136,12 @@ char **rc_config_list (const char *file) char *p; char *token; char **list = NULL; - size_t buflen = BUFSIZ; - size_t last; if (! (fp = fopen (file, "r"))) return (NULL); - buffer = xmalloc (sizeof (char) * buflen); - buffer[buflen - 1] = '\0'; - while (fgets (buffer, buflen, fp)) { - /* Increase the buffer to read the rest of the line if needed */ - last = strlen (buffer) - 1; - while (! feof (fp) && buffer[last] != '\n') { - buflen += BUFSIZ; - buffer = xrealloc (buffer, sizeof (char *) * buflen); - fgets (buffer + last, BUFSIZ, fp); - last = strlen (buffer) - 1; - } - + while ((p = buffer = rc_getline (fp))) { /* Strip leading spaces/tabs */ - p = buffer; while ((*p == ' ') || (*p == '\t')) p++; @@ -144,8 +154,8 @@ char **rc_config_list (const char *file) rc_strlist_add (&list, token); } + free (buffer); } - free (buffer); fclose (fp); return (list); diff --git a/src/librc/librc.c b/src/librc/librc.c index dbabdc03..07652f4d 100644 --- a/src/librc/librc.c +++ b/src/librc/librc.c @@ -307,7 +307,7 @@ char **rc_service_extra_commands (const char *service) char *buffer = NULL; char **commands = NULL; char *token; - char *p = buffer; + char *p; FILE *fp; int l; @@ -319,13 +319,9 @@ char **rc_service_extra_commands (const char *service) snprintf (cmd, l, OPTSTR, svc); free (svc); if ((fp = popen (cmd, "r"))) { - buffer = xmalloc (sizeof (char) * RC_LINEBUFFER); - if (fgets (buffer, RC_LINEBUFFER, fp)) { - if (buffer[strlen (buffer) - 1] == '\n') - buffer[strlen (buffer) - 1] = '\0'; - while ((token = strsep (&p, " "))) - rc_strlist_addsort (&commands, token); - } + p = buffer = rc_getline (fp); + while ((token = strsep (&p, " "))) + rc_strlist_addsort (&commands, token); pclose (fp); free (buffer); } @@ -338,12 +334,10 @@ librc_hidden_def(rc_service_extra_commands) char *rc_service_description (const char *service, const char *option) { char *svc; - char *cmd = NULL; - char *buffer; + char *cmd; char *desc = NULL; FILE *fp; int i; - int l; if (! (svc = rc_service_resolve (service))) return (NULL); @@ -351,24 +345,12 @@ char *rc_service_description (const char *service, const char *option) if (! option) option = ""; - l = strlen (DESCSTR) + strlen (svc) + strlen (option) + 2; - cmd = xmalloc (sizeof (char) * l); - snprintf (cmd, l, DESCSTR, svc, option ? "_" : "", option); + i = strlen (DESCSTR) + strlen (svc) + strlen (option) + 2; + cmd = xmalloc (sizeof (char) * i); + snprintf (cmd, i, DESCSTR, svc, option ? "_" : "", option); free (svc); if ((fp = popen (cmd, "r"))) { - buffer = xmalloc (sizeof (char) * RC_LINEBUFFER); - while (fgets (buffer, RC_LINEBUFFER, fp)) { - if (! desc) { - desc = xmalloc (strlen (buffer) + 1); - *desc = '\0'; - } else { - desc = xrealloc (desc, strlen (desc) + strlen (buffer) + 1); - } - i = strlen (desc); - memcpy (desc + i, buffer, strlen (buffer)); - memset (desc + i + strlen (buffer), 0, 1); - } - free (buffer); + desc = rc_getline (fp); pclose (fp); } free (cmd); @@ -547,18 +529,17 @@ librc_hidden_def(rc_service_state) char *rc_service_value_get (const char *service, const char *option) { FILE *fp; - char *buffer = NULL; + char *line = NULL; char *file = rc_strcatpaths (RC_SVCDIR, "options", service, option, (char *) NULL); if ((fp = fopen (file, "r"))) { - buffer = xmalloc (sizeof (char) * RC_LINEBUFFER); - fgets (buffer, RC_LINEBUFFER, fp); + line = rc_getline (fp); fclose (fp); } free (file); - return (buffer); + return (line); } librc_hidden_def(rc_service_value_get) diff --git a/src/librc/librc.h b/src/librc/librc.h index 32b5000a..491462b8 100644 --- a/src/librc/librc.h +++ b/src/librc/librc.h @@ -83,6 +83,7 @@ librc_hidden_proto(rc_deptree_order) librc_hidden_proto(rc_deptree_update) librc_hidden_proto(rc_deptree_update_needed) librc_hidden_proto(rc_find_pids) +librc_hidden_proto(rc_getline) librc_hidden_proto(rc_runlevel_exists) librc_hidden_proto(rc_runlevel_get) librc_hidden_proto(rc_runlevel_list) diff --git a/src/librc/rc.h b/src/librc/rc.h index 0020764e..fe1213b0 100644 --- a/src/librc/rc.h +++ b/src/librc/rc.h @@ -39,6 +39,7 @@ #include #include +#include /*! @name Reserved runlevel names */ #define RC_LEVEL_SYSINIT "sysinit" @@ -347,6 +348,9 @@ extern FILE *rc_environ_fd; /*! @name Configuration * These functions help to deal with shell based configuration files */ +/*! Return a line from a file, stripping the trailing newline. */ +char *rc_getline (FILE *fp); + /*! Return a NULL terminated list of non comment lines from a file. */ char **rc_config_list (const char *file); diff --git a/src/librc/rc.map b/src/librc/rc.map index e5f8ee34..ff7ef7d1 100644 --- a/src/librc/rc.map +++ b/src/librc/rc.map @@ -12,6 +12,7 @@ global: rc_deptree_update_needed; rc_environ_fd; rc_find_pids; + rc_getline; rc_runlevel_exists; rc_runlevel_get; rc_runlevel_list; -- cgit v1.2.3