PERFORCE change 31792 for review
Dag-Erling Smorgrav
des at FreeBSD.org
Sat May 24 10:45:18 PDT 2003
http://perforce.freebsd.org/chv.cgi?CH=31792
Change 31792 by des at des.at.des.thinksec.com on 2003/05/24 10:44:29
With one single exception (where the pointer is obviously being
immediately overwritten), replace all use of free(3) with a macro
that clears the pointer after freeing the memory it pointed to.
Suggested by: Dmitry V. Levin <ldv at altlinux.org>
Affected files ...
.. //depot/projects/openpam/lib/openpam_borrow_cred.c#7 edit
.. //depot/projects/openpam/lib/openpam_configure.c#7 edit
.. //depot/projects/openpam/lib/openpam_dynamic.c#10 edit
.. //depot/projects/openpam/lib/openpam_free_data.c#4 edit
.. //depot/projects/openpam/lib/openpam_impl.h#23 edit
.. //depot/projects/openpam/lib/openpam_load.c#16 edit
.. //depot/projects/openpam/lib/openpam_log.c#22 edit
.. //depot/projects/openpam/lib/openpam_set_option.c#10 edit
.. //depot/projects/openpam/lib/openpam_ttyconv.c#18 edit
.. //depot/projects/openpam/lib/pam_end.c#12 edit
.. //depot/projects/openpam/lib/pam_error.c#9 edit
.. //depot/projects/openpam/lib/pam_get_authtok.c#23 edit
.. //depot/projects/openpam/lib/pam_get_user.c#16 edit
.. //depot/projects/openpam/lib/pam_getenvlist.c#11 edit
.. //depot/projects/openpam/lib/pam_info.c#8 edit
.. //depot/projects/openpam/lib/pam_putenv.c#10 edit
.. //depot/projects/openpam/lib/pam_set_data.c#14 edit
.. //depot/projects/openpam/lib/pam_set_item.c#20 edit
.. //depot/projects/openpam/lib/pam_setenv.c#9 edit
.. //depot/projects/openpam/lib/pam_verror.c#7 edit
.. //depot/projects/openpam/lib/pam_vinfo.c#7 edit
.. //depot/projects/openpam/lib/pam_vprompt.c#11 edit
Differences ...
==== //depot/projects/openpam/lib/openpam_borrow_cred.c#7 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/openpam_borrow_cred.c#6 $
+ * $P4: //depot/projects/openpam/lib/openpam_borrow_cred.c#7 $
*/
#include <sys/param.h>
@@ -77,13 +77,13 @@
scred->egid = getegid();
r = getgroups(NGROUPS_MAX, scred->groups);
if (r == -1) {
- free(scred);
+ FREE(scred);
RETURNC(PAM_SYSTEM_ERR);
}
scred->ngroups = r;
r = pam_set_data(pamh, PAM_SAVED_CRED, scred, &openpam_free_data);
if (r != PAM_SUCCESS) {
- free(scred);
+ FREE(scred);
RETURNC(r);
}
if (geteuid() == pwd->pw_uid)
==== //depot/projects/openpam/lib/openpam_configure.c#7 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/openpam_configure.c#6 $
+ * $P4: //depot/projects/openpam/lib/openpam_configure.c#7 $
*/
#include <ctype.h>
@@ -238,7 +238,7 @@
strcat(filename, service);
r = openpam_read_policy_file(policy,
service, filename, PAM_D_STYLE);
- free(filename);
+ FREE(filename);
} else {
r = openpam_read_policy_file(policy,
service, *path, PAM_CONF_STYLE);
==== //depot/projects/openpam/lib/openpam_dynamic.c#10 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/openpam_dynamic.c#9 $
+ * $P4: //depot/projects/openpam/lib/openpam_dynamic.c#10 $
*/
#include <dlfcn.h>
@@ -69,11 +69,11 @@
*strrchr(vpath, '.') = '\0';
if ((dlh = dlopen(vpath, RTLD_LAZY)) == NULL) {
openpam_log(PAM_LOG_DEBUG, "%s: %s", vpath, dlerror());
- free(module);
+ FREE(module);
return (NULL);
}
}
- free(vpath);
+ FREE(vpath);
if ((module->path = strdup(path)) == NULL)
goto buf_err;
module->dlh = dlh;
@@ -88,7 +88,7 @@
openpam_log(PAM_LOG_ERROR, "%m");
if (dlh != NULL)
dlclose(dlh);
- free(module);
+ FREE(module);
return (NULL);
}
==== //depot/projects/openpam/lib/openpam_free_data.c#4 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/openpam_free_data.c#3 $
+ * $P4: //depot/projects/openpam/lib/openpam_free_data.c#4 $
*/
#include <stdlib.h>
@@ -54,7 +54,7 @@
ENTER();
(void)pamh;
(void)status;
- free(data);
+ FREE(data);
RETURNV();
}
==== //depot/projects/openpam/lib/openpam_impl.h#23 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/openpam_impl.h#22 $
+ * $P4: //depot/projects/openpam/lib/openpam_impl.h#23 $
*/
#ifndef _OPENPAM_IMPL_H_INCLUDED
@@ -124,6 +124,8 @@
#endif
pam_module_t *openpam_dynamic(const char *);
+#define FREE(p) do { free((p)); (p) = NULL; } while (0);
+
#ifdef DEBUG
#define ENTER() openpam_log(PAM_LOG_DEBUG, "entering")
#define ENTERI(i) do { \
==== //depot/projects/openpam/lib/openpam_load.c#16 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/openpam_load.c#15 $
+ * $P4: //depot/projects/openpam/lib/openpam_load.c#16 $
*/
#include <dlfcn.h>
@@ -136,8 +136,8 @@
if (module == modules)
modules = module->next;
openpam_log(PAM_LOG_DEBUG, "releasing %s", module->path);
- free(module->path);
- free(module);
+ FREE(module->path);
+ FREE(module);
}
@@ -154,10 +154,10 @@
openpam_destroy_chain(chain->next);
chain->next = NULL;
while (chain->optc--)
- free(chain->optv[chain->optc]);
- free(chain->optv);
+ FREE(chain->optv[chain->optc]);
+ FREE(chain->optv);
openpam_release_module(chain->module);
- free(chain);
+ FREE(chain);
}
/*
==== //depot/projects/openpam/lib/openpam_log.c#22 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/openpam_log.c#21 $
+ * $P4: //depot/projects/openpam/lib/openpam_log.c#22 $
*/
#include <ctype.h>
@@ -112,7 +112,7 @@
va_start(ap, fmt);
if (asprintf(&format, "in %s(): %s", func, fmt) > 0) {
vsyslog(priority, format, ap);
- free(format);
+ FREE(format);
} else {
vsyslog(priority, fmt, ap);
}
==== //depot/projects/openpam/lib/openpam_set_option.c#10 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/openpam_set_option.c#9 $
+ * $P4: //depot/projects/openpam/lib/openpam_set_option.c#10 $
*/
#include <sys/param.h>
@@ -89,7 +89,7 @@
/* add */
optv = realloc(cur->optv, sizeof(char *) * (cur->optc + 2));
if (optv == NULL) {
- free(opt);
+ FREE(opt);
RETURNC(PAM_BUF_ERR);
}
optv[i] = opt;
@@ -98,7 +98,7 @@
++cur->optc;
} else {
/* replace */
- free(cur->optv[i]);
+ FREE(cur->optv[i]);
cur->optv[i] = opt;
}
RETURNC(PAM_SUCCESS);
==== //depot/projects/openpam/lib/openpam_ttyconv.c#18 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/openpam_ttyconv.c#17 $
+ * $P4: //depot/projects/openpam/lib/openpam_ttyconv.c#18 $
*/
#include <sys/types.h>
@@ -179,8 +179,8 @@
RETURNC(PAM_SUCCESS);
fail:
while (i)
- free(resp[--i]);
- free(*resp);
+ FREE(resp[--i]);
+ FREE(*resp);
*resp = NULL;
RETURNC(PAM_CONV_ERR);
}
@@ -199,7 +199,7 @@
* of most text-based interactive programs.
*
* The =openpam_ttyconv function allows the application to specify a
- * timeout for user input by setting the global variable
+ * timeout for user input by setting the global integer variable
* :openpam_ttyconv_timeout to the length of the timeout in seconds.
*
* >openpam_nullconv
==== //depot/projects/openpam/lib/pam_end.c#12 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/pam_end.c#11 $
+ * $P4: //depot/projects/openpam/lib/pam_end.c#12 $
*/
#include <stdlib.h>
@@ -63,14 +63,14 @@
if (dp->cleanup)
(dp->cleanup)(pamh, dp->data, status);
pamh->module_data = dp->next;
- free(dp->name);
- free(dp);
+ FREE(dp->name);
+ FREE(dp);
}
/* clear environment */
while (pamh->env_count)
- free(pamh->env[--pamh->env_count]);
- free(pamh->env);
+ FREE(pamh->env[--pamh->env_count]);
+ FREE(pamh->env);
/* clear chains */
openpam_clear_chains(pamh->chains);
@@ -79,7 +79,7 @@
for (i = 0; i < PAM_NUM_ITEMS; ++i)
pam_set_item(pamh, i, NULL);
- free(pamh);
+ FREE(pamh);
RETURNC(PAM_SUCCESS);
}
==== //depot/projects/openpam/lib/pam_error.c#9 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/pam_error.c#8 $
+ * $P4: //depot/projects/openpam/lib/pam_error.c#9 $
*/
#include <stdarg.h>
@@ -41,6 +41,8 @@
#include <security/pam_appl.h>
#include <security/openpam.h>
+#include "openpam_impl.h"
+
/*
* OpenPAM extension
*
@@ -59,7 +61,7 @@
va_start(ap, fmt);
r = pam_vprompt(pamh, PAM_ERROR_MSG, &rsp, fmt, ap);
va_end(ap);
- free(rsp); /* ignore response */
+ FREE(rsp); /* ignore response */
return (r);
}
==== //depot/projects/openpam/lib/pam_get_authtok.c#23 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/pam_get_authtok.c#22 $
+ * $P4: //depot/projects/openpam/lib/pam_get_authtok.c#23 $
*/
#include <sys/param.h>
@@ -109,19 +109,19 @@
if (twice) {
r = pam_prompt(pamh, style, &resp2, "Retype %s", prompt);
if (r != PAM_SUCCESS) {
- free(resp);
+ FREE(resp);
RETURNC(r);
}
if (strcmp(resp, resp2) != 0) {
- free(resp);
+ FREE(resp);
resp = NULL;
}
- free(resp2);
+ FREE(resp2);
}
if (resp == NULL)
RETURNC(PAM_TRY_AGAIN);
r = pam_set_item(pamh, item, resp);
- free(resp);
+ FREE(resp);
if (r != PAM_SUCCESS)
RETURNC(r);
r = pam_get_item(pamh, item, (const void **)authtok);
==== //depot/projects/openpam/lib/pam_get_user.c#16 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/pam_get_user.c#15 $
+ * $P4: //depot/projects/openpam/lib/pam_get_user.c#16 $
*/
#include <sys/param.h>
@@ -75,7 +75,7 @@
if (r != PAM_SUCCESS)
RETURNC(r);
r = pam_set_item(pamh, PAM_USER, resp);
- free(resp);
+ FREE(resp);
if (r != PAM_SUCCESS)
RETURNC(r);
r = pam_get_item(pamh, PAM_USER, (const void **)user);
==== //depot/projects/openpam/lib/pam_getenvlist.c#11 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/pam_getenvlist.c#10 $
+ * $P4: //depot/projects/openpam/lib/pam_getenvlist.c#11 $
*/
#include <stdlib.h>
@@ -66,8 +66,8 @@
for (i = 0; i < pamh->env_count; ++i) {
if ((envlist[i] = strdup(pamh->env[i])) == NULL) {
while (i)
- free(envlist[--i]);
- free(envlist);
+ FREE(envlist[--i]);
+ FREE(envlist);
openpam_log(PAM_LOG_ERROR, "%s",
pam_strerror(pamh, PAM_BUF_ERR));
RETURNP(NULL);
==== //depot/projects/openpam/lib/pam_info.c#8 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/pam_info.c#7 $
+ * $P4: //depot/projects/openpam/lib/pam_info.c#8 $
*/
#include <stdarg.h>
@@ -41,6 +41,8 @@
#include <security/pam_appl.h>
#include <security/openpam.h>
+#include "openpam_impl.h"
+
/*
* OpenPAM extension
*
@@ -59,7 +61,7 @@
va_start(ap, fmt);
r = pam_vprompt(pamh, PAM_TEXT_INFO, &rsp, fmt, ap);
va_end(ap);
- free(rsp); /* ignore response */
+ FREE(rsp); /* ignore response */
return (r);
}
==== //depot/projects/openpam/lib/pam_putenv.c#10 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/pam_putenv.c#9 $
+ * $P4: //depot/projects/openpam/lib/pam_putenv.c#10 $
*/
#include <stdlib.h>
@@ -67,7 +67,7 @@
if ((i = openpam_findenv(pamh, namevalue, p - namevalue)) != -1) {
if ((p = strdup(namevalue)) == NULL)
RETURNC(PAM_BUF_ERR);
- free(pamh->env[i]);
+ FREE(pamh->env[i]);
pamh->env[i] = p;
RETURNC(PAM_SUCCESS);
}
==== //depot/projects/openpam/lib/pam_set_data.c#14 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/pam_set_data.c#13 $
+ * $P4: //depot/projects/openpam/lib/pam_set_data.c#14 $
*/
#include <stdlib.h>
@@ -73,7 +73,7 @@
if ((dp = malloc(sizeof *dp)) == NULL)
RETURNC(PAM_BUF_ERR);
if ((dp->name = strdup(module_data_name)) == NULL) {
- free(dp);
+ FREE(dp);
RETURNC(PAM_BUF_ERR);
}
dp->data = data;
==== //depot/projects/openpam/lib/pam_set_item.c#20 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/pam_set_item.c#19 $
+ * $P4: //depot/projects/openpam/lib/pam_set_item.c#20 $
*/
#include <sys/param.h>
@@ -90,7 +90,7 @@
}
if (*slot != NULL) {
memset(*slot, 0xd0, osize);
- free(*slot);
+ FREE(*slot);
}
if (item != NULL) {
if ((tmp = malloc(nsize)) == NULL)
==== //depot/projects/openpam/lib/pam_setenv.c#9 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/pam_setenv.c#8 $
+ * $P4: //depot/projects/openpam/lib/pam_setenv.c#9 $
*/
#include <stdlib.h>
@@ -75,7 +75,7 @@
RETURNC(PAM_BUF_ERR);
sprintf(env, "%s=%s", name, value);
r = pam_putenv(pamh, env);
- free(env);
+ FREE(env);
RETURNC(r);
}
==== //depot/projects/openpam/lib/pam_verror.c#7 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/pam_verror.c#6 $
+ * $P4: //depot/projects/openpam/lib/pam_verror.c#7 $
*/
#include <stdarg.h>
@@ -40,6 +40,8 @@
#include <security/pam_appl.h>
#include <security/openpam.h>
+#include "openpam_impl.h"
+
/*
* OpenPAM extension
*
@@ -55,7 +57,7 @@
int r;
r = pam_vprompt(pamh, PAM_ERROR_MSG, &rsp, fmt, ap);
- free(rsp); /* ignore response */
+ FREE(rsp); /* ignore response */
return (r);
}
==== //depot/projects/openpam/lib/pam_vinfo.c#7 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/pam_vinfo.c#6 $
+ * $P4: //depot/projects/openpam/lib/pam_vinfo.c#7 $
*/
#include <stdarg.h>
@@ -40,6 +40,8 @@
#include <security/pam_appl.h>
#include <security/openpam.h>
+#include "openpam_impl.h"
+
/*
* OpenPAM extension
*
@@ -55,7 +57,7 @@
int r;
r = pam_vprompt(pamh, PAM_TEXT_INFO, &rsp, fmt, ap);
- free(rsp); /* ignore response */
+ FREE(rsp); /* ignore response */
return (r);
}
==== //depot/projects/openpam/lib/pam_vprompt.c#11 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/pam_vprompt.c#10 $
+ * $P4: //depot/projects/openpam/lib/pam_vprompt.c#11 $
*/
#include <stdarg.h>
@@ -77,7 +77,7 @@
rsp = NULL;
r = (conv->conv)(1, &msgp, &rsp, conv->appdata_ptr);
*resp = rsp == NULL ? NULL : rsp->resp;
- free(rsp);
+ FREE(rsp);
RETURNC(r);
}
More information about the p4-projects
mailing list