Use safer allocation macros

Use of these macros, apart from the benefits mentioned in the commit that adds the macros, has some other good side effects: - Consistency in getting the size of the object from sizeof(type), instead of a mix of sizeof(type) sometimes and sizeof(*p) other times. - More readable code: no casts, and no sizeof(), so also shorter lines that we don't need to cut. - Consistency in using array allocation calls for allocations of arrays of objects, even when the object size is 1. Cc: Valentin V. Bartenev <vbartenev@gmail.com> Signed-off-by: Alejandro Colomar <alx@kernel.org>
shadow-maint · Feb 24, 2023 · efbbcad · efbbcad
1 parent 6e58c12
commit efbbcad
Show file tree

Hide file tree

Showing 44 changed files with 196 additions and 118 deletions.
diff --git a/lib/commonio.c b/lib/commonio.c
@@ -21,6 +21,8 @@
 #include <errno.h>
 #include <stdio.h>
 #include <signal.h>
+
+#include "alloc.h"
 #include "nscd.h"
 #include "sssd.h"
 #ifdef WITH_TCB
@@ -240,11 +242,11 @@ int commonio_lock_nowait (struct commonio_db *db, bool log)
 	}
 	file_len = strlen(db->filename) + 11;/* %lu max size */
 	lock_file_len = strlen(db->filename) + 6; /* sizeof ".lock" */
-	file = (char*)malloc(file_len);
+	file = MALLOCARRAY(file_len, char);
 	if (file == NULL) {
 		goto cleanup_ENOMEM;
 	}
-	lock = (char*)malloc(lock_file_len);
+	lock = MALLOCARRAY(lock_file_len, char);
 	if (lock == NULL) {
 		goto cleanup_ENOMEM;
 	}
@@ -513,7 +515,7 @@ int commonio_open (struct commonio_db *db, int mode)
 	fcntl (fileno (db->fp), F_SETFD, FD_CLOEXEC);
 
 	buflen = BUFLEN;
-	buf = (char *) malloc (buflen);
+	buf = MALLOCARRAY (buflen, char);
 	if (NULL == buf) {
 		goto cleanup_ENOMEM;
 	}
@@ -524,7 +526,7 @@ int commonio_open (struct commonio_db *db, int mode)
 			size_t len;
 
 			buflen += BUFLEN;
-			cp = (char *) realloc (buf, buflen);
+			cp = REALLOCARRAY (buf, buflen, char);
 			if (NULL == cp) {
 				goto cleanup_buf;
 			}
@@ -558,7 +560,7 @@ int commonio_open (struct commonio_db *db, int mode)
 			}
 		}
 
-		p = (struct commonio_entry *) malloc (sizeof *p);
+		p = MALLOC (struct commonio_entry);
 		if (NULL == p) {
 			goto cleanup_entry;
 		}
@@ -635,7 +637,7 @@ commonio_sort (struct commonio_db *db, int (*cmp) (const void *, const void *))
 		return 0;
 	}
 
-	entries = mallocarray (n, sizeof (struct commonio_entry *));
+	entries = MALLOCARRAY (n, struct commonio_entry *);
 	if (entries == NULL) {
 		return -1;
 	}
@@ -954,7 +956,7 @@ int commonio_update (struct commonio_db *db, const void *eptr)
 		return 1;
 	}
 	/* not found, new entry */
-	p = (struct commonio_entry *) malloc (sizeof *p);
+	p = MALLOC (struct commonio_entry);
 	if (NULL == p) {
 		db->ops->free (nentry);
 		errno = ENOMEM;
@@ -991,7 +993,7 @@ int commonio_append (struct commonio_db *db, const void *eptr)
 		return 0;
 	}
 	/* new entry */
-	p = (struct commonio_entry *) malloc (sizeof *p);
+	p = MALLOC (struct commonio_entry);
 	if (NULL == p) {
 		db->ops->free (nentry);
 		errno = ENOMEM;

diff --git a/lib/getdef.c b/lib/getdef.c
@@ -21,8 +21,11 @@
 #ifdef USE_ECONF
 #include <libeconf.h>
 #endif
+
+#include "alloc.h"
 #include "getdef.h"
 #include "shadowlog_internal.h"
+
 /*
  * A configuration item definition.
  */
@@ -445,14 +448,14 @@ void setdef_config_file (const char* file)
 	char* cp;
 
 	len = strlen(file) + strlen(sysconfdir) + 2;
-	cp = malloc(len);
+	cp = MALLOCARRAY(len, char);
 	if (cp == NULL)
 		exit (13);
 	snprintf(cp, len, "%s/%s", file, sysconfdir);
 	sysconfdir = cp;
 #ifdef VENDORDIR
 	len = strlen(file) + strlen(vendordir) + 2;
-	cp = malloc(len);
+	cp = MALLOCARRAY(len, char);
 	if (cp == NULL)
 		exit (13);
 	snprintf(cp, len, "%s/%s", file, vendordir);

diff --git a/lib/groupio.c b/lib/groupio.c
@@ -15,6 +15,7 @@
 #include <assert.h>
 #include <stdio.h>
 
+#include "alloc.h"
 #include "prototypes.h"
 #include "defines.h"
 #include "commonio.h"
@@ -311,7 +312,7 @@ static /*@null@*/struct commonio_entry *merge_group_entries (
 
 	/* Concatenate the 2 lines */
 	new_line_len = strlen (gr1->line) + strlen (gr2->line) +1;
-	new_line = (char *)malloc (new_line_len + 1);
+	new_line = MALLOCARRAY (new_line_len + 1, char);
 	if (NULL == new_line) {
 		return NULL;
 	}
@@ -332,7 +333,7 @@ static /*@null@*/struct commonio_entry *merge_group_entries (
 			members++;
 		}
 	}
-	new_members = (char **)calloc ( (members+1), sizeof(char*) );
+	new_members = CALLOC (members + 1, char *);
 	if (NULL == new_members) {
 		free (new_line);
 		return NULL;
@@ -393,7 +394,7 @@ static int split_groups (unsigned int max_members)
 			continue;
 		}
 
-		new = (struct commonio_entry *) malloc (sizeof *new);
+		new = MALLOC (struct commonio_entry);
 		if (NULL == new) {
 			return 0;
 		}

diff --git a/lib/groupmem.c b/lib/groupmem.c
@@ -12,6 +12,7 @@
 
 #ident "$Id$"
 
+#include "alloc.h"
 #include "prototypes.h"
 #include "defines.h"
 #include "groupio.h"
@@ -21,7 +22,7 @@
 	struct group *gr;
 	int i;
 
-	gr = (struct group *) malloc (sizeof *gr);
+	gr = MALLOC (struct group);
 	if (NULL == gr) {
 		return NULL;
 	}
@@ -46,7 +47,7 @@
 	for (i = 0; grent->gr_mem[i]; i++);
 
 	/*@-mustfreeonly@*/
-	gr->gr_mem = (char **) mallocarray (i + 1, sizeof (char *));
+	gr->gr_mem = MALLOCARRAY (i + 1, char *);
 	/*@=mustfreeonly@*/
 	if (NULL == gr->gr_mem) {
 		gr_free(gr);

diff --git a/lib/gshadow.c b/lib/gshadow.c
@@ -16,8 +16,11 @@
 
 #include <stdio.h>
 #include <string.h>
+
+#include "alloc.h"
 #include "prototypes.h"
 #include "defines.h"
+
 static /*@null@*/FILE *shadow;
 static /*@null@*//*@only@*/char **members = NULL;
 static size_t nmembers = 0;
@@ -63,7 +66,7 @@ static /*@null@*/char **build_list (char *s, char **list[], size_t * nlist)
 
 	while (s != NULL && *s != '\0') {
 		size = (nelem + 1) * sizeof (ptr);
-		ptr = realloc (*list, size);
+		ptr = REALLOCARRAY (*list, size, char *);
 		if (NULL != ptr) {
 			ptr[nelem] = s;
 			nelem++;
@@ -77,7 +80,7 @@ static /*@null@*/char **build_list (char *s, char **list[], size_t * nlist)
 		}
 	}
 	size = (nelem + 1) * sizeof (ptr);
-	ptr = realloc (*list, size);
+	ptr = REALLOCARRAY (*list, size, char *);
 	if (NULL != ptr) {
 		ptr[nelem] = NULL;
 		*list = ptr;
@@ -117,7 +120,7 @@ void endsgent (void)
 	size_t len = strlen (string) + 1;
 
 	if (len > sgrbuflen) {
-		char *buf = (char *) reallocarray (sgrbuf, len, sizeof (char));
+		char *buf = REALLOCARRAY (sgrbuf, len, char);
 		if (NULL == buf) {
 			return NULL;
 		}
@@ -195,7 +198,7 @@ void endsgent (void)
 	char *cp;
 
 	if (0 == buflen) {
-		buf = (char *) malloc (BUFSIZ);
+		buf = MALLOCARRAY (BUFSIZ, char);
 		if (NULL == buf) {
 			return NULL;
 		}
@@ -216,7 +219,7 @@ void endsgent (void)
 		       && (feof (fp) == 0)) {
 			size_t len;
 
-			cp = (char *) realloc (buf, buflen*2);
+			cp = REALLOCARRAY (buf, buflen * 2, char);
 			if (NULL == cp) {
 				return NULL;
 			}
@@ -437,7 +440,7 @@ int putsgent (const struct sgrp *sgrp, FILE * fp)
 		size += strlen (sgrp->sg_mem[i]) + 1;
 	}
 
-	buf = malloc (size);
+	buf = MALLOCARRAY (size, char);
 	if (NULL == buf) {
 		return -1;
 	}

diff --git a/lib/nss.c b/lib/nss.c
@@ -6,6 +6,8 @@
 #include <strings.h>
 #include <ctype.h>
 #include <stdatomic.h>
+
+#include "alloc.h"
 #include "prototypes.h"
 #include "../libsubid/subid.h"
 #include "shadowlog_internal.h"
@@ -100,7 +102,7 @@ void nss_init(const char *nsswitch_path) {
 				subid_nss = NULL;
 				goto done;
 			}
-			subid_nss = malloc(sizeof(*subid_nss));
+			subid_nss = MALLOC(struct subid_nss_ops);
 			if (!subid_nss) {
 				dlclose(h);
 				goto done;

diff --git a/lib/pwmem.c b/lib/pwmem.c
@@ -13,6 +13,8 @@
 #ident "$Id$"
 
 #include <stdio.h>
+
+#include "alloc.h"
 #include "defines.h"
 #include "prototypes.h"
 #include "pwio.h"
@@ -21,7 +23,7 @@
 {
 	struct passwd *pw;
 
-	pw = (struct passwd *) calloc (1, sizeof *pw);
+	pw = CALLOC (1, struct passwd);
 	if (NULL == pw) {
 		return NULL;
 	}

diff --git a/lib/run_part.c b/lib/run_part.c
@@ -8,6 +8,8 @@
 #include <sys/wait.h>
 #include <unistd.h>
 #include <lib/prototypes.h>
+
+#include "alloc.h"
 #include "run_part.h"
 #include "shadowlog_internal.h"
 
@@ -57,7 +59,7 @@ int run_parts (const char *directory, const char *name, const char *action)
 		struct stat sb;
 
 		path_length=strlen(directory) + strlen(namelist[n]->d_name) + 2;
-		char *s = (char*)malloc(path_length);
+		char *s = MALLOCARRAY(path_length, char);
 		if (!s) {
 			printf ("could not allocate memory\n");
 			for (; n<scanlist; n++) {

diff --git a/lib/sgetgrent.c b/lib/sgetgrent.c
@@ -14,6 +14,8 @@
 #include <stdio.h>
 #include <sys/types.h>
 #include <grp.h>
+
+#include "alloc.h"
 #include "defines.h"
 #include "prototypes.h"
 
@@ -44,7 +46,7 @@ static char **list (char *s)
 		   member name, or terminating NULL).  */
 		if (i >= size) {
 			size = i + 100;	/* at least: i + 1 */
-			members = reallocarrayf (members, size, sizeof(char *));
+			members = REALLOCARRAYF(members, size, char *);
 			if (!members)
 				return NULL;
 		}
@@ -77,7 +79,7 @@ struct group *sgetgrent (const char *buf)
 		   allocate a larger block */
 		free (grpbuf);
 		size = strlen (buf) + 1000;	/* at least: strlen(buf) + 1 */
-		grpbuf = malloc (size);
+		grpbuf = MALLOCARRAY (size, char);
 		if (grpbuf == NULL) {
 			size = 0;
 			return NULL;

diff --git a/lib/sgroupio.c b/lib/sgroupio.c
@@ -14,6 +14,7 @@
 
 #ident "$Id$"
 
+#include "alloc.h"
 #include "prototypes.h"
 #include "defines.h"
 #include "commonio.h"
@@ -25,7 +26,7 @@
 	struct sgrp *sg;
 	int i;
 
-	sg = (struct sgrp *) calloc (1, sizeof *sg);
+	sg = CALLOC (1, struct sgrp);
 	if (NULL == sg) {
 		return NULL;
 	}
@@ -49,7 +50,7 @@
 
 	for (i = 0; NULL != sgent->sg_adm[i]; i++);
 	/*@-mustfreeonly@*/
-	sg->sg_adm = (char **) mallocarray (i + 1, sizeof (char *));
+	sg->sg_adm = MALLOCARRAY (i + 1, char *);
 	/*@=mustfreeonly@*/
 	if (NULL == sg->sg_adm) {
 		free (sg->sg_passwd);
@@ -74,7 +75,7 @@
 
 	for (i = 0; NULL != sgent->sg_mem[i]; i++);
 	/*@-mustfreeonly@*/
-	sg->sg_mem = (char **) mallocarray (i + 1, sizeof (char *));
+	sg->sg_mem = MALLOCARRAY (i + 1, char *);
 	/*@=mustfreeonly@*/
 	if (NULL == sg->sg_mem) {
 		for (i = 0; NULL != sg->sg_adm[i]; i++) {

diff --git a/lib/shadowmem.c b/lib/shadowmem.c
@@ -16,13 +16,15 @@
 #include "defines.h"
 #include <shadow.h>
 #include <stdio.h>
+
+#include "alloc.h"
 #include "shadowio.h"
 
 /*@null@*/ /*@only@*/struct spwd *__spw_dup (const struct spwd *spent)
 {
 	struct spwd *sp;
 
-	sp = (struct spwd *) calloc (1, sizeof *sp);
+	sp = CALLOC (1, struct spwd);
 	if (NULL == sp) {
 		return NULL;
 	}

diff --git a/lib/sssd.c b/lib/sssd.c
@@ -6,6 +6,8 @@
 #include <stdio.h>
 #include <sys/wait.h>
 #include <sys/types.h>
+
+#include "alloc.h"
 #include "exitcodes.h"
 #include "defines.h"
 #include "prototypes.h"
@@ -24,7 +26,7 @@ int sssd_flush_cache (int dbflags)
 	const char *spawnedEnv[] = {NULL};
 	int i = 0;
 
-	sss_cache_args = malloc(4);
+	sss_cache_args = MALLOCARRAY(4, char);
 	if (sss_cache_args == NULL) {
 	    return -1;
 	}