diff options
| author | Lennart Poettering <lennart@poettering.net> | 2021-10-13 12:38:37 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2021-10-14 15:57:52 +0200 |
| commit | 2f82562bad423d1190912a4b209647dfac966db2 (patch) | |
| tree | 766d61a085ee9674d8034351a83f64bcdf5d45bb /src/shared/dns-domain.c | |
| parent | journal: drop unnecessary +1 in newa() expression (diff) | |
| download | systemd-2f82562bad423d1190912a4b209647dfac966db2.tar.xz systemd-2f82562bad423d1190912a4b209647dfac966db2.zip | |
alloc-util: add strdupa_safe() + strndupa_safe() and use it everywhere
Let's define two helpers strdupa_safe() + strndupa_safe() which do the
same as their non-safe counterparts, except that they abort if called
with allocations larger than ALLOCA_MAX.
This should ensure that all our alloca() based allocations are subject
to this limit.
afaics glibc offers three alloca() based APIs: alloca() itself,
strndupa() + strdupa(). With this we have now replacements for all of
them, that take the limit into account.
Diffstat (limited to 'src/shared/dns-domain.c')
| -rw-r--r-- | src/shared/dns-domain.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/shared/dns-domain.c b/src/shared/dns-domain.c index 787bb8fec9..f54b187a1b 100644 --- a/src/shared/dns-domain.c +++ b/src/shared/dns-domain.c @@ -680,7 +680,7 @@ int dns_name_change_suffix(const char *name, const char *old_suffix, const char } /* Found it! Now generate the new name */ - prefix = strndupa(name, saved_before - name); + prefix = strndupa_safe(name, saved_before - name); r = dns_name_concat(prefix, new_suffix, 0, ret); if (r < 0) @@ -1028,7 +1028,7 @@ static bool dns_service_name_label_is_valid(const char *label, size_t n) { if (memchr(label, 0, n)) return false; - s = strndupa(label, n); + s = strndupa_safe(label, n); return dns_service_name_is_valid(s); } |