:: Re: [DNG] Nasty Linux systemd secur…
Forside
Slet denne besked
Besvar denne besked
Skribent: Alessandro Vesely
Dato:  
Til: dng
Emne: Re: [DNG] Nasty Linux systemd security bug revealed
On Thu 12/Aug/2021 13:12:29 +0200 Aitor wrote:
> On 31/7/21 11:20, aitor wrote:
>>
>> Sometimes I use the following buffer struct for dynamic allocation:
>>
>> https://gitea.devuan.dev/aitor_czr/libnetaid/src/branch/master/backend_src/sbuf.c



I guess we all ended up developing something similar. My take:
http://www.tana.it/svn/zdkimfilter/trunk/src/cstring.h
http://www.tana.it/svn/zdkimfilter/trunk/src/cstring.c

It's harsh as it assumes the caller _always_ checks return code. The functions don't check for NULL on entry (albeit they often assert() it, a passage usually not compiled in production code.) Non-nullness has to be checked by the caller, for example (from zaggregate.c in the same package):

     if (to_header)
     {
         to_header = cstr_printf(to_header, "%s %s",
             n_addr == 0? "To:": ",", dom->addr[i].addr);
         if (to_header && dom->addr[i].limit != UINT64_MAX)
             to_header = cstr_printf(to_header, " (limit=%" PRIu64 ")",
                 dom->addr[i].limit);
         ++n_addr;
     }



Best
Ale
--