85ad07
autofs-5.1.5 - use malloc(3) in spawn.c
85ad07
85ad07
From: Ian Kent <raven@themaw.net>
85ad07
85ad07
Use malloc(3) in spawn.c functions instead of alloca(3) as a failure
85ad07
return for this function is undefined.
85ad07
85ad07
Signed-off-by: Ian Kent <raven@themaw.net>
85ad07
---
85ad07
 CHANGELOG      |    1 +
85ad07
 daemon/spawn.c |   50 ++++++++++++++++++++++++++++++++++++++++++++------
85ad07
 2 files changed, 45 insertions(+), 6 deletions(-)
85ad07
85ad07
--- autofs-5.0.7.orig/CHANGELOG
85ad07
+++ autofs-5.0.7/CHANGELOG
85ad07
@@ -318,6 +318,7 @@
85ad07
 - add systemd service command line option.
85ad07
 - support strictexpire mount option.
85ad07
 - add NULL check for get_addr_string() return.
85ad07
+- use malloc(3) in spawn.c.
85ad07
 
85ad07
 25/07/2012 autofs-5.0.7
85ad07
 =======================
85ad07
--- autofs-5.0.7.orig/daemon/spawn.c
85ad07
+++ autofs-5.0.7/daemon/spawn.c
85ad07
@@ -500,22 +500,33 @@ int spawnv(unsigned logopt, const char *
85ad07
 int spawnl(unsigned logopt, const char *prog, ...)
85ad07
 {
85ad07
 	va_list arg;
85ad07
-	int argc;
85ad07
+	int argc, ret;
85ad07
 	char **argv, **p;
85ad07
+	unsigned int argv_len;
85ad07
 
85ad07
 	va_start(arg, prog);
85ad07
 	for (argc = 1; va_arg(arg, char *); argc++);
85ad07
 	va_end(arg);
85ad07
 
85ad07
-	if (!(argv = alloca(sizeof(char *) * argc)))
85ad07
+	argv_len = sizeof(char *) * (argc + 1);
85ad07
+	argv = malloc(argv_len);
85ad07
+	if (!argv) {
85ad07
+		char buf[MAX_ERR_BUF];
85ad07
+		char *estr = strerror_r(errno, buf, sizeof(buf));
85ad07
+		crit(logopt, "malloc: %s", estr);
85ad07
 		return -1;
85ad07
+	}
85ad07
+	memset(argv, 0, argv_len);
85ad07
 
85ad07
 	va_start(arg, prog);
85ad07
 	p = argv;
85ad07
 	while ((*p++ = va_arg(arg, char *)));
85ad07
 	va_end(arg);
85ad07
 
85ad07
-	return do_spawn(logopt, -1, SPAWN_OPT_NONE, prog, (const char **) argv);
85ad07
+	ret = do_spawn(logopt, -1, SPAWN_OPT_NONE, prog, (const char **) argv);
85ad07
+	free(argv);
85ad07
+
85ad07
+	return ret;
85ad07
 }
85ad07
 
85ad07
 int spawn_mount(unsigned logopt, ...)
85ad07
@@ -533,6 +544,7 @@ int spawn_mount(unsigned logopt, ...)
85ad07
 	int update_mtab = 1, ret, printed = 0;
85ad07
 	unsigned int wait = defaults_get_mount_wait();
85ad07
 	char buf[PATH_MAX + 1];
85ad07
+	unsigned int argv_len;
85ad07
 
85ad07
 	/* If we use mount locking we can't validate the location */
85ad07
 #ifdef ENABLE_MOUNT_LOCKING
85ad07
@@ -558,8 +570,15 @@ int spawn_mount(unsigned logopt, ...)
85ad07
 	}
85ad07
 
85ad07
 	/* Alloc 1 extra slot in case we need to use the "-f" option */
85ad07
-	if (!(argv = alloca(sizeof(char *) * (argc + 2))))
85ad07
+	argv_len = sizeof(char *) * (argc + 2);
85ad07
+	argv = malloc(argv_len);
85ad07
+	if (!argv) {
85ad07
+		char buf[MAX_ERR_BUF];
85ad07
+		char *estr = strerror_r(errno, buf, sizeof(buf));
85ad07
+		crit(logopt, "malloc: %s", estr);
85ad07
 		return -1;
85ad07
+	}
85ad07
+	memset(argv, 0, argv_len);
85ad07
 
85ad07
 	argv[0] = arg0;
85ad07
 
85ad07
@@ -634,6 +653,7 @@ int spawn_mount(unsigned logopt, ...)
85ad07
 		umount(argv[argc]);
85ad07
 		ret = MNT_FORCE_FAIL;
85ad07
 	}
85ad07
+	free(argv);
85ad07
 
85ad07
 	return ret;
85ad07
 }
85ad07
@@ -661,6 +681,7 @@ int spawn_bind_mount(unsigned logopt, ..
85ad07
 	unsigned int retries = MTAB_LOCK_RETRIES;
85ad07
 	int update_mtab = 1, ret, printed = 0;
85ad07
 	char buf[PATH_MAX + 1];
85ad07
+	unsigned int argv_len;
85ad07
 
85ad07
 	/* If we use mount locking we can't validate the location */
85ad07
 #ifdef ENABLE_MOUNT_LOCKING
85ad07
@@ -689,8 +710,15 @@ int spawn_bind_mount(unsigned logopt, ..
85ad07
 		}
85ad07
 	}
85ad07
 
85ad07
-	if (!(argv = alloca(sizeof(char *) * (argc + 2))))
85ad07
+	argv_len = sizeof(char *) * (argc + 2);
85ad07
+	argv = malloc(argv_len);
85ad07
+	if (!argv) {
85ad07
+		char buf[MAX_ERR_BUF];
85ad07
+		char *estr = strerror_r(errno, buf, sizeof(buf));
85ad07
+		crit(logopt, "malloc: %s", estr);
85ad07
 		return -1;
85ad07
+	}
85ad07
+	memset(argv, 0, argv_len);
85ad07
 
85ad07
 	argv[0] = arg0;
85ad07
 	argv[1] = bind;
85ad07
@@ -752,6 +780,7 @@ int spawn_bind_mount(unsigned logopt, ..
85ad07
 		umount(argv[argc]);
85ad07
 		ret = MNT_FORCE_FAIL;
85ad07
 	}
85ad07
+	free(argv);
85ad07
 
85ad07
 	return ret;
85ad07
 }
85ad07
@@ -769,6 +798,7 @@ int spawn_umount(unsigned logopt, ...)
85ad07
 	int update_mtab = 1, ret, printed = 0;
85ad07
 	unsigned int wait = defaults_get_umount_wait();
85ad07
 	char buf[PATH_MAX + 1];
85ad07
+	unsigned int argv_len;
85ad07
 
85ad07
 #ifdef ENABLE_MOUNT_LOCKING
85ad07
 	options = SPAWN_OPT_LOCK;
85ad07
@@ -792,8 +822,15 @@ int spawn_umount(unsigned logopt, ...)
85ad07
 		}
85ad07
 	}
85ad07
 
85ad07
-	if (!(argv = alloca(sizeof(char *) * argc + 1)))
85ad07
+	argv_len = sizeof(char *) * (argc + 1);
85ad07
+	argv = malloc(argv_len);
85ad07
+	if (!argv) {
85ad07
+		char buf[MAX_ERR_BUF];
85ad07
+		char *estr = strerror_r(errno, buf, sizeof(buf));
85ad07
+		crit(logopt, "malloc: %s", estr);
85ad07
 		return -1;
85ad07
+	}
85ad07
+	memset(argv, 0, argv_len);
85ad07
 
85ad07
 	argv[0] = arg0;
85ad07
 
85ad07
@@ -841,6 +878,7 @@ int spawn_umount(unsigned logopt, ...)
85ad07
 		     "and /etc/mtab will differ");
85ad07
 		ret = 0;
85ad07
 	}
85ad07
+	free(argv);
85ad07
 
85ad07
 	return ret;
85ad07
 }