From 7784f1a905cad5ad805195dcc3cba23ff206501c Mon Sep 17 00:00:00 2001 From: Drew DeVault Date: Thu, 15 Dec 2016 18:10:29 -0500 Subject: [PATCH] Handle allocation failures in security code Note that such errors are generally going to be fatal --- sway/commands.c | 3 +++ sway/commands/permit.c | 3 +++ sway/security.c | 20 ++++++++++++++++++-- 3 files changed, 24 insertions(+), 2 deletions(-) diff --git a/sway/commands.c b/sway/commands.c index 8d199467..c15cb00a 100644 --- a/sway/commands.c +++ b/sway/commands.c @@ -575,6 +575,9 @@ struct cmd_results *config_commands_command(char *exec) { } if (!policy) { policy = alloc_command_policy(cmd); + if (!policy) { + sway_abort("Unable to allocate security policy"); + } list_add(config->command_policies, policy); } policy->context = context; diff --git a/sway/commands/permit.c b/sway/commands/permit.c index 7a25e4ce..dee246d7 100644 --- a/sway/commands/permit.c +++ b/sway/commands/permit.c @@ -50,6 +50,9 @@ static struct feature_policy *get_policy(const char *name) { } if (!policy) { policy = alloc_feature_policy(name); + if (!policy) { + sway_abort("Unable to allocate security policy"); + } list_add(config->feature_policies, policy); } return policy; diff --git a/sway/security.c b/sway/security.c index 9cccd62e..41a3b94b 100644 --- a/sway/security.c +++ b/sway/security.c @@ -15,14 +15,28 @@ struct feature_policy *alloc_feature_policy(const char *program) { } struct feature_policy *policy = malloc(sizeof(struct feature_policy)); + if (!policy) { + return NULL; + } policy->program = strdup(program); + if (!policy->program) { + free(policy); + return NULL; + } policy->features = default_policy; return policy; } struct command_policy *alloc_command_policy(const char *command) { struct command_policy *policy = malloc(sizeof(struct command_policy)); + if (!policy) { + return NULL; + } policy->command = strdup(command); + if (!policy->command) { + free(policy); + return NULL; + } policy->context = 0; return policy; } @@ -35,12 +49,14 @@ enum secure_feature get_feature_policy(pid_t pid) { #endif int pathlen = snprintf(NULL, 0, fmt, pid); char *path = malloc(pathlen + 1); - snprintf(path, pathlen + 1, fmt, pid); + if (path) { + snprintf(path, pathlen + 1, fmt, pid); + } static char link[2048]; uint32_t default_policy = 0; - ssize_t len = readlink(path, link, sizeof(link)); + ssize_t len = !path ? -1 : readlink(path, link, sizeof(link)); if (len < 0) { sway_log(L_INFO, "WARNING: unable to read %s for security check. Using default policy.",