[Asterisk-code-review] Fix ast (v)asprintf() malloc failure usage conditions. (asterisk[master])
Joshua Colp
asteriskteam at digium.com
Tue Nov 7 07:18:15 CST 2017
Joshua Colp has submitted this change and it was merged. ( https://gerrit.asterisk.org/7015 )
Change subject: Fix ast_(v)asprintf() malloc failure usage conditions.
......................................................................
Fix ast_(v)asprintf() malloc failure usage conditions.
When (v)asprintf() fails, the state of the allocated buffer is undefined.
The library had better not leave an allocated buffer as a result or no one
will know to free it. The most likely way it can return failure is for an
allocation failure. If the printf conversion fails then you actually have
a threading problem which is much worse because another thread modified
the parameter values.
* Made __ast_asprintf()/__ast_vasprintf() set the returned buffer to NULL
on failure. That is much more useful than either an uninitialized pointer
or a pointer that has already been freed. Many uses won't have to check
for failure to ensure that the buffer won't be double freed or prevent an
attempt to free an uninitialized pointer.
* stasis.c: Fixed memory leak in multi_object_blob_to_ami() allocated by
ast_asprintf().
* ari/resource_bridges.c:ari_bridges_play_helper(): Remove assignment to
the wrong thing which is now not needed even if assigning to the right
thing.
Change-Id: Ib5252fb8850ecf0f78ed0ee2ca0796bda7e91c23
---
M apps/app_mixmonitor.c
M bridges/bridge_softmix.c
M include/asterisk/utils.h
M main/db.c
M main/json.c
M main/stasis.c
M main/utils.c
M res/ari/resource_bridges.c
M res/res_xmpp.c
9 files changed, 31 insertions(+), 13 deletions(-)
Approvals:
Corey Farrell: Looks good to me, but someone else must approve
Sean Bright: Looks good to me, but someone else must approve
Joshua Colp: Looks good to me, approved; Approved for Submit
diff --git a/apps/app_mixmonitor.c b/apps/app_mixmonitor.c
index 2922e0c..bb47cfc 100644
--- a/apps/app_mixmonitor.c
+++ b/apps/app_mixmonitor.c
@@ -813,6 +813,8 @@
if (ast_asprintf(datastore_id, "%p", mixmonitor_ds) == -1) {
ast_log(LOG_ERROR, "Failed to allocate memory for MixMonitor ID.\n");
+ ast_free(mixmonitor_ds);
+ return -1;
}
ast_mutex_init(&mixmonitor_ds->lock);
diff --git a/bridges/bridge_softmix.c b/bridges/bridge_softmix.c
index 9197df6..f490967 100644
--- a/bridges/bridge_softmix.c
+++ b/bridges/bridge_softmix.c
@@ -502,7 +502,6 @@
if (ast_asprintf(&stream_clone_name, "%s_%s_%s", SOFTBRIDGE_VIDEO_DEST_PREFIX,
channel_name, ast_stream_get_name(stream)) < 0) {
- ast_free(stream_clone_name);
return -1;
}
diff --git a/include/asterisk/utils.h b/include/asterisk/utils.h
index 423d73b..0a12b1d 100644
--- a/include/asterisk/utils.h
+++ b/include/asterisk/utils.h
@@ -622,7 +622,13 @@
DEBUG_CHAOS_RETURN(DEBUG_CHAOS_ALLOC_CHANCE, -1);
- if ((res = vasprintf(ret, fmt, ap)) == -1) {
+ res = vasprintf(ret, fmt, ap);
+ if (res < 0) {
+ /*
+ * *ret is undefined so set to NULL to ensure it is
+ * initialized to something useful.
+ */
+ *ret = NULL;
MALLOC_FAILURE_MSG;
}
diff --git a/main/db.c b/main/db.c
index 9432435..fa125d7 100644
--- a/main/db.c
+++ b/main/db.c
@@ -191,9 +191,11 @@
char *cmd;
int res;
- ast_asprintf(&cmd, "%s/astdb2sqlite3 '%s'\n", ast_config_AST_SBIN_DIR, ast_config_AST_DB);
- res = ast_safe_system(cmd);
- ast_free(cmd);
+ res = ast_asprintf(&cmd, "%s/astdb2sqlite3 '%s'\n", ast_config_AST_SBIN_DIR, ast_config_AST_DB);
+ if (0 <= res) {
+ res = ast_safe_system(cmd);
+ ast_free(cmd);
+ }
return res;
}
diff --git a/main/json.c b/main/json.c
index 9004978..56df7f4 100644
--- a/main/json.c
+++ b/main/json.c
@@ -460,7 +460,7 @@
if (format) {
int err = ast_vasprintf(&str, format, args);
- if (err > 0) {
+ if (err >= 0) {
ret = json_string(str);
ast_free(str);
}
diff --git a/main/stasis.c b/main/stasis.c
index a82e938..6dc5dbf 100644
--- a/main/stasis.c
+++ b/main/stasis.c
@@ -1342,7 +1342,7 @@
for (type = 0; type < STASIS_UMOS_MAX; ++type) {
for (i = 0; i < AST_VECTOR_SIZE(&multi->snapshots[type]); ++i) {
- char *name = "";
+ char *name = NULL;
void *snapshot = AST_VECTOR_GET(&multi->snapshots[type], i);
ami_snapshot = NULL;
@@ -1352,11 +1352,11 @@
switch (type) {
case STASIS_UMOS_CHANNEL:
- ami_snapshot = ast_manager_build_channel_state_string_prefix(snapshot, name);
+ ami_snapshot = ast_manager_build_channel_state_string_prefix(snapshot, name ?: "");
break;
case STASIS_UMOS_BRIDGE:
- ami_snapshot = ast_manager_build_bridge_state_string_prefix(snapshot, name);
+ ami_snapshot = ast_manager_build_bridge_state_string_prefix(snapshot, name ?: "");
break;
case STASIS_UMOS_ENDPOINT:
@@ -1367,6 +1367,7 @@
ast_str_append(&ami_str, 0, "%s", ast_str_buffer(ami_snapshot));
ast_free(ami_snapshot);
}
+ ast_free(name);
}
}
diff --git a/main/utils.c b/main/utils.c
index a73bf9d..c553207 100644
--- a/main/utils.c
+++ b/main/utils.c
@@ -2340,7 +2340,13 @@
va_list ap;
va_start(ap, fmt);
- if ((res = vasprintf(ret, fmt, ap)) == -1) {
+ res = vasprintf(ret, fmt, ap);
+ if (res < 0) {
+ /*
+ * *ret is undefined so set to NULL to ensure it is
+ * initialized to something useful.
+ */
+ *ret = NULL;
MALLOC_FAILURE_MSG;
}
va_end(ap);
diff --git a/res/ari/resource_bridges.c b/res/ari/resource_bridges.c
index aab78ce..cd289aa 100644
--- a/res/ari/resource_bridges.c
+++ b/res/ari/resource_bridges.c
@@ -392,7 +392,6 @@
if (ast_asprintf(playback_url, "/playbacks/%s",
stasis_app_playback_get_id(playback)) == -1) {
- playback_url = NULL;
ast_ari_response_alloc_failed(response);
return -1;
}
diff --git a/res/res_xmpp.c b/res/res_xmpp.c
index 8a06a6c..f683557 100644
--- a/res/res_xmpp.c
+++ b/res/res_xmpp.c
@@ -3909,8 +3909,11 @@
struct ast_json_error error;
RAII_VAR(struct ast_json *, jobj, NULL, ast_json_unref);
- ast_asprintf(&cmd, "CURL(%s,client_id=%s&client_secret=%s&refresh_token=%s&grant_type=refresh_token)",
- url, cfg->oauth_clientid, cfg->oauth_secret, cfg->refresh_token);
+ if (ast_asprintf(&cmd,
+ "CURL(%s,client_id=%s&client_secret=%s&refresh_token=%s&grant_type=refresh_token)",
+ url, cfg->oauth_clientid, cfg->oauth_secret, cfg->refresh_token) < 0) {
+ return -1;
+ }
ast_debug(2, "Performing OAuth 2.0 authentication for client '%s' using command: %s\n",
cfg->name, cmd);
--
To view, visit https://gerrit.asterisk.org/7015
To unsubscribe, visit https://gerrit.asterisk.org/settings
Gerrit-Project: asterisk
Gerrit-Branch: master
Gerrit-MessageType: merged
Gerrit-Change-Id: Ib5252fb8850ecf0f78ed0ee2ca0796bda7e91c23
Gerrit-Change-Number: 7015
Gerrit-PatchSet: 1
Gerrit-Owner: Richard Mudgett <rmudgett at digium.com>
Gerrit-Reviewer: Corey Farrell <git at cfware.com>
Gerrit-Reviewer: Jenkins2
Gerrit-Reviewer: Joshua Colp <jcolp at digium.com>
Gerrit-Reviewer: Sean Bright <sean.bright at gmail.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20171107/3fe73ec3/attachment-0001.html>
More information about the asterisk-code-review
mailing list