do not take ownership of any of the provided strings

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
sailfishos-mirror · Oct 9, 2014 · 93b3db9 · 93b3db9
1 parent a4d3ae2
commit 93b3db9
Show file tree

Hide file tree

Showing 5 changed files with 61 additions and 48 deletions.
diff --git a/http.c b/http.c
@@ -2184,7 +2184,7 @@ int process_proxy(struct openconnect_info *vpninfo, int ssl_sock)
 int openconnect_set_proxy_auth(struct openconnect_info *vpninfo, char *methods)
 {
 	int i, len;
-	char *p, *start = methods;
+	char *p;
 
 	for (i = 0; i < sizeof(auth_methods) / sizeof(auth_methods[0]); i++)
 		vpninfo->auth[auth_methods[i].state_index].state = AUTH_DISABLED;
@@ -2208,13 +2208,12 @@ int openconnect_set_proxy_auth(struct openconnect_info *vpninfo, char *methods)
 		methods = p;
 	}
 	vpninfo->authmethods_set = 1;
-	free(start);
 	return 0;
 }
 
 int openconnect_set_http_proxy(struct openconnect_info *vpninfo, char *proxy)
 {
-	char *url = proxy, *p;
+	char *url = strdup(proxy), *p;
 	int ret;
 
 	if (!url)

diff --git a/library.c b/library.c
@@ -120,18 +120,20 @@ int openconnect_set_reported_os(struct openconnect_info *vpninfo, const char *os
 	else
 		return -EINVAL;
 
-	vpninfo->platname = os;
+	STRDUP(vpninfo->platname, os);
 	return 0;
 }
 
-void openconnect_set_mobile_info(struct openconnect_info *vpninfo,
+int openconnect_set_mobile_info(struct openconnect_info *vpninfo,
 				 char *mobile_platform_version,
 				 char *mobile_device_type,
 				 char *mobile_device_uniqueid)
 {
-	vpninfo->mobile_platform_version = mobile_platform_version;
-	vpninfo->mobile_device_type = mobile_device_type;
-	vpninfo->mobile_device_uniqueid = mobile_device_uniqueid;
+	STRDUP(vpninfo->mobile_platform_version, mobile_platform_version);
+	STRDUP(vpninfo->mobile_device_type, mobile_device_type);
+	STRDUP(vpninfo->mobile_device_uniqueid, mobile_device_uniqueid);
+
+	return 0;
 }
 
 static void free_optlist(struct oc_vpn_option *opt)
@@ -257,28 +259,31 @@ char *openconnect_get_hostname(struct openconnect_info *vpninfo)
 	return vpninfo->unique_hostname?:vpninfo->hostname;
 }
 
-void openconnect_set_hostname(struct openconnect_info *vpninfo, char *hostname)
+int openconnect_set_hostname(struct openconnect_info *vpninfo, char *hostname)
 {
-	UTF8CHECK_VOID(hostname);
+	UTF8CHECK(hostname);
 
 	free(vpninfo->hostname);
-	vpninfo->hostname = hostname;
+	STRDUP(vpninfo->hostname, hostname);
 	free(vpninfo->unique_hostname);
 	vpninfo->unique_hostname = NULL;
 	free(vpninfo->peer_addr);
 	vpninfo->peer_addr = NULL;
+
+	return 0;
 }
 
 char *openconnect_get_urlpath(struct openconnect_info *vpninfo)
 {
 	return vpninfo->urlpath;
 }
 
-void openconnect_set_urlpath(struct openconnect_info *vpninfo, char *urlpath)
+int openconnect_set_urlpath(struct openconnect_info *vpninfo, char *urlpath)
 {
-	UTF8CHECK_VOID(urlpath);
+	UTF8CHECK(urlpath);
 
-	vpninfo->urlpath = urlpath;
+	STRDUP(vpninfo->urlpath, urlpath);
+	return 0;
 }
 
 void openconnect_set_xmlsha1(struct openconnect_info *vpninfo, const char *xmlsha1, int size)
@@ -289,16 +294,18 @@ void openconnect_set_xmlsha1(struct openconnect_info *vpninfo, const char *xmlsh
 	memcpy(&vpninfo->xmlsha1, xmlsha1, size);
 }
 
-void openconnect_set_cafile(struct openconnect_info *vpninfo, char *cafile)
+int openconnect_set_cafile(struct openconnect_info *vpninfo, char *cafile)
 {
-	UTF8CHECK_VOID(cafile);
+	UTF8CHECK(cafile);
 
-	vpninfo->cafile = cafile;
+	STRDUP(vpninfo->cafile, cafile);
+	return 0;
 }
 
-void openconnect_set_server_cert_sha1(struct openconnect_info *vpninfo, char *servercert)
+int openconnect_set_server_cert_sha1(struct openconnect_info *vpninfo, char *servercert)
 {
-	vpninfo->servercert = servercert;
+	STRDUP(vpninfo->servercert, servercert);
+	return 0;
 }
 
 const char *openconnect_get_ifname(struct openconnect_info *vpninfo)
@@ -334,28 +341,34 @@ int openconnect_get_ip_info(struct openconnect_info *vpninfo,
 	return 0;
 }
 
-void openconnect_setup_csd(struct openconnect_info *vpninfo, uid_t uid, int silent, char *wrapper)
+int openconnect_setup_csd(struct openconnect_info *vpninfo, uid_t uid, int silent, char *wrapper)
 {
 	vpninfo->uid_csd = uid;
 	vpninfo->uid_csd_given = silent ? 2 : 1;
-	vpninfo->csd_wrapper = wrapper;
+	STRDUP(vpninfo->csd_wrapper, wrapper);
+
+	return 0;
 }
 
 void openconnect_set_xmlpost(struct openconnect_info *vpninfo, int enable)
 {
 	vpninfo->xmlpost = enable;
 }
 
-void openconnect_set_client_cert(struct openconnect_info *vpninfo, char *cert, char *sslkey)
+int openconnect_set_client_cert(struct openconnect_info *vpninfo, char *cert, char *sslkey)
 {
-	UTF8CHECK_VOID(cert);
-	UTF8CHECK_VOID(sslkey);
+	UTF8CHECK(cert);
+	UTF8CHECK(sslkey);
 
-	vpninfo->cert = cert;
-	if (sslkey)
-		vpninfo->sslkey = sslkey;
-	else
-		vpninfo->sslkey = cert;
+	STRDUP(vpninfo->cert, cert);
+
+	if (sslkey) {
+		STRDUP(vpninfo->sslkey, sslkey);
+	} else {
+		vpninfo->sslkey = vpninfo->cert;
+	}
+
+	return 0;
 }
 
 OPENCONNECT_X509 *openconnect_get_peer_cert(struct openconnect_info *vpninfo)
@@ -620,8 +633,8 @@ int openconnect_setup_tun_device(struct openconnect_info *vpninfo, char *vpnc_sc
 	UTF8CHECK(vpnc_script);
 	UTF8CHECK(ifname);
 
-	vpninfo->vpnc_script = vpnc_script;
-	vpninfo->ifname = ifname;
+	STRDUP(vpninfo->vpnc_script, vpnc_script);
+	STRDUP(vpninfo->ifname, ifname);
 
 	set_script_env(vpninfo);
 	script_config_tun(vpninfo, "pre-init");

diff --git a/openconnect-internal.h b/openconnect-internal.h
@@ -716,6 +716,12 @@ int digest_authorization(struct openconnect_info *vpninfo, struct oc_text_buf *b
 /* version.c */
 extern const char *openconnect_version_str;
 
+#define STRDUP(res, arg) \
+	if (arg) { \
+		res = strdup(arg); \
+		if (res == NULL) return -ENOMEM; \
+	} else res = NULL
+
 #define UTF8CHECK(arg) \
 	if ((arg) && buf_append_utf16le(NULL, (arg))) { \
 		vpn_progress(vpninfo, PRG_ERR,				\

diff --git a/openconnect.h b/openconnect.h
@@ -267,9 +267,8 @@ typedef enum {
    appropriate to do so. Library functions may (but probably don't yet)
    return -EILSEQ if passed invalid UTF-8 strings. */
 
-/* Unless otherwise specified, all functions which set strings will take
-   ownership of those strings and the library will free them later in
-   openconnect_vpninfo_free() */
+/* Unlike previous versions of openconnect, no functions will take ownership
+   of the provided strings. */
 
 
 /* The buffer 'buf' must be at least 41 bytes. It will receive a hex string
@@ -292,9 +291,9 @@ int openconnect_obtain_cookie(struct openconnect_info *vpninfo);
 void openconnect_init_ssl(void);
 
 char *openconnect_get_hostname(struct openconnect_info *);
-void openconnect_set_hostname(struct openconnect_info *, char *);
+int openconnect_set_hostname(struct openconnect_info *, char *);
 char *openconnect_get_urlpath(struct openconnect_info *);
-void openconnect_set_urlpath(struct openconnect_info *, char *);
+int openconnect_set_urlpath(struct openconnect_info *, char *);
 
 /* Some software tokens, such as HOTP tokens, include a counter which
  * needs to be stored in persistent storage.
@@ -318,34 +317,30 @@ int openconnect_set_token_callbacks(struct openconnect_info *, void *tokdata,
 				    openconnect_lock_token_vfn,
 				    openconnect_unlock_token_vfn);
 
-/* These functions do *not* take ownership of the string; it is parsed
-   and then discarded. */
 int openconnect_set_token_mode(struct openconnect_info *,
 			       oc_token_mode_t, const char *token_str);
 /* Legacy stoken-only function; do not use */
 int openconnect_set_stoken_mode(struct openconnect_info *, int, const char *);
 
-/* This function does *not* take ownership of the string; it's copied
-   into a static buffer in the vpninfo. The size must be 41 bytes,
-   since that's the size of a 20-byte SHA1 represented as hex with
-   a trailing NUL. */
+/* The size must be 41 bytes, since that's the size of a 20-byte SHA1
+   represented as hex with a trailing NUL. */
 void openconnect_set_xmlsha1(struct openconnect_info *, const char *, int size);
 
-void openconnect_set_cafile(struct openconnect_info *, char *);
-void openconnect_setup_csd(struct openconnect_info *, uid_t, int silent, char *wrapper);
+int openconnect_set_cafile(struct openconnect_info *, char *);
+int openconnect_setup_csd(struct openconnect_info *, uid_t, int silent, char *wrapper);
 void openconnect_set_xmlpost(struct openconnect_info *, int enable);
 
 /* Valid choices are: "linux", "linux-64", "win", "mac-intel",
    "android", and "apple-ios". This also selects the corresponding CSD
    trojan binary. */
 int openconnect_set_reported_os(struct openconnect_info *, const char *os);
 
-void openconnect_set_mobile_info(struct openconnect_info *vpninfo,
+int openconnect_set_mobile_info(struct openconnect_info *vpninfo,
 				 char *mobile_platform_version,
 				 char *mobile_device_type,
 				 char *mobile_device_uniqueid);
-void openconnect_set_client_cert(struct openconnect_info *, char *cert, char *sslkey);
-void openconnect_set_server_cert_sha1(struct openconnect_info *, char *);
+int openconnect_set_client_cert(struct openconnect_info *, char *cert, char *sslkey);
+int openconnect_set_server_cert_sha1(struct openconnect_info *, char *);
 const char *openconnect_get_ifname(struct openconnect_info *);
 void openconnect_set_reqmtu(struct openconnect_info *, int reqmtu);
 void openconnect_set_dpd(struct openconnect_info *, int min_seconds);

diff --git a/tun.c b/tun.c
@@ -361,7 +361,7 @@ int openconnect_setup_tun_script(struct openconnect_info *vpninfo, char *tun_scr
 	pid_t child;
 	int fds[2];
 
-	vpninfo->vpnc_script = tun_script;
+	STRDUP(vpninfo->vpnc_script, tun_script);
 	vpninfo->script_tun = 1;
 
 	set_script_env(vpninfo);