Directly use strdup()
commit 0edaf3361d
replaced several
malloc()+strcpy() sequences with memset()+strncpy() using strlen().
This doesn't improve security and introduced a bug URI handling.
While reviewing this commit change the code to directly use strdup()
instead of re-implementing it multiple times, as shortens the code and
thus improves readability.
Signed-off-by: Marcelo Roberto Jimenez <mroberto@users.sourceforge.net>
This commit is contained in:
parent
faaef39a3c
commit
04fb684323
@ -480,25 +480,20 @@ int genaInitNotify(
|
||||
}
|
||||
*reference_count = 0;
|
||||
|
||||
UDN_copy = (char *)malloc(strlen(UDN) + 1);
|
||||
UDN_copy = strdup(UDN);
|
||||
if (UDN_copy == NULL) {
|
||||
line = __LINE__;
|
||||
ret = UPNP_E_OUTOF_MEMORY;
|
||||
goto ExitFunction;
|
||||
}
|
||||
|
||||
servId_copy = (char *)malloc(strlen(servId) + 1);
|
||||
servId_copy = strdup(servId);
|
||||
if (servId_copy == NULL) {
|
||||
line = __LINE__;
|
||||
ret = UPNP_E_OUTOF_MEMORY;
|
||||
goto ExitFunction;
|
||||
}
|
||||
|
||||
memset(UDN_copy, 0, strlen(UDN) + 1);
|
||||
strncpy(UDN_copy, UDN, strlen(UDN));
|
||||
memset(servId_copy, 0, strlen(servId) + 1);
|
||||
strncpy(servId_copy, servId, strlen(servId));
|
||||
|
||||
HandleLock();
|
||||
|
||||
if (GetHandleInfo(device_handle, &handle_info) != HND_DEVICE) {
|
||||
@ -639,25 +634,20 @@ int genaInitNotifyExt(
|
||||
}
|
||||
*reference_count = 0;
|
||||
|
||||
UDN_copy = (char *)malloc(strlen(UDN) + 1);
|
||||
UDN_copy = strdup(UDN);
|
||||
if (UDN_copy == NULL) {
|
||||
line = __LINE__;
|
||||
ret = UPNP_E_OUTOF_MEMORY;
|
||||
goto ExitFunction;
|
||||
}
|
||||
|
||||
servId_copy = (char *)malloc(strlen(servId) + 1);
|
||||
servId_copy = strdup(servId);
|
||||
if( servId_copy == NULL ) {
|
||||
line = __LINE__;
|
||||
ret = UPNP_E_OUTOF_MEMORY;
|
||||
goto ExitFunction;
|
||||
}
|
||||
|
||||
memset(UDN_copy, 0, strlen(UDN) + 1);
|
||||
strncpy(UDN_copy, UDN, strlen(UDN));
|
||||
memset(servId_copy, 0, strlen(servId) + 1);
|
||||
strncpy(servId_copy, servId, strlen(servId));
|
||||
|
||||
HandleLock();
|
||||
|
||||
if (GetHandleInfo(device_handle, &handle_info) != HND_DEVICE) {
|
||||
@ -798,25 +788,20 @@ int genaNotifyAllExt(
|
||||
}
|
||||
*reference_count = 0;
|
||||
|
||||
UDN_copy = (char *)malloc(strlen(UDN) + 1);
|
||||
UDN_copy = strdup(UDN);
|
||||
if (UDN_copy == NULL) {
|
||||
line = __LINE__;
|
||||
ret = UPNP_E_OUTOF_MEMORY;
|
||||
goto ExitFunction;
|
||||
}
|
||||
|
||||
servId_copy = (char *)malloc(strlen(servId) + 1);
|
||||
servId_copy = strdup(servId);
|
||||
if( servId_copy == NULL ) {
|
||||
line = __LINE__;
|
||||
ret = UPNP_E_OUTOF_MEMORY;
|
||||
goto ExitFunction;
|
||||
}
|
||||
|
||||
memset(UDN_copy, 0, strlen(UDN) + 1);
|
||||
strncpy(UDN_copy, UDN, strlen(UDN));
|
||||
memset(servId_copy, 0, strlen(servId) + 1);
|
||||
strncpy(servId_copy, servId, strlen(servId));
|
||||
|
||||
propertySet = ixmlPrintNode((IXML_Node *)PropSet);
|
||||
if (propertySet == NULL) {
|
||||
line = __LINE__;
|
||||
@ -944,25 +929,20 @@ int genaNotifyAll(
|
||||
}
|
||||
*reference_count = 0;
|
||||
|
||||
UDN_copy = (char *)malloc(strlen(UDN) + 1);
|
||||
UDN_copy = strdup(UDN);
|
||||
if (UDN_copy == NULL) {
|
||||
line = __LINE__;
|
||||
ret = UPNP_E_OUTOF_MEMORY;
|
||||
goto ExitFunction;
|
||||
}
|
||||
|
||||
servId_copy = (char *)malloc(strlen(servId) + 1);
|
||||
servId_copy = strdup(servId);
|
||||
if( servId_copy == NULL ) {
|
||||
line = __LINE__;
|
||||
ret = UPNP_E_OUTOF_MEMORY;
|
||||
goto ExitFunction;
|
||||
}
|
||||
|
||||
memset(UDN_copy, 0, strlen(UDN) + 1);
|
||||
strncpy(UDN_copy, UDN, strlen(UDN));
|
||||
memset(servId_copy, 0, strlen(servId) + 1);
|
||||
strncpy(servId_copy, servId, strlen(servId));
|
||||
|
||||
ret = GeneratePropertySet(VarNames, VarValues, var_count, &propertySet);
|
||||
if (ret != XML_SUCCESS) {
|
||||
line = __LINE__;
|
||||
|
@ -792,11 +792,9 @@ static int CreateHTTPRangeResponseHeader(
|
||||
Instr->ReadSendSize = FileLength;
|
||||
if (!ByteRangeSpecifier)
|
||||
return HTTP_BAD_REQUEST;
|
||||
RangeInput = malloc(strlen(ByteRangeSpecifier) + 1);
|
||||
RangeInput = strdup(ByteRangeSpecifier);
|
||||
if (!RangeInput)
|
||||
return HTTP_INTERNAL_SERVER_ERROR;
|
||||
memset(RangeInput, 0, strlen(ByteRangeSpecifier) + 1);
|
||||
strncpy(RangeInput, ByteRangeSpecifier, strlen(ByteRangeSpecifier));
|
||||
/* CONTENT-RANGE: bytes 222-3333/4000 HTTP_PARTIAL_CONTENT */
|
||||
if (StrStr(RangeInput, "bytes") == NULL ||
|
||||
(Ptr = StrStr(RangeInput, "=")) == NULL) {
|
||||
|
Loading…
Reference in New Issue
Block a user