Directly use strdup()

commit 0edaf3361d replaced several
malloc()+strcpy() sequences with memset()+strncpy() using strlen().
This doesn't improve security and introduced a bug URI handling.

While reviewing this commit change the code to directly use strdup()
instead of re-implementing it multiple times, as shortens the code and
thus improves readability.

Signed-off-by: Marcelo Roberto Jimenez <mroberto@users.sourceforge.net>
This commit is contained in:
Philipp Matthias Hahn 2014-05-01 10:41:20 +02:00 committed by Marcelo Roberto Jimenez
parent faaef39a3c
commit 04fb684323
2 changed files with 9 additions and 31 deletions

View File

@ -480,25 +480,20 @@ int genaInitNotify(
}
*reference_count = 0;
UDN_copy = (char *)malloc(strlen(UDN) + 1);
UDN_copy = strdup(UDN);
if (UDN_copy == NULL) {
line = __LINE__;
ret = UPNP_E_OUTOF_MEMORY;
goto ExitFunction;
}
servId_copy = (char *)malloc(strlen(servId) + 1);
servId_copy = strdup(servId);
if (servId_copy == NULL) {
line = __LINE__;
ret = UPNP_E_OUTOF_MEMORY;
goto ExitFunction;
}
memset(UDN_copy, 0, strlen(UDN) + 1);
strncpy(UDN_copy, UDN, strlen(UDN));
memset(servId_copy, 0, strlen(servId) + 1);
strncpy(servId_copy, servId, strlen(servId));
HandleLock();
if (GetHandleInfo(device_handle, &handle_info) != HND_DEVICE) {
@ -639,25 +634,20 @@ int genaInitNotifyExt(
}
*reference_count = 0;
UDN_copy = (char *)malloc(strlen(UDN) + 1);
UDN_copy = strdup(UDN);
if (UDN_copy == NULL) {
line = __LINE__;
ret = UPNP_E_OUTOF_MEMORY;
goto ExitFunction;
}
servId_copy = (char *)malloc(strlen(servId) + 1);
servId_copy = strdup(servId);
if( servId_copy == NULL ) {
line = __LINE__;
ret = UPNP_E_OUTOF_MEMORY;
goto ExitFunction;
}
memset(UDN_copy, 0, strlen(UDN) + 1);
strncpy(UDN_copy, UDN, strlen(UDN));
memset(servId_copy, 0, strlen(servId) + 1);
strncpy(servId_copy, servId, strlen(servId));
HandleLock();
if (GetHandleInfo(device_handle, &handle_info) != HND_DEVICE) {
@ -798,25 +788,20 @@ int genaNotifyAllExt(
}
*reference_count = 0;
UDN_copy = (char *)malloc(strlen(UDN) + 1);
UDN_copy = strdup(UDN);
if (UDN_copy == NULL) {
line = __LINE__;
ret = UPNP_E_OUTOF_MEMORY;
goto ExitFunction;
}
servId_copy = (char *)malloc(strlen(servId) + 1);
servId_copy = strdup(servId);
if( servId_copy == NULL ) {
line = __LINE__;
ret = UPNP_E_OUTOF_MEMORY;
goto ExitFunction;
}
memset(UDN_copy, 0, strlen(UDN) + 1);
strncpy(UDN_copy, UDN, strlen(UDN));
memset(servId_copy, 0, strlen(servId) + 1);
strncpy(servId_copy, servId, strlen(servId));
propertySet = ixmlPrintNode((IXML_Node *)PropSet);
if (propertySet == NULL) {
line = __LINE__;
@ -944,25 +929,20 @@ int genaNotifyAll(
}
*reference_count = 0;
UDN_copy = (char *)malloc(strlen(UDN) + 1);
UDN_copy = strdup(UDN);
if (UDN_copy == NULL) {
line = __LINE__;
ret = UPNP_E_OUTOF_MEMORY;
goto ExitFunction;
}
servId_copy = (char *)malloc(strlen(servId) + 1);
servId_copy = strdup(servId);
if( servId_copy == NULL ) {
line = __LINE__;
ret = UPNP_E_OUTOF_MEMORY;
goto ExitFunction;
}
memset(UDN_copy, 0, strlen(UDN) + 1);
strncpy(UDN_copy, UDN, strlen(UDN));
memset(servId_copy, 0, strlen(servId) + 1);
strncpy(servId_copy, servId, strlen(servId));
ret = GeneratePropertySet(VarNames, VarValues, var_count, &propertySet);
if (ret != XML_SUCCESS) {
line = __LINE__;

View File

@ -792,11 +792,9 @@ static int CreateHTTPRangeResponseHeader(
Instr->ReadSendSize = FileLength;
if (!ByteRangeSpecifier)
return HTTP_BAD_REQUEST;
RangeInput = malloc(strlen(ByteRangeSpecifier) + 1);
RangeInput = strdup(ByteRangeSpecifier);
if (!RangeInput)
return HTTP_INTERNAL_SERVER_ERROR;
memset(RangeInput, 0, strlen(ByteRangeSpecifier) + 1);
strncpy(RangeInput, ByteRangeSpecifier, strlen(ByteRangeSpecifier));
/* CONTENT-RANGE: bytes 222-3333/4000 HTTP_PARTIAL_CONTENT */
if (StrStr(RangeInput, "bytes") == NULL ||
(Ptr = StrStr(RangeInput, "=")) == NULL) {