summaryrefslogtreecommitdiffstats
path: root/libebtc.c
diff options
context:
space:
mode:
authorFlorian Westphal <fw@strlen.de>2021-09-30 14:56:31 +0200
committerFlorian Westphal <fw@strlen.de>2021-09-30 14:59:52 +0200
commit3af72f100ad783b0204ce519de26a639f920b558 (patch)
tree298e757731b0a4585117f4131a16625c07970280 /libebtc.c
parent52f88f8c22aae3b33f08865f2de659f8a9c4fa5c (diff)
libebtc: fix malloc usageHEADmaster
Rule insertion may fail on systems where libc doesn't provided zeroed memory via malloc (which is legal). IOW, this was never guaranteed to work correctly. Add a xzalloc wrapper to do error checking and zeroing and then use it in libebtc. Reported-and-tested-by: Senthil Kumar Balasubramanian <senthilb@qubercomm.com> Diagnosed-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'libebtc.c')
-rw-r--r--libebtc.c60
1 files changed, 24 insertions, 36 deletions
diff --git a/libebtc.c b/libebtc.c
index 112c307..1cc1016 100644
--- a/libebtc.c
+++ b/libebtc.c
@@ -41,6 +41,18 @@
static void decrease_chain_jumps(struct ebt_u_replace *replace);
static int iterate_entries(struct ebt_u_replace *replace, int type);
+static void *xzalloc(size_t s)
+{
+ void *p = malloc(s);
+
+ if (!p)
+ ebt_print_memory();
+
+ memset(p, 0, s);
+
+ return p;
+}
+
/* The standard names */
const char *ebt_hooknames[NF_BR_NUMHOOKS] =
{
@@ -266,9 +278,7 @@ void ebt_reinit_extensions()
for (m = ebt_matches; m; m = m->next) {
if (m->used) {
size = EBT_ALIGN(m->size) + sizeof(struct ebt_entry_match);
- m->m = (struct ebt_entry_match *)malloc(size);
- if (!m->m)
- ebt_print_memory();
+ m->m = xzalloc(size);
strcpy(m->m->u.name, m->name);
m->m->u.revision = m->revision;
m->m->match_size = EBT_ALIGN(m->size);
@@ -280,9 +290,7 @@ void ebt_reinit_extensions()
for (w = ebt_watchers; w; w = w->next) {
if (w->used) {
size = EBT_ALIGN(w->size) + sizeof(struct ebt_entry_watcher);
- w->w = (struct ebt_entry_watcher *)malloc(size);
- if (!w->w)
- ebt_print_memory();
+ w->w = xzalloc(size);
strcpy(w->w->u.name, w->name);
w->w->watcher_size = EBT_ALIGN(w->size);
w->used = 0;
@@ -293,9 +301,7 @@ void ebt_reinit_extensions()
for (t = ebt_targets; t; t = t->next) {
if (t->used) {
size = EBT_ALIGN(t->size) + sizeof(struct ebt_entry_target);
- t->t = (struct ebt_entry_target *)malloc(size);
- if (!t->t)
- ebt_print_memory();
+ t->t = xzalloc(size);
strcpy(t->t->u.name, t->name);
t->t->target_size = EBT_ALIGN(t->size);
t->used = 0;
@@ -645,9 +651,7 @@ void ebt_add_rule(struct ebt_u_replace *replace, struct ebt_u_entry *new_entry,
new_entry->prev = u_e->prev;
u_e->prev->next = new_entry;
u_e->prev = new_entry;
- new_cc = (struct ebt_cntchanges *)malloc(sizeof(struct ebt_cntchanges));
- if (!new_cc)
- ebt_print_memory();
+ new_cc = xzalloc(sizeof(struct ebt_cntchanges));
new_cc->type = CNT_ADD;
new_cc->change = 0;
if (new_entry->next == entries->entries) {
@@ -861,18 +865,14 @@ void ebt_new_chain(struct ebt_u_replace *replace, const char *name, int policy)
if (replace->num_chains == replace->max_chains)
ebt_double_chains(replace);
- new = (struct ebt_u_entries *)malloc(sizeof(struct ebt_u_entries));
- if (!new)
- ebt_print_memory();
+ new = xzalloc(sizeof(struct ebt_u_entries));
replace->chains[replace->num_chains++] = new;
new->nentries = 0;
new->policy = policy;
new->counter_offset = replace->nentries;
new->hook_mask = 0;
strcpy(new->name, name);
- new->entries = (struct ebt_u_entry *)malloc(sizeof(struct ebt_u_entry));
- if (!new->entries)
- ebt_print_memory();
+ new->entries = xzalloc(sizeof(struct ebt_u_entry));
new->entries->next = new->entries->prev = new->entries;
new->kernel_start = NULL;
}
@@ -1041,7 +1041,7 @@ void ebt_check_for_loops(struct ebt_u_replace *replace)
}
if (replace->num_chains == NF_BR_NUMHOOKS)
return;
- stack = (struct ebt_u_stack *)malloc((replace->num_chains - NF_BR_NUMHOOKS) * sizeof(struct ebt_u_stack));
+ stack = calloc((replace->num_chains - NF_BR_NUMHOOKS), sizeof(struct ebt_u_stack));
if (!stack)
ebt_print_memory();
@@ -1111,10 +1111,7 @@ void ebt_add_match(struct ebt_u_entry *new_entry, struct ebt_u_match *m)
struct ebt_u_match_list **m_list, *new;
for (m_list = &new_entry->m_list; *m_list; m_list = &(*m_list)->next);
- new = (struct ebt_u_match_list *)
- malloc(sizeof(struct ebt_u_match_list));
- if (!new)
- ebt_print_memory();
+ new = xzalloc(sizeof(struct ebt_u_match_list));
*m_list = new;
new->next = NULL;
new->m = (struct ebt_entry_match *)m;
@@ -1126,10 +1123,7 @@ void ebt_add_watcher(struct ebt_u_entry *new_entry, struct ebt_u_watcher *w)
struct ebt_u_watcher_list *new;
for (w_list = &new_entry->w_list; *w_list; w_list = &(*w_list)->next);
- new = (struct ebt_u_watcher_list *)
- malloc(sizeof(struct ebt_u_watcher_list));
- if (!new)
- ebt_print_memory();
+ new = xzalloc(sizeof(struct ebt_u_watcher_list));
*w_list = new;
new->next = NULL;
new->w = (struct ebt_entry_watcher *)w;
@@ -1206,9 +1200,7 @@ void ebt_register_match(struct ebt_u_match *m)
int size = EBT_ALIGN(m->size) + sizeof(struct ebt_entry_match);
struct ebt_u_match **i;
- m->m = (struct ebt_entry_match *)malloc(size);
- if (!m->m)
- ebt_print_memory();
+ m->m = xzalloc(size);
strcpy(m->m->u.name, m->name);
m->m->u.revision = m->revision;
m->m->match_size = EBT_ALIGN(m->size);
@@ -1224,9 +1216,7 @@ void ebt_register_watcher(struct ebt_u_watcher *w)
int size = EBT_ALIGN(w->size) + sizeof(struct ebt_entry_watcher);
struct ebt_u_watcher **i;
- w->w = (struct ebt_entry_watcher *)malloc(size);
- if (!w->w)
- ebt_print_memory();
+ w->w = xzalloc(size);
strcpy(w->w->u.name, w->name);
w->w->watcher_size = EBT_ALIGN(w->size);
w->init(w->w);
@@ -1241,9 +1231,7 @@ void ebt_register_target(struct ebt_u_target *t)
int size = EBT_ALIGN(t->size) + sizeof(struct ebt_entry_target);
struct ebt_u_target **i;
- t->t = (struct ebt_entry_target *)malloc(size);
- if (!t->t)
- ebt_print_memory();
+ t->t = xzalloc(size);
strcpy(t->t->u.name, t->name);
t->t->target_size = EBT_ALIGN(t->size);
t->init(t->t);