|
 |
3a00e5 |
From 6648a2090e4395541e4fd6b4be077fd4c2cf20cb Mon Sep 17 00:00:00 2001
|
|
|
3a00e5 |
From: Phil Sutter <phil@nwl.cc>
|
|
|
3a00e5 |
Date: Wed, 2 Jun 2021 12:56:06 +0200
|
|
|
3a00e5 |
Subject: [PATCH] libxtables: Introduce xtables_strdup() and use it everywhere
|
|
|
3a00e5 |
|
|
|
3a00e5 |
This wraps strdup(), checking for errors.
|
|
|
3a00e5 |
|
|
|
3a00e5 |
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
|
|
3a00e5 |
(cherry picked from commit 9b85e1ab3dbf0d9344562c5c76114496e3ebaa3a)
|
|
|
3a00e5 |
---
|
|
|
3a00e5 |
extensions/libebt_ip.c | 3 ++-
|
|
|
3a00e5 |
extensions/libebt_ip6.c | 2 +-
|
|
|
3a00e5 |
extensions/libebt_stp.c | 3 ++-
|
|
|
3a00e5 |
extensions/libip6t_DNAT.c | 4 +---
|
|
|
3a00e5 |
extensions/libip6t_SNAT.c | 4 +---
|
|
|
3a00e5 |
extensions/libip6t_dst.c | 8 +++-----
|
|
|
3a00e5 |
extensions/libip6t_hbh.c | 7 +++----
|
|
|
3a00e5 |
extensions/libip6t_ipv6header.c | 2 +-
|
|
|
3a00e5 |
extensions/libip6t_mh.c | 2 +-
|
|
|
3a00e5 |
extensions/libip6t_rt.c | 7 +++----
|
|
|
3a00e5 |
extensions/libipt_DNAT.c | 8 ++------
|
|
|
3a00e5 |
extensions/libipt_SNAT.c | 4 +---
|
|
|
3a00e5 |
extensions/libxt_dccp.c | 2 +-
|
|
|
3a00e5 |
extensions/libxt_hashlimit.c | 5 +----
|
|
|
3a00e5 |
extensions/libxt_iprange.c | 4 +---
|
|
|
3a00e5 |
extensions/libxt_multiport.c | 6 ++----
|
|
|
3a00e5 |
extensions/libxt_sctp.c | 4 ++--
|
|
|
3a00e5 |
extensions/libxt_set.h | 4 ++--
|
|
|
3a00e5 |
extensions/libxt_tcp.c | 4 ++--
|
|
|
3a00e5 |
include/xtables.h | 1 +
|
|
|
3a00e5 |
iptables/iptables-xml.c | 4 ++--
|
|
|
3a00e5 |
iptables/nft-cache.c | 4 ++--
|
|
|
3a00e5 |
iptables/nft-cmd.c | 13 +++++++------
|
|
|
3a00e5 |
iptables/xshared.c | 2 +-
|
|
|
3a00e5 |
libxtables/xtables.c | 12 ++++++++++++
|
|
|
3a00e5 |
libxtables/xtoptions.c | 14 +++-----------
|
|
|
3a00e5 |
26 files changed, 60 insertions(+), 73 deletions(-)
|
|
|
3a00e5 |
|
|
|
3a00e5 |
diff --git a/extensions/libebt_ip.c b/extensions/libebt_ip.c
|
|
|
3a00e5 |
index acb9bfcdbbd9f..51649ffb3c305 100644
|
|
|
3a00e5 |
--- a/extensions/libebt_ip.c
|
|
|
3a00e5 |
+++ b/extensions/libebt_ip.c
|
|
|
3a00e5 |
@@ -175,7 +175,8 @@ parse_port_range(const char *protocol, const char *portstring, uint16_t *ports)
|
|
|
3a00e5 |
char *buffer;
|
|
|
3a00e5 |
char *cp;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
- buffer = strdup(portstring);
|
|
|
3a00e5 |
+ buffer = xtables_strdup(portstring);
|
|
|
3a00e5 |
+
|
|
|
3a00e5 |
if ((cp = strchr(buffer, ':')) == NULL)
|
|
|
3a00e5 |
ports[0] = ports[1] = xtables_parse_port(buffer, NULL);
|
|
|
3a00e5 |
else {
|
|
|
3a00e5 |
diff --git a/extensions/libebt_ip6.c b/extensions/libebt_ip6.c
|
|
|
3a00e5 |
index 3cc39271d4658..a686a285c3cb8 100644
|
|
|
3a00e5 |
--- a/extensions/libebt_ip6.c
|
|
|
3a00e5 |
+++ b/extensions/libebt_ip6.c
|
|
|
3a00e5 |
@@ -93,7 +93,7 @@ parse_port_range(const char *protocol, const char *portstring, uint16_t *ports)
|
|
|
3a00e5 |
char *buffer;
|
|
|
3a00e5 |
char *cp;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
- buffer = strdup(portstring);
|
|
|
3a00e5 |
+ buffer = xtables_strdup(portstring);
|
|
|
3a00e5 |
if ((cp = strchr(buffer, ':')) == NULL)
|
|
|
3a00e5 |
ports[0] = ports[1] = xtables_parse_port(buffer, NULL);
|
|
|
3a00e5 |
else {
|
|
|
3a00e5 |
diff --git a/extensions/libebt_stp.c b/extensions/libebt_stp.c
|
|
|
3a00e5 |
index 81ba572c33c1a..3e9e24474eb61 100644
|
|
|
3a00e5 |
--- a/extensions/libebt_stp.c
|
|
|
3a00e5 |
+++ b/extensions/libebt_stp.c
|
|
|
3a00e5 |
@@ -90,7 +90,8 @@ static int parse_range(const char *portstring, void *lower, void *upper,
|
|
|
3a00e5 |
uint32_t low_nr, upp_nr;
|
|
|
3a00e5 |
int ret = 0;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
- buffer = strdup(portstring);
|
|
|
3a00e5 |
+ buffer = xtables_strdup(portstring);
|
|
|
3a00e5 |
+
|
|
|
3a00e5 |
if ((cp = strchr(buffer, ':')) == NULL) {
|
|
|
3a00e5 |
low_nr = strtoul(buffer, &end, 10);
|
|
|
3a00e5 |
if (*end || low_nr < min || low_nr > max) {
|
|
|
3a00e5 |
diff --git a/extensions/libip6t_DNAT.c b/extensions/libip6t_DNAT.c
|
|
|
3a00e5 |
index 89c5ceb153250..f1ad81436316b 100644
|
|
|
3a00e5 |
--- a/extensions/libip6t_DNAT.c
|
|
|
3a00e5 |
+++ b/extensions/libip6t_DNAT.c
|
|
|
3a00e5 |
@@ -58,9 +58,7 @@ parse_to(const char *orig_arg, int portok, struct nf_nat_range2 *range, int rev)
|
|
|
3a00e5 |
char *arg, *start, *end = NULL, *colon = NULL, *dash, *error;
|
|
|
3a00e5 |
const struct in6_addr *ip;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
- arg = strdup(orig_arg);
|
|
|
3a00e5 |
- if (arg == NULL)
|
|
|
3a00e5 |
- xtables_error(RESOURCE_PROBLEM, "strdup");
|
|
|
3a00e5 |
+ arg = xtables_strdup(orig_arg);
|
|
|
3a00e5 |
|
|
|
3a00e5 |
start = strchr(arg, '[');
|
|
|
3a00e5 |
if (start == NULL) {
|
|
|
3a00e5 |
diff --git a/extensions/libip6t_SNAT.c b/extensions/libip6t_SNAT.c
|
|
|
3a00e5 |
index 7d74b3d76a93c..6d19614c7c708 100644
|
|
|
3a00e5 |
--- a/extensions/libip6t_SNAT.c
|
|
|
3a00e5 |
+++ b/extensions/libip6t_SNAT.c
|
|
|
3a00e5 |
@@ -52,9 +52,7 @@ parse_to(const char *orig_arg, int portok, struct nf_nat_range *range)
|
|
|
3a00e5 |
char *arg, *start, *end = NULL, *colon = NULL, *dash, *error;
|
|
|
3a00e5 |
const struct in6_addr *ip;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
- arg = strdup(orig_arg);
|
|
|
3a00e5 |
- if (arg == NULL)
|
|
|
3a00e5 |
- xtables_error(RESOURCE_PROBLEM, "strdup");
|
|
|
3a00e5 |
+ arg = xtables_strdup(orig_arg);
|
|
|
3a00e5 |
|
|
|
3a00e5 |
start = strchr(arg, '[');
|
|
|
3a00e5 |
if (start == NULL) {
|
|
|
3a00e5 |
diff --git a/extensions/libip6t_dst.c b/extensions/libip6t_dst.c
|
|
|
3a00e5 |
index fe7e3403468ce..bf0e3e436665d 100644
|
|
|
3a00e5 |
--- a/extensions/libip6t_dst.c
|
|
|
3a00e5 |
+++ b/extensions/libip6t_dst.c
|
|
|
3a00e5 |
@@ -57,11 +57,9 @@ parse_options(const char *optsstr, uint16_t *opts)
|
|
|
3a00e5 |
{
|
|
|
3a00e5 |
char *buffer, *cp, *next, *range;
|
|
|
3a00e5 |
unsigned int i;
|
|
|
3a00e5 |
-
|
|
|
3a00e5 |
- buffer = strdup(optsstr);
|
|
|
3a00e5 |
- if (!buffer)
|
|
|
3a00e5 |
- xtables_error(OTHER_PROBLEM, "strdup failed");
|
|
|
3a00e5 |
-
|
|
|
3a00e5 |
+
|
|
|
3a00e5 |
+ buffer = xtables_strdup(optsstr);
|
|
|
3a00e5 |
+
|
|
|
3a00e5 |
for (cp = buffer, i = 0; cp && i < IP6T_OPTS_OPTSNR; cp = next, i++)
|
|
|
3a00e5 |
{
|
|
|
3a00e5 |
next = strchr(cp, ',');
|
|
|
3a00e5 |
diff --git a/extensions/libip6t_hbh.c b/extensions/libip6t_hbh.c
|
|
|
3a00e5 |
index 4cebecfd3d2f5..74e87cda7eea1 100644
|
|
|
3a00e5 |
--- a/extensions/libip6t_hbh.c
|
|
|
3a00e5 |
+++ b/extensions/libip6t_hbh.c
|
|
|
3a00e5 |
@@ -57,10 +57,9 @@ parse_options(const char *optsstr, uint16_t *opts)
|
|
|
3a00e5 |
{
|
|
|
3a00e5 |
char *buffer, *cp, *next, *range;
|
|
|
3a00e5 |
unsigned int i;
|
|
|
3a00e5 |
-
|
|
|
3a00e5 |
- buffer = strdup(optsstr);
|
|
|
3a00e5 |
- if (!buffer) xtables_error(OTHER_PROBLEM, "strdup failed");
|
|
|
3a00e5 |
-
|
|
|
3a00e5 |
+
|
|
|
3a00e5 |
+ buffer = xtables_strdup(optsstr);
|
|
|
3a00e5 |
+
|
|
|
3a00e5 |
for (cp=buffer, i=0; cp && i
|
|
|
3a00e5 |
{
|
|
|
3a00e5 |
next=strchr(cp, ',');
|
|
|
3a00e5 |
diff --git a/extensions/libip6t_ipv6header.c b/extensions/libip6t_ipv6header.c
|
|
|
3a00e5 |
index 6f03087bb79d8..9e34562966f8b 100644
|
|
|
3a00e5 |
--- a/extensions/libip6t_ipv6header.c
|
|
|
3a00e5 |
+++ b/extensions/libip6t_ipv6header.c
|
|
|
3a00e5 |
@@ -147,7 +147,7 @@ parse_header(const char *flags) {
|
|
|
3a00e5 |
char *ptr;
|
|
|
3a00e5 |
char *buffer;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
- buffer = strdup(flags);
|
|
|
3a00e5 |
+ buffer = xtables_strdup(flags);
|
|
|
3a00e5 |
|
|
|
3a00e5 |
for (ptr = strtok(buffer, ","); ptr; ptr = strtok(NULL, ","))
|
|
|
3a00e5 |
ret |= add_proto_to_mask(name_to_proto(ptr));
|
|
|
3a00e5 |
diff --git a/extensions/libip6t_mh.c b/extensions/libip6t_mh.c
|
|
|
3a00e5 |
index f4c0fd9fc0bca..64675405ac724 100644
|
|
|
3a00e5 |
--- a/extensions/libip6t_mh.c
|
|
|
3a00e5 |
+++ b/extensions/libip6t_mh.c
|
|
|
3a00e5 |
@@ -107,7 +107,7 @@ static void parse_mh_types(const char *mhtype, uint8_t *types)
|
|
|
3a00e5 |
char *buffer;
|
|
|
3a00e5 |
char *cp;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
- buffer = strdup(mhtype);
|
|
|
3a00e5 |
+ buffer = xtables_strdup(mhtype);
|
|
|
3a00e5 |
if ((cp = strchr(buffer, ':')) == NULL)
|
|
|
3a00e5 |
types[0] = types[1] = name_to_type(buffer);
|
|
|
3a00e5 |
else {
|
|
|
3a00e5 |
diff --git a/extensions/libip6t_rt.c b/extensions/libip6t_rt.c
|
|
|
3a00e5 |
index 3cb3b249d8995..9708b5a0c42f3 100644
|
|
|
3a00e5 |
--- a/extensions/libip6t_rt.c
|
|
|
3a00e5 |
+++ b/extensions/libip6t_rt.c
|
|
|
3a00e5 |
@@ -73,10 +73,9 @@ parse_addresses(const char *addrstr, struct in6_addr *addrp)
|
|
|
3a00e5 |
{
|
|
|
3a00e5 |
char *buffer, *cp, *next;
|
|
|
3a00e5 |
unsigned int i;
|
|
|
3a00e5 |
-
|
|
|
3a00e5 |
- buffer = strdup(addrstr);
|
|
|
3a00e5 |
- if (!buffer) xtables_error(OTHER_PROBLEM, "strdup failed");
|
|
|
3a00e5 |
-
|
|
|
3a00e5 |
+
|
|
|
3a00e5 |
+ buffer = xtables_strdup(addrstr);
|
|
|
3a00e5 |
+
|
|
|
3a00e5 |
for (cp=buffer, i=0; cp && i
|
|
|
3a00e5 |
{
|
|
|
3a00e5 |
next=strchr(cp, ',');
|
|
|
3a00e5 |
diff --git a/extensions/libipt_DNAT.c b/extensions/libipt_DNAT.c
|
|
|
3a00e5 |
index 4907a2e83d066..5b33fd23f6e36 100644
|
|
|
3a00e5 |
--- a/extensions/libipt_DNAT.c
|
|
|
3a00e5 |
+++ b/extensions/libipt_DNAT.c
|
|
|
3a00e5 |
@@ -79,9 +79,7 @@ parse_to(const char *orig_arg, int portok, struct ipt_natinfo *info)
|
|
|
3a00e5 |
char *arg, *colon, *dash, *error;
|
|
|
3a00e5 |
const struct in_addr *ip;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
- arg = strdup(orig_arg);
|
|
|
3a00e5 |
- if (arg == NULL)
|
|
|
3a00e5 |
- xtables_error(RESOURCE_PROBLEM, "strdup");
|
|
|
3a00e5 |
+ arg = xtables_strdup(orig_arg);
|
|
|
3a00e5 |
memset(&range, 0, sizeof(range));
|
|
|
3a00e5 |
colon = strchr(arg, ':');
|
|
|
3a00e5 |
|
|
|
3a00e5 |
@@ -302,9 +300,7 @@ parse_to_v2(const char *orig_arg, int portok, struct nf_nat_range2 *range)
|
|
|
3a00e5 |
char *arg, *colon, *dash, *error;
|
|
|
3a00e5 |
const struct in_addr *ip;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
- arg = strdup(orig_arg);
|
|
|
3a00e5 |
- if (arg == NULL)
|
|
|
3a00e5 |
- xtables_error(RESOURCE_PROBLEM, "strdup");
|
|
|
3a00e5 |
+ arg = xtables_strdup(orig_arg);
|
|
|
3a00e5 |
|
|
|
3a00e5 |
colon = strchr(arg, ':');
|
|
|
3a00e5 |
if (colon) {
|
|
|
3a00e5 |
diff --git a/extensions/libipt_SNAT.c b/extensions/libipt_SNAT.c
|
|
|
3a00e5 |
index e92d811c2bc93..c655439ec9192 100644
|
|
|
3a00e5 |
--- a/extensions/libipt_SNAT.c
|
|
|
3a00e5 |
+++ b/extensions/libipt_SNAT.c
|
|
|
3a00e5 |
@@ -73,9 +73,7 @@ parse_to(const char *orig_arg, int portok, struct ipt_natinfo *info)
|
|
|
3a00e5 |
char *arg, *colon, *dash, *error;
|
|
|
3a00e5 |
const struct in_addr *ip;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
- arg = strdup(orig_arg);
|
|
|
3a00e5 |
- if (arg == NULL)
|
|
|
3a00e5 |
- xtables_error(RESOURCE_PROBLEM, "strdup");
|
|
|
3a00e5 |
+ arg = xtables_strdup(orig_arg);
|
|
|
3a00e5 |
memset(&range, 0, sizeof(range));
|
|
|
3a00e5 |
colon = strchr(arg, ':');
|
|
|
3a00e5 |
|
|
|
3a00e5 |
diff --git a/extensions/libxt_dccp.c b/extensions/libxt_dccp.c
|
|
|
3a00e5 |
index aea3e20be4818..abd420fcc0032 100644
|
|
|
3a00e5 |
--- a/extensions/libxt_dccp.c
|
|
|
3a00e5 |
+++ b/extensions/libxt_dccp.c
|
|
|
3a00e5 |
@@ -85,7 +85,7 @@ parse_dccp_types(const char *typestring)
|
|
|
3a00e5 |
uint16_t typemask = 0;
|
|
|
3a00e5 |
char *ptr, *buffer;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
- buffer = strdup(typestring);
|
|
|
3a00e5 |
+ buffer = xtables_strdup(typestring);
|
|
|
3a00e5 |
|
|
|
3a00e5 |
for (ptr = strtok(buffer, ","); ptr; ptr = strtok(NULL, ",")) {
|
|
|
3a00e5 |
unsigned int i;
|
|
|
3a00e5 |
diff --git a/extensions/libxt_hashlimit.c b/extensions/libxt_hashlimit.c
|
|
|
3a00e5 |
index 7f1d2a402c4fd..3f3c43010ee2a 100644
|
|
|
3a00e5 |
--- a/extensions/libxt_hashlimit.c
|
|
|
3a00e5 |
+++ b/extensions/libxt_hashlimit.c
|
|
|
3a00e5 |
@@ -508,10 +508,7 @@ static void hashlimit_mt6_init(struct xt_entry_match *match)
|
|
|
3a00e5 |
static int parse_mode(uint32_t *mode, const char *option_arg)
|
|
|
3a00e5 |
{
|
|
|
3a00e5 |
char *tok;
|
|
|
3a00e5 |
- char *arg = strdup(option_arg);
|
|
|
3a00e5 |
-
|
|
|
3a00e5 |
- if (!arg)
|
|
|
3a00e5 |
- return -1;
|
|
|
3a00e5 |
+ char *arg = xtables_strdup(option_arg);
|
|
|
3a00e5 |
|
|
|
3a00e5 |
for (tok = strtok(arg, ",|");
|
|
|
3a00e5 |
tok;
|
|
|
3a00e5 |
diff --git a/extensions/libxt_iprange.c b/extensions/libxt_iprange.c
|
|
|
3a00e5 |
index 8be2481497b8d..04ce7b364f1c6 100644
|
|
|
3a00e5 |
--- a/extensions/libxt_iprange.c
|
|
|
3a00e5 |
+++ b/extensions/libxt_iprange.c
|
|
|
3a00e5 |
@@ -73,11 +73,9 @@ iprange_parse_spec(const char *from, const char *to, union nf_inet_addr *range,
|
|
|
3a00e5 |
static void iprange_parse_range(const char *oarg, union nf_inet_addr *range,
|
|
|
3a00e5 |
uint8_t family, const char *optname)
|
|
|
3a00e5 |
{
|
|
|
3a00e5 |
- char *arg = strdup(oarg);
|
|
|
3a00e5 |
+ char *arg = xtables_strdup(oarg);
|
|
|
3a00e5 |
char *dash;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
- if (arg == NULL)
|
|
|
3a00e5 |
- xtables_error(RESOURCE_PROBLEM, "strdup");
|
|
|
3a00e5 |
dash = strchr(arg, '-');
|
|
|
3a00e5 |
if (dash == NULL) {
|
|
|
3a00e5 |
iprange_parse_spec(arg, arg, range, family, optname);
|
|
|
3a00e5 |
diff --git a/extensions/libxt_multiport.c b/extensions/libxt_multiport.c
|
|
|
3a00e5 |
index 07ad4cfd4e519..4a42fa38238b9 100644
|
|
|
3a00e5 |
--- a/extensions/libxt_multiport.c
|
|
|
3a00e5 |
+++ b/extensions/libxt_multiport.c
|
|
|
3a00e5 |
@@ -87,8 +87,7 @@ parse_multi_ports(const char *portstring, uint16_t *ports, const char *proto)
|
|
|
3a00e5 |
char *buffer, *cp, *next;
|
|
|
3a00e5 |
unsigned int i;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
- buffer = strdup(portstring);
|
|
|
3a00e5 |
- if (!buffer) xtables_error(OTHER_PROBLEM, "strdup failed");
|
|
|
3a00e5 |
+ buffer = xtables_strdup(portstring);
|
|
|
3a00e5 |
|
|
|
3a00e5 |
for (cp=buffer, i=0; cp && i
|
|
|
3a00e5 |
{
|
|
|
3a00e5 |
@@ -109,8 +108,7 @@ parse_multi_ports_v1(const char *portstring,
|
|
|
3a00e5 |
char *buffer, *cp, *next, *range;
|
|
|
3a00e5 |
unsigned int i;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
- buffer = strdup(portstring);
|
|
|
3a00e5 |
- if (!buffer) xtables_error(OTHER_PROBLEM, "strdup failed");
|
|
|
3a00e5 |
+ buffer = xtables_strdup(portstring);
|
|
|
3a00e5 |
|
|
|
3a00e5 |
for (i=0; i
|
|
|
3a00e5 |
multiinfo->pflags[i] = 0;
|
|
|
3a00e5 |
diff --git a/extensions/libxt_sctp.c b/extensions/libxt_sctp.c
|
|
|
3a00e5 |
index 140de2653b1ef..59b34684cc7f7 100644
|
|
|
3a00e5 |
--- a/extensions/libxt_sctp.c
|
|
|
3a00e5 |
+++ b/extensions/libxt_sctp.c
|
|
|
3a00e5 |
@@ -69,7 +69,7 @@ parse_sctp_ports(const char *portstring,
|
|
|
3a00e5 |
char *buffer;
|
|
|
3a00e5 |
char *cp;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
- buffer = strdup(portstring);
|
|
|
3a00e5 |
+ buffer = xtables_strdup(portstring);
|
|
|
3a00e5 |
DEBUGP("%s\n", portstring);
|
|
|
3a00e5 |
if ((cp = strchr(buffer, ':')) == NULL) {
|
|
|
3a00e5 |
ports[0] = ports[1] = xtables_parse_port(buffer, "sctp");
|
|
|
3a00e5 |
@@ -163,7 +163,7 @@ parse_sctp_chunk(struct xt_sctp_info *einfo,
|
|
|
3a00e5 |
int found = 0;
|
|
|
3a00e5 |
char *chunk_flags;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
- buffer = strdup(chunks);
|
|
|
3a00e5 |
+ buffer = xtables_strdup(chunks);
|
|
|
3a00e5 |
DEBUGP("Buffer: %s\n", buffer);
|
|
|
3a00e5 |
|
|
|
3a00e5 |
SCTP_CHUNKMAP_RESET(einfo->chunkmap);
|
|
|
3a00e5 |
diff --git a/extensions/libxt_set.h b/extensions/libxt_set.h
|
|
|
3a00e5 |
index 41dfbd30fc7c1..ad895a7504d9d 100644
|
|
|
3a00e5 |
--- a/extensions/libxt_set.h
|
|
|
3a00e5 |
+++ b/extensions/libxt_set.h
|
|
|
3a00e5 |
@@ -141,7 +141,7 @@ get_set_byname(const char *setname, struct xt_set_info *info)
|
|
|
3a00e5 |
static void
|
|
|
3a00e5 |
parse_dirs_v0(const char *opt_arg, struct xt_set_info_v0 *info)
|
|
|
3a00e5 |
{
|
|
|
3a00e5 |
- char *saved = strdup(opt_arg);
|
|
|
3a00e5 |
+ char *saved = xtables_strdup(opt_arg);
|
|
|
3a00e5 |
char *ptr, *tmp = saved;
|
|
|
3a00e5 |
int i = 0;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
@@ -167,7 +167,7 @@ parse_dirs_v0(const char *opt_arg, struct xt_set_info_v0 *info)
|
|
|
3a00e5 |
static void
|
|
|
3a00e5 |
parse_dirs(const char *opt_arg, struct xt_set_info *info)
|
|
|
3a00e5 |
{
|
|
|
3a00e5 |
- char *saved = strdup(opt_arg);
|
|
|
3a00e5 |
+ char *saved = xtables_strdup(opt_arg);
|
|
|
3a00e5 |
char *ptr, *tmp = saved;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
while (info->dim < IPSET_DIM_MAX && tmp != NULL) {
|
|
|
3a00e5 |
diff --git a/extensions/libxt_tcp.c b/extensions/libxt_tcp.c
|
|
|
3a00e5 |
index 58f3c0a0c3c28..383e4db5b5e23 100644
|
|
|
3a00e5 |
--- a/extensions/libxt_tcp.c
|
|
|
3a00e5 |
+++ b/extensions/libxt_tcp.c
|
|
|
3a00e5 |
@@ -43,7 +43,7 @@ parse_tcp_ports(const char *portstring, uint16_t *ports)
|
|
|
3a00e5 |
char *buffer;
|
|
|
3a00e5 |
char *cp;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
- buffer = strdup(portstring);
|
|
|
3a00e5 |
+ buffer = xtables_strdup(portstring);
|
|
|
3a00e5 |
if ((cp = strchr(buffer, ':')) == NULL)
|
|
|
3a00e5 |
ports[0] = ports[1] = xtables_parse_port(buffer, "tcp");
|
|
|
3a00e5 |
else {
|
|
|
3a00e5 |
@@ -83,7 +83,7 @@ parse_tcp_flag(const char *flags)
|
|
|
3a00e5 |
char *ptr;
|
|
|
3a00e5 |
char *buffer;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
- buffer = strdup(flags);
|
|
|
3a00e5 |
+ buffer = xtables_strdup(flags);
|
|
|
3a00e5 |
|
|
|
3a00e5 |
for (ptr = strtok(buffer, ","); ptr; ptr = strtok(NULL, ",")) {
|
|
|
3a00e5 |
unsigned int i;
|
|
|
3a00e5 |
diff --git a/include/xtables.h b/include/xtables.h
|
|
|
3a00e5 |
index df1eaee326643..107ad7d65e6fc 100644
|
|
|
3a00e5 |
--- a/include/xtables.h
|
|
|
3a00e5 |
+++ b/include/xtables.h
|
|
|
3a00e5 |
@@ -453,6 +453,7 @@ extern void xtables_set_nfproto(uint8_t);
|
|
|
3a00e5 |
extern void *xtables_calloc(size_t, size_t);
|
|
|
3a00e5 |
extern void *xtables_malloc(size_t);
|
|
|
3a00e5 |
extern void *xtables_realloc(void *, size_t);
|
|
|
3a00e5 |
+char *xtables_strdup(const char *);
|
|
|
3a00e5 |
|
|
|
3a00e5 |
extern int xtables_insmod(const char *, const char *, bool);
|
|
|
3a00e5 |
extern int xtables_load_ko(const char *, bool);
|
|
|
3a00e5 |
diff --git a/iptables/iptables-xml.c b/iptables/iptables-xml.c
|
|
|
3a00e5 |
index 98d03dda98d2b..6cf059fb67292 100644
|
|
|
3a00e5 |
--- a/iptables/iptables-xml.c
|
|
|
3a00e5 |
+++ b/iptables/iptables-xml.c
|
|
|
3a00e5 |
@@ -213,8 +213,8 @@ saveChain(char *chain, char *policy, struct xt_counters *ctr)
|
|
|
3a00e5 |
"%s: line %u chain name invalid\n",
|
|
|
3a00e5 |
prog_name, line);
|
|
|
3a00e5 |
|
|
|
3a00e5 |
- chains[nextChain].chain = strdup(chain);
|
|
|
3a00e5 |
- chains[nextChain].policy = strdup(policy);
|
|
|
3a00e5 |
+ chains[nextChain].chain = xtables_strdup(chain);
|
|
|
3a00e5 |
+ chains[nextChain].policy = xtables_strdup(policy);
|
|
|
3a00e5 |
chains[nextChain].count = *ctr;
|
|
|
3a00e5 |
chains[nextChain].created = 0;
|
|
|
3a00e5 |
nextChain++;
|
|
|
3a00e5 |
diff --git a/iptables/nft-cache.c b/iptables/nft-cache.c
|
|
|
3a00e5 |
index 6b6e6da40a826..7fd78654b280a 100644
|
|
|
3a00e5 |
--- a/iptables/nft-cache.c
|
|
|
3a00e5 |
+++ b/iptables/nft-cache.c
|
|
|
3a00e5 |
@@ -40,7 +40,7 @@ static void cache_chain_list_insert(struct list_head *list, const char *name)
|
|
|
3a00e5 |
}
|
|
|
3a00e5 |
|
|
|
3a00e5 |
new = xtables_malloc(sizeof(*new));
|
|
|
3a00e5 |
- new->name = strdup(name);
|
|
|
3a00e5 |
+ new->name = xtables_strdup(name);
|
|
|
3a00e5 |
list_add_tail(&new->head, pos ? &pos->head : list);
|
|
|
3a00e5 |
}
|
|
|
3a00e5 |
|
|
|
3a00e5 |
@@ -56,7 +56,7 @@ void nft_cache_level_set(struct nft_handle *h, int level,
|
|
|
3a00e5 |
return;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
if (!req->table)
|
|
|
3a00e5 |
- req->table = strdup(cmd->table);
|
|
|
3a00e5 |
+ req->table = xtables_strdup(cmd->table);
|
|
|
3a00e5 |
else
|
|
|
3a00e5 |
assert(!strcmp(req->table, cmd->table));
|
|
|
3a00e5 |
|
|
|
3a00e5 |
diff --git a/iptables/nft-cmd.c b/iptables/nft-cmd.c
|
|
|
3a00e5 |
index 9b0c964847615..8dccdd734b156 100644
|
|
|
3a00e5 |
--- a/iptables/nft-cmd.c
|
|
|
3a00e5 |
+++ b/iptables/nft-cmd.c
|
|
|
3a00e5 |
@@ -11,6 +11,7 @@
|
|
|
3a00e5 |
|
|
|
3a00e5 |
#include <stdlib.h>
|
|
|
3a00e5 |
#include <string.h>
|
|
|
3a00e5 |
+#include <xtables.h>
|
|
|
3a00e5 |
#include "nft.h"
|
|
|
3a00e5 |
#include "nft-cmd.h"
|
|
|
3a00e5 |
|
|
|
3a00e5 |
@@ -27,9 +28,9 @@ struct nft_cmd *nft_cmd_new(struct nft_handle *h, int command,
|
|
|
3a00e5 |
return NULL;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
cmd->command = command;
|
|
|
3a00e5 |
- cmd->table = strdup(table);
|
|
|
3a00e5 |
+ cmd->table = xtables_strdup(table);
|
|
|
3a00e5 |
if (chain)
|
|
|
3a00e5 |
- cmd->chain = strdup(chain);
|
|
|
3a00e5 |
+ cmd->chain = xtables_strdup(chain);
|
|
|
3a00e5 |
cmd->rulenum = rulenum;
|
|
|
3a00e5 |
cmd->verbose = verbose;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
@@ -43,7 +44,7 @@ struct nft_cmd *nft_cmd_new(struct nft_handle *h, int command,
|
|
|
3a00e5 |
cmd->obj.rule = rule;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
if (!state->target && strlen(state->jumpto) > 0)
|
|
|
3a00e5 |
- cmd->jumpto = strdup(state->jumpto);
|
|
|
3a00e5 |
+ cmd->jumpto = xtables_strdup(state->jumpto);
|
|
|
3a00e5 |
}
|
|
|
3a00e5 |
|
|
|
3a00e5 |
list_add_tail(&cmd->head, &h->cmd_list);
|
|
|
3a00e5 |
@@ -238,7 +239,7 @@ int nft_cmd_chain_user_rename(struct nft_handle *h,const char *chain,
|
|
|
3a00e5 |
if (!cmd)
|
|
|
3a00e5 |
return 0;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
- cmd->rename = strdup(newname);
|
|
|
3a00e5 |
+ cmd->rename = xtables_strdup(newname);
|
|
|
3a00e5 |
|
|
|
3a00e5 |
nft_cache_level_set(h, NFT_CL_CHAINS, cmd);
|
|
|
3a00e5 |
|
|
|
3a00e5 |
@@ -304,7 +305,7 @@ int nft_cmd_chain_set(struct nft_handle *h, const char *table,
|
|
|
3a00e5 |
if (!cmd)
|
|
|
3a00e5 |
return 0;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
- cmd->policy = strdup(policy);
|
|
|
3a00e5 |
+ cmd->policy = xtables_strdup(policy);
|
|
|
3a00e5 |
if (counters)
|
|
|
3a00e5 |
cmd->counters = *counters;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
@@ -389,7 +390,7 @@ int ebt_cmd_user_chain_policy(struct nft_handle *h, const char *table,
|
|
|
3a00e5 |
if (!cmd)
|
|
|
3a00e5 |
return 0;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
- cmd->policy = strdup(policy);
|
|
|
3a00e5 |
+ cmd->policy = xtables_strdup(policy);
|
|
|
3a00e5 |
|
|
|
3a00e5 |
nft_cache_level_set(h, NFT_CL_RULES, cmd);
|
|
|
3a00e5 |
|
|
|
3a00e5 |
diff --git a/iptables/xshared.c b/iptables/xshared.c
|
|
|
3a00e5 |
index 9a1f465a5a6d3..4027d9240215e 100644
|
|
|
3a00e5 |
--- a/iptables/xshared.c
|
|
|
3a00e5 |
+++ b/iptables/xshared.c
|
|
|
3a00e5 |
@@ -435,7 +435,7 @@ void add_argv(struct argv_store *store, const char *what, int quoted)
|
|
|
3a00e5 |
xtables_error(PARAMETER_PROBLEM,
|
|
|
3a00e5 |
"Trying to store NULL argument\n");
|
|
|
3a00e5 |
|
|
|
3a00e5 |
- store->argv[store->argc] = strdup(what);
|
|
|
3a00e5 |
+ store->argv[store->argc] = xtables_strdup(what);
|
|
|
3a00e5 |
store->argvattr[store->argc] = quoted;
|
|
|
3a00e5 |
store->argv[++store->argc] = NULL;
|
|
|
3a00e5 |
}
|
|
|
3a00e5 |
diff --git a/libxtables/xtables.c b/libxtables/xtables.c
|
|
|
3a00e5 |
index 6947441fec659..1931e3896262a 100644
|
|
|
3a00e5 |
--- a/libxtables/xtables.c
|
|
|
3a00e5 |
+++ b/libxtables/xtables.c
|
|
|
3a00e5 |
@@ -368,6 +368,18 @@ void *xtables_realloc(void *ptr, size_t size)
|
|
|
3a00e5 |
return p;
|
|
|
3a00e5 |
}
|
|
|
3a00e5 |
|
|
|
3a00e5 |
+char *xtables_strdup(const char *s)
|
|
|
3a00e5 |
+{
|
|
|
3a00e5 |
+ char *dup = strdup(s);
|
|
|
3a00e5 |
+
|
|
|
3a00e5 |
+ if (!dup) {
|
|
|
3a00e5 |
+ perror("ip[6]tables: strdup failed");
|
|
|
3a00e5 |
+ exit(1);
|
|
|
3a00e5 |
+ }
|
|
|
3a00e5 |
+
|
|
|
3a00e5 |
+ return dup;
|
|
|
3a00e5 |
+}
|
|
|
3a00e5 |
+
|
|
|
3a00e5 |
static char *get_modprobe(void)
|
|
|
3a00e5 |
{
|
|
|
3a00e5 |
int procfile;
|
|
|
3a00e5 |
diff --git a/libxtables/xtoptions.c b/libxtables/xtoptions.c
|
|
|
3a00e5 |
index 0dcdf607f4678..9d3ac5c8066cb 100644
|
|
|
3a00e5 |
--- a/libxtables/xtoptions.c
|
|
|
3a00e5 |
+++ b/libxtables/xtoptions.c
|
|
|
3a00e5 |
@@ -604,9 +604,7 @@ static void xtopt_parse_mport(struct xt_option_call *cb)
|
|
|
3a00e5 |
unsigned int maxiter;
|
|
|
3a00e5 |
int value;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
- wp_arg = lo_arg = strdup(cb->arg);
|
|
|
3a00e5 |
- if (lo_arg == NULL)
|
|
|
3a00e5 |
- xt_params->exit_err(RESOURCE_PROBLEM, "strdup");
|
|
|
3a00e5 |
+ wp_arg = lo_arg = xtables_strdup(cb->arg);
|
|
|
3a00e5 |
|
|
|
3a00e5 |
maxiter = entry->size / esize;
|
|
|
3a00e5 |
if (maxiter == 0)
|
|
|
3a00e5 |
@@ -747,9 +745,7 @@ static void xtopt_parse_hostmask(struct xt_option_call *cb)
|
|
|
3a00e5 |
xtopt_parse_host(cb);
|
|
|
3a00e5 |
return;
|
|
|
3a00e5 |
}
|
|
|
3a00e5 |
- work = strdup(orig_arg);
|
|
|
3a00e5 |
- if (work == NULL)
|
|
|
3a00e5 |
- xt_params->exit_err(PARAMETER_PROBLEM, "strdup");
|
|
|
3a00e5 |
+ work = xtables_strdup(orig_arg);
|
|
|
3a00e5 |
p = strchr(work, '/'); /* by def this can't be NULL now */
|
|
|
3a00e5 |
*p++ = '\0';
|
|
|
3a00e5 |
/*
|
|
|
3a00e5 |
@@ -1139,11 +1135,7 @@ struct xtables_lmap *xtables_lmap_init(const char *file)
|
|
|
3a00e5 |
goto out;
|
|
|
3a00e5 |
}
|
|
|
3a00e5 |
lmap_this->id = id;
|
|
|
3a00e5 |
- lmap_this->name = strdup(cur);
|
|
|
3a00e5 |
- if (lmap_this->name == NULL) {
|
|
|
3a00e5 |
- free(lmap_this);
|
|
|
3a00e5 |
- goto out;
|
|
|
3a00e5 |
- }
|
|
|
3a00e5 |
+ lmap_this->name = xtables_strdup(cur);
|
|
|
3a00e5 |
lmap_this->next = NULL;
|
|
|
3a00e5 |
|
|
|
3a00e5 |
if (lmap_prev != NULL)
|
|
|
3a00e5 |
--
|
|
|
3a00e5 |
2.31.1
|
|
|
3a00e5 |
|