This is an automated email from the ASF dual-hosted git repository. linguini1 pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/nuttx-apps.git
commit c44f9a0556aef8cc7d9e50c5e4a86a41b26e143f Author: Nightt <[email protected]> AuthorDate: Sat May 23 10:23:47 2026 +0800 apps: Fix unchecked strdup()/asprintf() as requested in #1727 Add missing failure handling for direct strdup() and asprintf() calls where the allocated result is consumed locally before any NULL/error check. This keeps the scope to the functions named in #1727 and avoids changing pass-through return sites where callers already receive NULL on allocation failure. Signed-off-by: Nightt <[email protected]> --- .codespell-ignore-lines | 2 ++ examples/mount/mount_main.c | 7 +++++++ examples/romfs/romfs_main.c | 6 ++++++ netutils/chat/chat.c | 42 ++++++++++++++++++++++---------------- netutils/ftpc/ftpc_connect.c | 5 +++++ netutils/ftpc/ftpc_listdir.c | 12 +++++++++++ netutils/ftpc/ftpc_login.c | 4 ++++ netutils/ftpd/ftpd.c | 33 ++++++++++++++++++++++++++++++ netutils/webserver/httpd_dirlist.c | 6 +++++- nshlib/nsh_envcmds.c | 22 ++++++++++++++++++++ nshlib/nsh_netcmds.c | 6 ++++++ system/telnet/telnet_chatd.c | 9 +++++++- 12 files changed, 134 insertions(+), 20 deletions(-) diff --git a/.codespell-ignore-lines b/.codespell-ignore-lines index 45628423d..b001b6343 100644 --- a/.codespell-ignore-lines +++ b/.codespell-ignore-lines @@ -6,3 +6,5 @@ object = new Controlse::CCertificate( Controlse::CCertificate cert(se, settings->key_id); auto certificate = Controlse::CCertificate( + * |---------- [-rw-r--r-- 15] afile.txt + g_afile.name = "afile.txt"; diff --git a/examples/mount/mount_main.c b/examples/mount/mount_main.c index c2b4e45b4..e42f0d88b 100644 --- a/examples/mount/mount_main.c +++ b/examples/mount/mount_main.c @@ -217,6 +217,13 @@ static void show_directories(const char *path, int indent) snprintf(g_namebuffer, sizeof(g_namebuffer), "%s/%s", path, direntry->d_name); subdir = strdup(g_namebuffer); + if (subdir == NULL) + { + printf("show_directories: ERROR out of memory\n"); + g_nerrors++; + continue; + } + show_directories(subdir, indent + 1); free(subdir); } diff --git a/examples/romfs/romfs_main.c b/examples/romfs/romfs_main.c index fa957bbd7..7a7395503 100644 --- a/examples/romfs/romfs_main.c +++ b/examples/romfs/romfs_main.c @@ -394,6 +394,12 @@ static void readdirectories(const char *path, struct node_s *entry) snprintf(g_scratchbuffer, sizeof(g_scratchbuffer), "%s/%s", path, direntry->d_name); fullpath = strdup(g_scratchbuffer); + if (fullpath == NULL) + { + printf(" ERROR: Out of memory\n"); + g_nerrors++; + continue; + } if (DIRENT_ISDIRECTORY(direntry->d_type)) { diff --git a/netutils/chat/chat.c b/netutils/chat/chat.c index c1af84ae8..94f79c500 100644 --- a/netutils/chat/chat.c +++ b/netutils/chat/chat.c @@ -108,6 +108,8 @@ static int chat_tokenise(FAR struct chat *priv, int tok_on_delimiter(void) { + FAR struct chat_token *newtok; + if (!tok_pos && !quoted && !no_termin) { /* a) the first character in the script is a delimiter or @@ -122,9 +124,29 @@ static int chat_tokenise(FAR struct chat *priv, /* Terminate the temporary */ tok_str[tok_pos] = '\0'; + newtok = malloc(sizeof(struct chat_token)); + if (newtok == NULL) + { + /* out of memory */ + + return -ENOMEM; + } + + /* Copy the temporary */ + + newtok->string = strdup(tok_str); + if (newtok->string == NULL) + { + free(newtok); + return -ENOMEM; + } + + newtok->no_termin = no_termin; + newtok->next = NULL; + if (tok) { - tok->next = malloc(sizeof(struct chat_token)); + tok->next = newtok; /* The terminated token becomes previous */ @@ -134,26 +156,10 @@ static int chat_tokenise(FAR struct chat *priv, { /* There was no previous token */ - *first_tok = malloc(sizeof(struct chat_token)); + *first_tok = newtok; tok = *first_tok; } - if (!tok) - { - /* out of memory */ - - return -ENOMEM; - } - - /* Copy the temporary */ - - tok->string = strdup(tok_str); - tok->no_termin = no_termin; - - /* Initialize the next token */ - - tok->next = NULL; - /* Reset the buffer position */ tok_pos = 0; diff --git a/netutils/ftpc/ftpc_connect.c b/netutils/ftpc/ftpc_connect.c index 61defa614..f28c40b61 100644 --- a/netutils/ftpc/ftpc_connect.c +++ b/netutils/ftpc/ftpc_connect.c @@ -108,6 +108,11 @@ SESSION ftpc_connect(FAR union ftpc_sockaddr_u *server) */ session->homeldir = strdup(ftpc_lpwd()); + if (session->homeldir == NULL) + { + nerr("ERROR: Failed to allocate local home directory\n"); + goto errout_with_alloc; + } /* And (Re-)connect to the server */ diff --git a/netutils/ftpc/ftpc_listdir.c b/netutils/ftpc/ftpc_listdir.c index 02947ad5c..01ef7dd3a 100644 --- a/netutils/ftpc/ftpc_listdir.c +++ b/netutils/ftpc/ftpc_listdir.c @@ -257,6 +257,7 @@ FAR struct ftpc_dirlist_s *ftpc_listdir(SESSION handle, FAR char *tmpfname; bool iscurrdir; unsigned int nnames; + unsigned int i; int allocsize; int ret; @@ -365,6 +366,17 @@ FAR struct ftpc_dirlist_s *ftpc_listdir(SESSION handle, ftpc_nlstparse(filestream, ftpc_addname, dirlist); DEBUGASSERT(nnames == dirlist->nnames); + + for (i = 0; i < dirlist->nnames; i++) + { + if (dirlist->name[i] == NULL) + { + nerr("ERROR: Failed to allocate directory name\n"); + ftpc_dirfree(dirlist); + dirlist = NULL; + break; + } + } } errout: diff --git a/netutils/ftpc/ftpc_login.c b/netutils/ftpc/ftpc_login.c index 4ee477e00..80a97044a 100644 --- a/netutils/ftpc/ftpc_login.c +++ b/netutils/ftpc/ftpc_login.c @@ -172,6 +172,10 @@ int ftpc_relogin(FAR struct ftpc_session_s *session) if (session->homerdir != NULL) { session->currdir = strdup(session->homerdir); + if (session->currdir == NULL) + { + return -ENOMEM; + } } /* If the user has requested a special start up directory, then change to diff --git a/netutils/ftpd/ftpd.c b/netutils/ftpd/ftpd.c index ded7484d7..c62d9ca73 100644 --- a/netutils/ftpd/ftpd.c +++ b/netutils/ftpd/ftpd.c @@ -627,6 +627,11 @@ static bool ftpd_account_login(FAR struct ftpd_session_s *session, if (account->home != NULL) { home = strdup(account->home); + if (home == NULL) + { + ftpd_account_free(account); + return false; + } } flags = account->flags; @@ -645,6 +650,11 @@ static bool ftpd_account_login(FAR struct ftpd_session_s *session, { home = strdup(home); } + + if (home == NULL) + { + return false; + } } if ((flags & FTPD_ACCOUNTFLAG_ADMIN) != 0) @@ -652,6 +662,12 @@ static bool ftpd_account_login(FAR struct ftpd_session_s *session, /* admin user */ session->home = strdup("/"); + if (session->home == NULL) + { + free(home); + return false; + } + session->work = home; } else @@ -660,6 +676,12 @@ static bool ftpd_account_login(FAR struct ftpd_session_s *session, session->home = home; session->work = strdup("/"); + if (session->work == NULL) + { + free(home); + session->home = NULL; + return false; + } } return true; @@ -2517,6 +2539,17 @@ static int ftpd_command_user(FAR struct ftpd_session_s *session) session->loggedin = false; session->home = strdup(home == NULL ? "/" : home); session->work = strdup("/"); + if (session->home == NULL || session->work == NULL) + { + free(session->home); + free(session->work); + session->home = NULL; + session->work = NULL; + + return ftpd_response(session->cmd.sd, session->txtimeout, + g_respfmt1, 451, ' ', + "Memory exhausted !"); + } return ftpd_response(session->cmd.sd, session->txtimeout, g_respfmt1, 230, ' ', "Login successful."); diff --git a/netutils/webserver/httpd_dirlist.c b/netutils/webserver/httpd_dirlist.c index 6dda65286..b77d68e4e 100644 --- a/netutils/webserver/httpd_dirlist.c +++ b/netutils/webserver/httpd_dirlist.c @@ -196,7 +196,11 @@ ssize_t httpd_dirlist(int outfd, FAR struct httpd_fs_file *file) } ret = asprintf(&path, "%s/%s", file->path, dent->d_name); - ASSERT(ret > 0 && path); + if (ret < 0 || path == NULL) + { + nerr("ERROR: asprintf failed\n"); + break; + } /* call stat() to obtain modified time and size */ diff --git a/nshlib/nsh_envcmds.c b/nshlib/nsh_envcmds.c index d2378bb38..442d6b2ba 100644 --- a/nshlib/nsh_envcmds.c +++ b/nshlib/nsh_envcmds.c @@ -257,17 +257,38 @@ int cmd_cd(FAR struct nsh_vtbl_s *vtbl, int argc, FAR char **argv) else if (strcmp(path, "-") == 0) { alloc = strdup(nsh_getwd(g_oldpwd)); + if (alloc == NULL) + { + nsh_error(vtbl, g_fmtcmdoutofmemory, argv[0]); + ret = ERROR; + goto errout; + } + path = alloc; } #endif else if (strcmp(path, "..") == 0) { alloc = strdup(nsh_getcwd(vtbl)); + if (alloc == NULL) + { + nsh_error(vtbl, g_fmtcmdoutofmemory, argv[0]); + ret = ERROR; + goto errout; + } + path = dirname(alloc); } else { fullpath = nsh_getfullpath(vtbl, path); + if (fullpath == NULL) + { + nsh_error(vtbl, g_fmtcmdoutofmemory, argv[0]); + ret = ERROR; + goto errout; + } + path = fullpath; } @@ -288,6 +309,7 @@ int cmd_cd(FAR struct nsh_vtbl_s *vtbl, int argc, FAR char **argv) /* Free any memory that was allocated */ +errout: if (alloc) { free(alloc); diff --git a/nshlib/nsh_netcmds.c b/nshlib/nsh_netcmds.c index 3171bdfbb..8e25c69a2 100644 --- a/nshlib/nsh_netcmds.c +++ b/nshlib/nsh_netcmds.c @@ -1555,6 +1555,12 @@ int cmd_wget(FAR struct nsh_vtbl_s *vtbl, int argc, FAR char **argv) if (localfile == NULL) { allocfile = strdup(url); + if (allocfile == NULL) + { + fmt = g_fmtcmdoutofmemory; + goto errout; + } + localfile = basename(allocfile); } diff --git a/system/telnet/telnet_chatd.c b/system/telnet/telnet_chatd.c index 5ab503092..582bda725 100644 --- a/system/telnet/telnet_chatd.c +++ b/system/telnet/telnet_chatd.c @@ -40,7 +40,7 @@ /* Leveraged from libtelnet, https://github.com/seanmiddleditch/libtelnet. * Modified and re-released under the BSD license. * - * The original authors of libtelnet are listed below. Per their licesne, + * The original authors of libtelnet are listed below. Per their license, * "The author or authors of this code dedicate any and all copyright * interest in this code to the public domain. We make this dedication for * the benefit of the public at large and to the detriment of our heirs and @@ -52,6 +52,7 @@ * (Also listed in the AUTHORS file are Jack Kelly <[email protected]> * and Katherine Flavel <[email protected]>) */ + /**************************************************************************** * Included Files ****************************************************************************/ @@ -254,6 +255,12 @@ static void _online(const char *line, int overflow, void *ud) /* Keep name */ user->name = strdup(line); + if (user->name == NULL) + { + telnet_printf(user->telnet, "Out of memory.\nEnter name: "); + return; + } + telnet_printf(user->telnet, "Welcome, %s!\n", line); return; }
