strdup() is much better used. Its functionality is simpler, and its behavior much better understood by most people.
There are only two places with a strdup without checking the result: gs2200m.c, line 3503 nxffs_pack.c, line 1092 Either the original author forgot it, or it doesn't matter? There are also some cases in the `tools` directory, but these are less important. The worst thing that can happen is the build to fail, not having a system crash... On Wed, Mar 29, 2023 at 6:34 PM Fotis Panagiotopoulos <f.j.pa...@gmail.com> wrote: > > strdup? > > Thanks, I will check this too. > > I went through all the asprintf calls in the list. > These are the ones that actually need to be fixed. > Everything else is properly checked. > > drivers/net/telnet.c > 698: ret = asprintf(&devpath, TELNET_DEVFMT, priv->td_minor); > > libs/libc/uuid/lib_uuid_to_string.c > 66: c = asprintf(s, > > libs/libc/stdio/lib_tempnam.c > 78: asprintf(&template, "%s/%s-XXXXXX", dir, pfx); > > tools/kconfig2html.c > 2295: asprintf(&dirpath, "%s/%s%s%s", > 2300: asprintf(&dirpath, "%s/%s", > g_kconfigroot, subdir); > 2435: asprintf(&kconfigpath, "%s/%s", kconfigdir, kconfigname); > > tools/gencromfs.c > 1114: ret = asprintf(&path, "%s/%s", dirpath, name); > 1144: ret = asprintf(&path, "%s/%s", dirpath, name); > > fs/vfs/fs_dir.c > 603: asprintf(&dir->fd_path, "%s%s/", path_prefix, relpath); > > fs/vfs/fs_rename.c > 131: asprintf(&subdir, "%s/%s", newpath, subdirname); > 372: asprintf(&subdir, "%s/%s", newrelpath, > > fs/inode/fs_inodesearch.c > 356: asprintf(&buffer, > 484: asprintf(&desc->buffer, "%s/%s", _inode_getcwd(), desc->path); > > > Specifically the telnet.c one, does check the return code, but it proceeds > nevertheless instead of aborting. > The function ends up doing half of the job it was supposed to do. Is this > OK here? > > Specifically the call in lib_uuid_to_string, indeed checks the result. > But I cannot understand what needs to be done to `s`. > What does the standard specify? Shall we set it to NULL in case of error? > Or is it undefined? > > > On Wed, Mar 29, 2023 at 4:12 PM Gregory Nutt <spudan...@gmail.com> wrote: > >> >> > I can do that. Apart from asprintf() and vasprintf(), is anyone aware of >> > any other similarly suspicious functions to check? >> >> strdup? >> >> >>
