Re: acme-client calloc fix
Matthew Martin wrote:
> On Wed, Jan 22, 2020 at 12:44:18AM -0500, Ted Unangst wrote:
> > should not size the size until the allocation succeeds, or the free path
> > will
> > try to deref the null array.
> >
> >
> > Index: json.c
> > ===
> > RCS file: /home/cvs/src/usr.sbin/acme-client/json.c,v
> > retrieving revision 1.14
> > diff -u -p -r1.14 json.c
> > --- json.c 18 Jun 2019 18:50:07 - 1.14
> > +++ json.c 22 Jan 2020 05:37:59 -
> > @@ -459,12 +459,13 @@ json_parse_order(struct jsmnn *n, struct
> > if ((array = json_getarray(n, "authorizations")) == NULL)
> > goto err;
> >
> > - if ((order->authsz = array->fields) > 0) {
> > + if (array->fields > 0) {
> > order->auths = calloc(sizeof(*order->auths), order->authsz);
>
> Shouldn't the second argument be switched to array->fields to maintain
> the same behavior?
thanks!
Re: acme-client calloc fix
oops, no kidding, otherwise it is the older value.
Matthew Martin wrote:
> On Wed, Jan 22, 2020 at 12:44:18AM -0500, Ted Unangst wrote:
> > should not size the size until the allocation succeeds, or the free path
> > will
> > try to deref the null array.
> >
> >
> > Index: json.c
> > ===
> > RCS file: /home/cvs/src/usr.sbin/acme-client/json.c,v
> > retrieving revision 1.14
> > diff -u -p -r1.14 json.c
> > --- json.c 18 Jun 2019 18:50:07 - 1.14
> > +++ json.c 22 Jan 2020 05:37:59 -
> > @@ -459,12 +459,13 @@ json_parse_order(struct jsmnn *n, struct
> > if ((array = json_getarray(n, "authorizations")) == NULL)
> > goto err;
> >
> > - if ((order->authsz = array->fields) > 0) {
> > + if (array->fields > 0) {
> > order->auths = calloc(sizeof(*order->auths), order->authsz);
>
> Shouldn't the second argument be switched to array->fields to maintain
> the same behavior?
>
> > if (order->auths == NULL) {
> > warn("malloc");
> > goto err;
> > }
> > + order->authsz = array->fields;
> > }
> >
> > for (i = 0; i < array->fields; i++) {
> >
>
Re: acme-client calloc fix
On Wed, Jan 22, 2020 at 12:44:18AM -0500, Ted Unangst wrote:
> should not size the size until the allocation succeeds, or the free path will
> try to deref the null array.
>
>
> Index: json.c
> ===
> RCS file: /home/cvs/src/usr.sbin/acme-client/json.c,v
> retrieving revision 1.14
> diff -u -p -r1.14 json.c
> --- json.c18 Jun 2019 18:50:07 - 1.14
> +++ json.c22 Jan 2020 05:37:59 -
> @@ -459,12 +459,13 @@ json_parse_order(struct jsmnn *n, struct
> if ((array = json_getarray(n, "authorizations")) == NULL)
> goto err;
>
> - if ((order->authsz = array->fields) > 0) {
> + if (array->fields > 0) {
> order->auths = calloc(sizeof(*order->auths), order->authsz);
Shouldn't the second argument be switched to array->fields to maintain
the same behavior?
> if (order->auths == NULL) {
> warn("malloc");
> goto err;
> }
> + order->authsz = array->fields;
> }
>
> for (i = 0; i < array->fields; i++) {
>
acme-client calloc fix
should not size the size until the allocation succeeds, or the free path will
try to deref the null array.
Index: json.c
===
RCS file: /home/cvs/src/usr.sbin/acme-client/json.c,v
retrieving revision 1.14
diff -u -p -r1.14 json.c
--- json.c 18 Jun 2019 18:50:07 - 1.14
+++ json.c 22 Jan 2020 05:37:59 -
@@ -459,12 +459,13 @@ json_parse_order(struct jsmnn *n, struct
if ((array = json_getarray(n, "authorizations")) == NULL)
goto err;
- if ((order->authsz = array->fields) > 0) {
+ if (array->fields > 0) {
order->auths = calloc(sizeof(*order->auths), order->authsz);
if (order->auths == NULL) {
warn("malloc");
goto err;
}
+ order->authsz = array->fields;
}
for (i = 0; i < array->fields; i++) {
