From 154c00e1a480d2bac7e8aba3b13888eb909f8e7f Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Fri, 24 Jan 2014 23:53:09 +0000 Subject: Fix gratuitous use of strdup and x_strdup There is no need to copy strings passed as arguments to execve, the only potentially noticeable effect of using strdup/x_strdup would be a malformed argument list in case of memory allocation error. Also, x_strdup, being a thin wrapper around strdup, is of no benefit when its argument is known to be non-NULL, and should not be used in such cases. * modules/pam_cracklib/pam_cracklib.c (password_check): Use strdup instead of x_strdup, the latter is of no benefit in this case. * modules/pam_ftp/pam_ftp.c (lookup): Likewise. * modules/pam_userdb/pam_userdb.c (user_lookup): Likewise. * modules/pam_userdb/pam_userdb.h (x_strdup): Remove. * modules/pam_mkhomedir/pam_mkhomedir.c (create_homedir): Do not use x_strdup for strings passed as arguments to execve. * modules/pam_unix/pam_unix_acct.c (_unix_run_verify_binary): Likewise. * modules/pam_unix/pam_unix_passwd.c (_unix_run_update_binary): Likewise. * modules/pam_unix/support.c (_unix_run_helper_binary): Likewise. (_unix_verify_password): Use strdup instead of x_strdup, the latter is of no benefit in this case. * modules/pam_xauth/pam_xauth.c (run_coprocess): Do not use strdup for strings passed as arguments to execv. --- modules/pam_xauth/pam_xauth.c | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) (limited to 'modules/pam_xauth') diff --git a/modules/pam_xauth/pam_xauth.c b/modules/pam_xauth/pam_xauth.c index e1c00646..70755475 100644 --- a/modules/pam_xauth/pam_xauth.c +++ b/modules/pam_xauth/pam_xauth.c @@ -127,8 +127,7 @@ run_coprocess(pam_handle_t *pamh, const char *input, char **output, if (child == 0) { /* We're the child. */ size_t j; - char *args[10]; - const char *tmp; + const char *args[10]; int maxopened; /* Drop privileges. */ if (setgid(gid) == -1) @@ -166,16 +165,15 @@ run_coprocess(pam_handle_t *pamh, const char *input, char **output, } /* Convert the varargs list into a regular array of strings. */ va_start(ap, command); - args[0] = strdup(command); + args[0] = command; for (j = 1; j < ((sizeof(args) / sizeof(args[0])) - 1); j++) { - tmp = va_arg(ap, const char*); - if (tmp == NULL) { + args[j] = va_arg(ap, const char*); + if (args[j] == NULL) { break; } - args[j] = strdup(tmp); } /* Run the command. */ - execv(command, args); + execv(command, (char *const *) args); /* Never reached. */ _exit(1); } -- cgit v1.2.3