From 154c00e1a480d2bac7e8aba3b13888eb909f8e7f Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Fri, 24 Jan 2014 23:53:09 +0000 Subject: Fix gratuitous use of strdup and x_strdup There is no need to copy strings passed as arguments to execve, the only potentially noticeable effect of using strdup/x_strdup would be a malformed argument list in case of memory allocation error. Also, x_strdup, being a thin wrapper around strdup, is of no benefit when its argument is known to be non-NULL, and should not be used in such cases. * modules/pam_cracklib/pam_cracklib.c (password_check): Use strdup instead of x_strdup, the latter is of no benefit in this case. * modules/pam_ftp/pam_ftp.c (lookup): Likewise. * modules/pam_userdb/pam_userdb.c (user_lookup): Likewise. * modules/pam_userdb/pam_userdb.h (x_strdup): Remove. * modules/pam_mkhomedir/pam_mkhomedir.c (create_homedir): Do not use x_strdup for strings passed as arguments to execve. * modules/pam_unix/pam_unix_acct.c (_unix_run_verify_binary): Likewise. * modules/pam_unix/pam_unix_passwd.c (_unix_run_update_binary): Likewise. * modules/pam_unix/support.c (_unix_run_helper_binary): Likewise. (_unix_verify_password): Use strdup instead of x_strdup, the latter is of no benefit in this case. * modules/pam_xauth/pam_xauth.c (run_coprocess): Do not use strdup for strings passed as arguments to execv. --- modules/pam_unix/support.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'modules/pam_unix/support.c') diff --git a/modules/pam_unix/support.c b/modules/pam_unix/support.c index 19d72e66..3a849c81 100644 --- a/modules/pam_unix/support.c +++ b/modules/pam_unix/support.c @@ -567,7 +567,7 @@ static int _unix_run_helper_binary(pam_handle_t *pamh, const char *passwd, int i=0; struct rlimit rlim; static char *envp[] = { NULL }; - char *args[] = { NULL, NULL, NULL, NULL }; + const char *args[] = { NULL, NULL, NULL, NULL }; /* XXX - should really tidy up PAM here too */ @@ -593,15 +593,15 @@ static int _unix_run_helper_binary(pam_handle_t *pamh, const char *passwd, } /* exec binary helper */ - args[0] = strdup(CHKPWD_HELPER); - args[1] = x_strdup(user); + args[0] = CHKPWD_HELPER; + args[1] = user; if (off(UNIX__NONULL, ctrl)) { /* this means we've succeeded */ - args[2]=strdup("nullok"); + args[2]="nullok"; } else { - args[2]=strdup("nonull"); + args[2]="nonull"; } - execve(CHKPWD_HELPER, args, envp); + execve(CHKPWD_HELPER, (char *const *) args, envp); /* should not get here: exit with error */ D(("helper binary is not available")); @@ -788,10 +788,10 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name login_name = ""; } - new->user = x_strdup(name ? name : ""); + new->user = strdup(name ? name : ""); new->uid = getuid(); new->euid = geteuid(); - new->name = x_strdup(login_name); + new->name = strdup(login_name); /* any previous failures for this user ? */ if (pam_get_data(pamh, data_name, &void_old) -- cgit v1.2.3