Change in libosmocore[master]: Fix incorrect buffer size calculation

Vadim Yanitskiy gerrit-no-reply at lists.osmocom.org
Fri Apr 12 14:58:28 UTC 2019


Vadim Yanitskiy has uploaded this change for review. ( https://gerrit.osmocom.org/13620


Change subject: Fix incorrect buffer size calculation
......................................................................

Fix incorrect buffer size calculation

Calling sizeof() on a pointer to dynamically allocated memory would
result in getting size of the pointer (usually 4 or 8 bytes) itself,
but not the size of allocated memory.

Change-Id: I8ffda4dea2b7f9b4b76dfeecad1fab6384c5a62c
Fixes: CID#197629, CID#197628, CID#197627
Fixes: CID#197626, CID#197625, CID#197624
---
M src/msgb.c
M src/socket.c
M src/utils.c
3 files changed, 16 insertions(+), 11 deletions(-)



  git pull ssh://gerrit.osmocom.org:29418/libosmocore refs/changes/20/13620/1

diff --git a/src/msgb.c b/src/msgb.c
index 5a154e5..940135f 100644
--- a/src/msgb.c
+++ b/src/msgb.c
@@ -522,10 +522,11 @@
  */
 char *msgb_hexdump_c(const void *ctx, const struct msgb *msg)
 {
-	char *buf = talloc_size(ctx, msgb_length(msg)*3 + 100);
+	size_t buf_len = msgb_length(msg) * 3 + 100;
+	char *buf = talloc_size(ctx, buf_len);
 	if (!buf)
 		return NULL;
-	return msgb_hexdump_buf(buf, sizeof(buf), msg);
+	return msgb_hexdump_buf(buf, buf_len, msg);
 }
 
 /*! Print a string to the end of message buffer.
diff --git a/src/socket.c b/src/socket.c
index c817e72..7c412b6 100644
--- a/src/socket.c
+++ b/src/socket.c
@@ -837,7 +837,7 @@
 	char *str = talloc_size(ctx, OSMO_SOCK_NAME_MAXLEN);
 	if (!str)
 		return NULL;
-	osmo_sock_get_name_buf(str, sizeof(str), fd);
+	osmo_sock_get_name_buf(str, OSMO_SOCK_NAME_MAXLEN, fd);
 	return str;
 }
 
diff --git a/src/utils.c b/src/utils.c
index 896e917..b66721e 100644
--- a/src/utils.c
+++ b/src/utils.c
@@ -351,10 +351,11 @@
  */
 char *osmo_hexdump_c(const void *ctx, const unsigned char *buf, int len)
 {
-	char *hexd_buff = talloc_size(ctx, len*3 + 1);
+	size_t hexd_buff_len = len * 3 + 1;
+	char *hexd_buff = talloc_size(ctx, hexd_buff_len);
 	if (!hexd_buff)
 		return NULL;
-	osmo_hexdump_buf(hexd_buff, sizeof(hexd_buff), buf, len, " ", true);
+	osmo_hexdump_buf(hexd_buff, hexd_buff_len, buf, len, " ", true);
 	return hexd_buff;
 }
 
@@ -389,10 +390,11 @@
  */
 char *osmo_hexdump_nospc_c(const void *ctx, const unsigned char *buf, int len)
 {
-	char *hexd_buff = talloc_size(ctx, len*2 + 1);
+	size_t hexd_buff_len = len * 2 + 1;
+	char *hexd_buff = talloc_size(ctx, hexd_buff_len);
 	if (!hexd_buff)
 		return NULL;
-	osmo_hexdump_buf(hexd_buff, sizeof(hexd_buff), buf, len, "", true);
+	osmo_hexdump_buf(hexd_buff, hexd_buff_len, buf, len, "", true);
 	return hexd_buff;
 }
 
@@ -908,10 +910,11 @@
  */
 char *osmo_str_tolower_c(const void *ctx, const char *src)
 {
-	char *buf = talloc_size(ctx, strlen(src)+1);
+	size_t buf_len = strlen(src) + 1;
+	char *buf = talloc_size(ctx, buf_len);
 	if (!buf)
 		return NULL;
-	osmo_str_tolower_buf(buf, sizeof(buf), src);
+	osmo_str_tolower_buf(buf, buf_len, src);
 	return buf;
 }
 
@@ -966,10 +969,11 @@
  */
 char *osmo_str_toupper_c(const void *ctx, const char *src)
 {
-	char *buf = talloc_size(ctx, strlen(src)+1);
+	size_t buf_len = strlen(src) + 1;
+	char *buf = talloc_size(ctx, buf_len);
 	if (!buf)
 		return NULL;
-	osmo_str_toupper_buf(buf, sizeof(buf), src);
+	osmo_str_toupper_buf(buf, buf_len, src);
 	return buf;
 }
 

-- 
To view, visit https://gerrit.osmocom.org/13620
To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings

Gerrit-Project: libosmocore
Gerrit-Branch: master
Gerrit-MessageType: newchange
Gerrit-Change-Id: I8ffda4dea2b7f9b4b76dfeecad1fab6384c5a62c
Gerrit-Change-Number: 13620
Gerrit-PatchSet: 1
Gerrit-Owner: Vadim Yanitskiy <axilirator at gmail.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osmocom.org/pipermail/gerrit-log/attachments/20190412/68228ad8/attachment.html>


More information about the gerrit-log mailing list