Add missing memory allocation failure checks.

Inspired by GitHub PR #221
2022-12-15 09:30:49 -07:00
parent e706204f5f
commit 0e6482e827
2 changed files with 26 additions and 7 deletions
--- a/plugins/python/regress/iohelpers.c
+++ b/plugins/python/regress/iohelpers.c
@@ -140,11 +140,14 @@ str_array_snprint(char *out_str, size_t max_len, char **str_array, int array_len
 char *
 str_replaced(const char *source, size_t dest_len, const char *old, const char *new)
 {
-    char *result = calloc(1, dest_len);
+    char *result = malloc(dest_len);
    char *dest = result;
    char *pos = NULL;
    size_t old_len = strlen(old);

+    if (result == NULL)
+        return NULL;
+
    while ((pos = strstr(source, old)) != NULL) {
        size_t len = snprintf(dest, dest_len,
            "%.*s%s", (int)(pos - source), source, new);
@@ -170,6 +173,8 @@ void
 str_replace_in_place(char *string, size_t max_length, const char *old, const char *new)
 {
    char *replaced = str_replaced(string, max_length, old, new);
+    if (replaced != NULL) {
        strlcpy(string, replaced, max_length);
        free(replaced);
+    }
 }
--- a/plugins/python/regress/testhelpers.c
+++ b/plugins/python/regress/testhelpers.c
@@ -93,10 +93,22 @@ create_str_array(size_t count, ...)

    va_start(args, count);

-    char ** result = calloc(count, sizeof(char *));
+    char **result = calloc(count, sizeof(char *));
+    if (result != NULL) {
        for (size_t i = 0; i < count; ++i) {
            const char *str = va_arg(args, char *);
-        result[i] = (str == NULL ? NULL : strdup(str));
+            if (str != NULL) {
+                result[i] = strdup(str);
+                if (result[i] == NULL) {
+                    while (i > 0) {
+                        free(result[--i]);
+                    }
+                    free(result);
+                    result = NULL;
+                    break;
+                }
+            }
+        }
    }

    va_end(args);
@@ -164,6 +176,8 @@ fake_conversation(int num_msgs, const struct sudo_conv_message msgs[],
            return 1; // simulates user interruption (conversation error)

        replies[i].reply = strdup(data.conv_replies[i]);
+        if (replies[i].reply == NULL)
+            return 1; // memory allocation error
    }

    return 0; // simulate user answered just fine