diff options
| author | Andre Heinecke <[email protected]> | 2018-08-08 12:25:28 +0000 | 
|---|---|---|
| committer | Andre Heinecke <[email protected]> | 2018-08-08 12:25:28 +0000 | 
| commit | fdc07b3ddc2f68e6fcb33703ea41126d0a841290 (patch) | |
| tree | 9063ea454950ec79c8314a6def9a10307e8dab3b | |
| parent | json: Add checks when skipping byte (diff) | |
| download | gpgme-fdc07b3ddc2f68e6fcb33703ea41126d0a841290.tar.gz gpgme-fdc07b3ddc2f68e6fcb33703ea41126d0a841290.zip | |
json: Only use calloc instead of malloc
* src/cJSON.c, src/gpgme-json.c (CALLOC_ONLY): New define
to change xmalloc / xtrymalloc to use calloc.
--
Some people consider malloc dangerous as it might allow an
information leak.
| -rw-r--r-- | src/cJSON.c | 26 | ||||
| -rw-r--r-- | src/gpgme-json.c | 21 | 
2 files changed, 39 insertions, 8 deletions
| diff --git a/src/cJSON.c b/src/cJSON.c index eea1adf0..4da03ccc 100644 --- a/src/cJSON.c +++ b/src/cJSON.c @@ -45,20 +45,42 @@  #include <ctype.h>  #include <errno.h> +#include <gpg-error.h> +  #include "cJSON.h" +/* Only use calloc. */ +#define CALLOC_ONLY 1 + +/* To avoid that a compiler optimizes certain memset calls away, these +   macros may be used instead. */ +#define wipememory2(_ptr,_set,_len) do { \ +        volatile char *_vptr=(volatile char *)(_ptr); \ +        size_t _vlen=(_len); \ +        while(_vlen) { *_vptr=(_set); _vptr++; _vlen--; } \ +    } while(0) +#define wipememory(_ptr,_len) wipememory2(_ptr,0,_len) +  /* We use malloc function wrappers from gpgrt (aka libgpg-error).  */  #if GPGRT_VERSION_NUMBER >= 0x011c00 /* 1.28 */  # include <gpgrt.h> -# define xtrymalloc(a)   gpgrt_malloc ((a))  # define xtrycalloc(a,b) gpgrt_calloc ((a), (b))  # define xtrystrdup(a)   gpgrt_strdup ((a))  # define xfree(a)        gpgrt_free ((a)) +# if CALLOC_ONLY +#  define xtrymalloc(a)  gpgrt_calloc (1, (a)) +# else +#  define xtrymalloc(a)  gpgrt_malloc ((a)) +# endif  #else /* Without gpgrt (aka libgpg-error).  */ -# define xtrymalloc(a)   malloc ((a))  # define xtrycalloc(a,b) calloc ((a), (b))  # define xtrystrdup(a)   strdup ((a))  # define xfree(a)        free ((a)) +# if CALLOC_ONLY +#  define xtrymalloc(a)  calloc (1, (a)) +# else +#  define xtrymalloc(a)  malloc ((a)) +# endif  #endif diff --git a/src/gpgme-json.c b/src/gpgme-json.c index 9cae944c..5a9b9cf7 100644 --- a/src/gpgme-json.c +++ b/src/gpgme-json.c @@ -87,13 +87,7 @@ static struct   * Helper functions and macros   */ -#define xtrymalloc(a)  gpgrt_malloc ((a))  #define xtrystrdup(a)  gpgrt_strdup ((a)) -#define xmalloc(a) ({                           \ -      void *_r = gpgrt_malloc ((a));            \ -      if (!_r)                                  \ -        xoutofcore ("malloc");                  \ -      _r; })  #define xcalloc(a,b) ({                         \        void *_r = gpgrt_calloc ((a), (b));       \        if (!_r)                                  \ @@ -111,6 +105,21 @@ static struct        _r; })  #define xfree(a) gpgrt_free ((a)) +/* Only use calloc. */ +#define CALLOC_ONLY 1 + +#if CALLOC_ONLY +#define xtrymalloc(a)  gpgrt_calloc (1, (a)) +#define xmalloc(a) xcalloc(1, (a)) +#else +#define xtrymalloc(a)  gpgrt_malloc ((a)) +#define xmalloc(a) ({                           \ +      void *_r = gpgrt_malloc ((a));            \ +      if (!_r)                                  \ +        xoutofcore ("malloc");                  \ +      _r; }) +#endif +  #define spacep(p)   (*(p) == ' ' || *(p) == '\t')  #ifndef HAVE_STPCPY | 
