[PATCH] lib/boilerplate: Allow building with GCC 10.2

From: "florian.bezdeka@siemens.com" <florian.bezdeka@siemens.com>
To: "xenomai@xenomai.org" <xenomai@xenomai.org>
Subject: [PATCH] lib/boilerplate: Allow building with GCC 10.2
Date: Wed, 11 Nov 2020 14:59:40 +0000	[thread overview]
Message-ID: <20201111145926.104952-1-florian.bezdeka@siemens.com> (raw)

When trying to compile using GCC 10.2 the following warning / error
appeared:

iniparser/iniparser.c: In function ‘iniparser_load’:
iniparser/iniparser.c:616:13: error: ‘sprintf’ arguments 3, 4 may overlap destination object ‘buf’ [-Werror=restrict]
  616 |             sprintf(tmp, "%s:%s", section, key);
      |             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

According to POSIX and C99 standard using sprintf() on overlapping
buffers may lead to undefined behavior, so using a dedicated buffer for
the destination (first argument to sprintf) is necessary.

While at it:
 - Fixed some indentations
 - Fixed some error handling code paths
   Some resources were not properly cleaned up in error conditions
 - Fixed buffer initializations: The last bytes were never set to zero

Fixes: 67803dce543e ("lib/boilerplate: add iniparser to boilerplate")
Signed-off-by: Florian Bezdeka <florian.bezdeka@siemens.com>
---
 lib/boilerplate/iniparser/iniparser.c | 39 ++++++++++++++++++---------
 1 file changed, 27 insertions(+), 12 deletions(-)

diff --git a/lib/boilerplate/iniparser/iniparser.c b/lib/boilerplate/iniparser/iniparser.c
index 5b2094a00..b79f965a6 100644
--- a/lib/boilerplate/iniparser/iniparser.c
+++ b/lib/boilerplate/iniparser/iniparser.c
@@ -551,25 +551,37 @@ dictionary * iniparser_load(const char * ininame)
     dict = dictionary_new(0) ;
     if (!dict) {
         fclose(in);
-	errno = ENOMEM;
+        errno = ENOMEM;
         return NULL ;
     }
 
-    buf = malloc((ASCIILINESZ+1) * 5);
+    buf = malloc((ASCIILINESZ+1) * 4);
     if (buf == NULL) {
-	    errno = -ENOMEM;
-	    return NULL;
+            dictionary_del(dict);
+            fclose(in);
+            errno = ENOMEM;
+            return NULL;
     }
+
+    tmp = malloc(ASCIILINESZ + 1);
+    if (!tmp) {
+            free(buf);
+            dictionary_del(dict);
+            fclose(in);
+            errno = ENOMEM;
+            return NULL;
+    }
+
     line = buf;
     section = line + ASCIILINESZ + 1;
     key = section + ASCIILINESZ + 1;
-    tmp = key + ASCIILINESZ + 1;
-    val = tmp + ASCIILINESZ + 1;
+    val = key + ASCIILINESZ + 1;
 
-    memset(line,    0, ASCIILINESZ);
-    memset(section, 0, ASCIILINESZ);
-    memset(key,     0, ASCIILINESZ);
-    memset(val,     0, ASCIILINESZ);
+    memset(line,    0, ASCIILINESZ + 1);
+    memset(section, 0, ASCIILINESZ + 1);
+    memset(key,     0, ASCIILINESZ + 1);
+    memset(val,     0, ASCIILINESZ + 1);
+    memset(tmp,     0, ASCIILINESZ + 1);
     last=0 ;
 
     while (fgets(line+last, ASCIILINESZ-last, in)!=NULL) {
@@ -585,8 +597,9 @@ dictionary * iniparser_load(const char * ininame)
 #endif
             dictionary_del(dict);
             fclose(in);
-	    free(buf);
-	    errno = EINVAL;
+            free(buf);
+            free(tmp);
+            errno = EINVAL;
             return NULL ;
         }
         /* Get rid of \n and spaces at end of line */
@@ -613,6 +626,7 @@ dictionary * iniparser_load(const char * ininame)
             break ;
 
             case LINE_VALUE:
+            /* Already checked for overflows, see above */
             sprintf(tmp, "%s:%s", section, key);
             errs = dictionary_set(dict, tmp, val) ;
             break ;
@@ -642,6 +656,7 @@ dictionary * iniparser_load(const char * ininame)
     }
     fclose(in);
     free(buf);
+    free(tmp);
     if (errs) {
         dictionary_del(dict);
         dict = NULL ;
-- 
2.26.2
