The gcc 13 -Wanalyzer-possible-null-argument warning option reported a couple of bugs in GNU gettext. No false positives on this one. I can therefore highly recommend it.
One of the warnings is: gettext-tools/gnulib-lib/striconveha.c:339:7: warning: use of possibly-NULL 'to_codeset_suffixed' where non-null expected [CWE-690] Evidently there is a missing NULL check for the malloca() return value here, and elsewhere as well. I'm applying these two fixes. 2023-06-02 Bruno Haible <br...@clisp.org> striconveha: Don't crash if malloc() returns NULL. * lib/striconveha.c (mem_iconveha, str_iconveha): Check malloca() return value. 2023-06-02 Bruno Haible <br...@clisp.org> setenv: Don't crash if malloc() returns NULL. * lib/setenv.c (rpl_setenv): Check malloca() return value.
>From 6c9b59a9c20c1422346f74ae3cd558f3317deb6a Mon Sep 17 00:00:00 2001 From: Bruno Haible <br...@clisp.org> Date: Fri, 2 Jun 2023 20:11:36 +0200 Subject: [PATCH 1/6] setenv: Don't crash if malloc() returns NULL. * lib/setenv.c (rpl_setenv): Check malloca() return value. --- ChangeLog | 5 +++++ lib/setenv.c | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/ChangeLog b/ChangeLog index 869096eb41..48fe27441e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +2023-06-02 Bruno Haible <br...@clisp.org> + + setenv: Don't crash if malloc() returns NULL. + * lib/setenv.c (rpl_setenv): Check malloca() return value. + 2023-06-02 Bruno Haible <br...@clisp.org> error: Avoid implicit-fallthrough warnings with -O0 (regr. 2023-05-30). diff --git a/lib/setenv.c b/lib/setenv.c index f0b889969f..22b12fd018 100644 --- a/lib/setenv.c +++ b/lib/setenv.c @@ -375,6 +375,11 @@ rpl_setenv (const char *name, const char *value, int replace) int saved_errno; size_t len = strlen (value); tmp = malloca (len + 2); + if (tmp == NULL) + { + errno = ENOMEM; + return -1; + } /* Since leading '=' is eaten, double it up. */ *tmp = '='; memcpy (tmp + 1, value, len + 1); -- 2.34.1
>From fce9817d48c97339c3f66a92e72faba8e69d405c Mon Sep 17 00:00:00 2001 From: Bruno Haible <br...@clisp.org> Date: Fri, 2 Jun 2023 20:11:41 +0200 Subject: [PATCH 2/6] striconveha: Don't crash if malloc() returns NULL. * lib/striconveha.c (mem_iconveha, str_iconveha): Check malloca() return value. --- ChangeLog | 6 ++++++ lib/striconveha.c | 10 ++++++++++ 2 files changed, 16 insertions(+) diff --git a/ChangeLog b/ChangeLog index 48fe27441e..69e7f19cea 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +2023-06-02 Bruno Haible <br...@clisp.org> + + striconveha: Don't crash if malloc() returns NULL. + * lib/striconveha.c (mem_iconveha, str_iconveha): Check malloca() return + value. + 2023-06-02 Bruno Haible <br...@clisp.org> setenv: Don't crash if malloc() returns NULL. diff --git a/lib/striconveha.c b/lib/striconveha.c index ed88c84c19..f388c9f095 100644 --- a/lib/striconveha.c +++ b/lib/striconveha.c @@ -234,6 +234,11 @@ mem_iconveha (const char *src, size_t srclen, int retval; size_t len = strlen (to_codeset); char *to_codeset_suffixed = (char *) malloca (len + 10 + 1); + if (to_codeset_suffixed == NULL) + { + errno = ENOMEM; + return -1; + } memcpy (to_codeset_suffixed, to_codeset, len); memcpy (to_codeset_suffixed + len, "//TRANSLIT", 10 + 1); @@ -336,6 +341,11 @@ str_iconveha (const char *src, char *result; size_t len = strlen (to_codeset); char *to_codeset_suffixed = (char *) malloca (len + 10 + 1); + if (to_codeset_suffixed == NULL) + { + errno = ENOMEM; + return NULL; + } memcpy (to_codeset_suffixed, to_codeset, len); memcpy (to_codeset_suffixed + len, "//TRANSLIT", 10 + 1); -- 2.34.1