nightt5879 opened a new pull request, #3497: URL: https://github.com/apache/nuttx-apps/pull/3497
## Summary Refs #1727. This PR adds missing allocation-failure handling for selected `strdup()` and `asprintf()` call sites. Commit structure: - Commit 1 (`apps: Fix unchecked strdup()/asprintf() as requested in #1727`) fixes the direct `strdup()` / `asprintf()` cases requested in #1727 where the allocated result is used locally before a failure check. - Commit 2 (`netutils/thttpd: Apply the same check to related allocation sites`) applies the same check to `httpd_strdup()`, the thttpd-local wrapper around `strdup()`. The second commit is logically separable, happy to drop if out of scope. Scope notes: - The direct fixes cover app-owned call sites where failure would otherwise flow into immediate use, such as path splitting, directory list construction, login path setup, and web directory listing formatting. - The related extension is limited to `httpd_strdup()` because it has the same NULL-on-allocation-failure contract as `strdup()` and the caller used the result before checking it. - I did not expand this PR to `malloc()`, `calloc()`, `realloc()`, or other raw allocation APIs because #1727 specifically asks about `strdup()` / `asprintf()`, and covering all allocation APIs would broaden the review substantially. ## Impact No user-facing behavior change is intended except that low-memory paths now fail cleanly instead of using NULL allocation results. - New feature: NO - User adaptation required: NO - Build process change: NO - Hardware/architecture/board change: NO - Documentation update required: NO - Security impact: NO intended security impact; this improves low-memory failure handling. - Compatibility impact: NO intended compatibility impact. ## Testing Host: - Windows with WSL Ubuntu 24.04 - CPU: x86_64 - Compiler: GCC 13.3.0 Target: - `sim:nsh` Checks run: - `git diff --check upstream/master..HEAD` - `checkpatch.sh -c -u -m -g HEAD~2..HEAD` from a WSL temp clone with `codespell` / `cvt2utf` in a temporary venv - `./tools/configure.sh -a ../nuttx-apps-check-1727 sim:nsh` - `make -j$(nproc)` Results: - `git diff --check`: pass - `checkpatch.sh`: pass - `sim:nsh` build: pass; build completed and generated `nuttx.tgz` Note: the WSL temp build printed clock-skew warnings on `.config`; compilation and link completed successfully. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
