diff options
| author | Thomas Haller <thaller@redhat.com> | 2018-12-30 16:08:06 +0100 |
|---|---|---|
| committer | Thomas Haller <thaller@redhat.com> | 2019-01-02 11:25:56 +0100 |
| commit | abe848599f6e033b69dac724014128de3dd13c44 (patch) | |
| tree | 0d56874c08559686df6e0053e0144ffe60519fbc /libnm-core/nm-keyfile.c | |
| parent | cce3c0c63db39156c2dd8fd192231d388f17bbee (diff) | |
| download | NetworkManager-abe848599f6e033b69dac724014128de3dd13c44.tar.gz | |
keyfile: ensure array lengths are always initialized
Several callers access the length output argument, expecting
it to be zero also on failure. That is a bug, because glib does
not guarantee that.
Fix that by making a stronger promise from our wrappers: the output
argument should also be set on failure.
Also ensure that calls to g_keyfile_get_groups() and
g_keyfile_get_keys() don't rely on the length output to be valid,
when the function call fails.
Actually, these issues were not severe because:
- `g_key_file_get_*_list()`'s implementation always sets the output length
even on failure (undocumented).
- `g_key_file_get_groups()` cannot fail and always set the length.
- `g_key_file_get_keys()` is called under circumstances where it won't
fail.
Still, be explicit about it.
Diffstat (limited to 'libnm-core/nm-keyfile.c')
| -rw-r--r-- | libnm-core/nm-keyfile.c | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/libnm-core/nm-keyfile.c b/libnm-core/nm-keyfile.c index 161b2fd501..b3c4cdd53b 100644 --- a/libnm-core/nm-keyfile.c +++ b/libnm-core/nm-keyfile.c @@ -2723,6 +2723,8 @@ read_setting (KeyfileReaderInfo *info) gsize i, n_keys; keys = g_key_file_get_keys (info->keyfile, info->group, &n_keys, NULL); + if (!keys) + n_keys = 0; if (n_keys > 0) { GHashTable *h = _nm_setting_gendata_hash (setting, TRUE); @@ -2798,15 +2800,15 @@ static void read_vpn_secrets (KeyfileReaderInfo *info, NMSettingVpn *s_vpn) { gs_strfreev char **keys = NULL; - char **iter; + gsize i, n_keys; - keys = nm_keyfile_plugin_kf_get_keys (info->keyfile, NM_KEYFILE_GROUP_VPN_SECRETS, NULL, NULL); - for (iter = keys; *iter; iter++) { + keys = nm_keyfile_plugin_kf_get_keys (info->keyfile, NM_KEYFILE_GROUP_VPN_SECRETS, &n_keys, NULL); + for (i = 0; i < n_keys; i++) { char *secret; - secret = nm_keyfile_plugin_kf_get_string (info->keyfile, NM_KEYFILE_GROUP_VPN_SECRETS, *iter, NULL); + secret = nm_keyfile_plugin_kf_get_string (info->keyfile, NM_KEYFILE_GROUP_VPN_SECRETS, keys[i], NULL); if (secret) { - nm_setting_vpn_add_secret (s_vpn, *iter, secret); + nm_setting_vpn_add_secret (s_vpn, keys[i], secret); g_free (secret); } } @@ -2896,6 +2898,9 @@ nm_keyfile_read (GKeyFile *keyfile, info.user_data = user_data; groups = g_key_file_get_groups (keyfile, &length); + if (!groups) + length = 0; + for (i = 0; i < length; i++) { /* Only read out secrets when needed */ if (!strcmp (groups[i], NM_KEYFILE_GROUP_VPN_SECRETS)) { |