diff options
author | Alexander Monakov <amonakov@ispras.ru> | 2017-09-03 22:12:20 +0300 |
---|---|---|
committer | Rich Felker <dalias@aerifal.cx> | 2017-09-04 15:55:05 -0400 |
commit | 8e932792c917d11545c2953b35159149f7411eca (patch) | |
tree | 330b20d848bf624c9b7a00c1c0ae0181e3b85e93 /src/env/putenv.c | |
parent | 39db00afadc9d8d0456c46eab42b8cb8ff9f375c (diff) | |
download | musl-8e932792c917d11545c2953b35159149f7411eca.tar.gz |
overhaul environment functions
Rewrite environment access functions to slim down code, fix bugs and
avoid invoking undefined behavior.
* avoid using int-typed iterators where size_t would be correct;
* use strncmp instead of memcmp consistently;
* tighten prologues by invoking __strchrnul;
* handle NULL environ.
putenv:
* handle "=value" input via unsetenv too (will return -1/EINVAL);
* rewrite and simplify __putenv; fix the leak caused by failure to
deallocate entry added by preceding setenv when called from putenv.
setenv:
* move management of libc-allocated entries to this translation unit,
and use no-op weak symbols in putenv/unsetenv;
unsetenv:
* rewrite; this fixes UB caused by testing a free'd pointer against
NULL on entry to subsequent loops.
Not changed:
Failure to extend allocation tracking array (previously __env_map, now
env_alloced) is ignored rather than causing to report -1/ENOMEM to the
caller; the worst-case consequence is leaking this allocation when it
is removed or replaced in a subsequent environment access.
Initially UB in unsetenv was reported by Alexander Cherepanov.
Using a weak alias to avoid pulling in malloc via unsetenv was
suggested by Rich Felker.
Diffstat (limited to 'src/env/putenv.c')
-rw-r--r-- | src/env/putenv.c | 76 |
1 files changed, 33 insertions, 43 deletions
diff --git a/src/env/putenv.c b/src/env/putenv.c index 71530426..fa4a4ddc 100644 --- a/src/env/putenv.c +++ b/src/env/putenv.c @@ -1,58 +1,48 @@ #include <stdlib.h> #include <string.h> +#include "libc.h" -extern char **__environ; -char **__env_map; +char *__strchrnul(const char *, int); -int __putenv(char *s, int a) -{ - int i=0, j=0; - char *z = strchr(s, '='); - char **newenv = 0; - char **newmap = 0; - static char **oldenv; +static void dummy(char *old, char *new) {} +weak_alias(dummy, __env_rm_add); - if (!z) return unsetenv(s); - if (z==s) return -1; - for (; __environ[i] && memcmp(s, __environ[i], z-s+1); i++); - if (a) { - if (!__env_map) { - __env_map = calloc(2, sizeof(char *)); - if (__env_map) __env_map[0] = s; - } else { - for (; __env_map[j] && __env_map[j] != __environ[i]; j++); - if (!__env_map[j]) { - newmap = realloc(__env_map, sizeof(char *)*(j+2)); - if (newmap) { - __env_map = newmap; - __env_map[j] = s; - __env_map[j+1] = NULL; - } - } else { - free(__env_map[j]); - __env_map[j] = s; +int __putenv(char *s, size_t l, char *r) +{ + size_t i=0; + if (__environ) { + for (char **e = __environ; *e; e++, i++) + if (!strncmp(s, *e, l+1)) { + char *tmp = *e; + *e = s; + __env_rm_add(tmp, r); + return 0; } - } } - if (!__environ[i]) { - newenv = malloc(sizeof(char *)*(i+2)); - if (!newenv) { - if (a && __env_map) __env_map[j] = 0; - return -1; - } - memcpy(newenv, __environ, sizeof(char *)*i); - newenv[i] = s; - newenv[i+1] = 0; - __environ = newenv; + static char **oldenv; + char **newenv; + if (__environ == oldenv) { + newenv = realloc(oldenv, sizeof *newenv * (i+2)); + if (!newenv) goto oom; + } else { + newenv = malloc(sizeof *newenv * (i+2)); + if (!newenv) goto oom; + if (i) memcpy(newenv, __environ, sizeof *newenv * i); free(oldenv); - oldenv = __environ; } - - __environ[i] = s; + newenv[i] = s; + newenv[i+1] = 0; + __environ = oldenv = newenv; + if (r) __env_rm_add(0, r); return 0; +oom: + free(r); + return -1; } int putenv(char *s) { - return __putenv(s, 0); + size_t l = __strchrnul(s, '=') - s; + if (!l || !s[l]) return unsetenv(s); + return __putenv(s, l, 0); } |