From 417647a9dacf89f982c0dd495e782123d5ba285e Mon Sep 17 00:00:00 2001 From: "U-WINDOWS81\\\\example" Date: Sun, 26 Jun 2016 04:07:24 +0200 Subject: [PATCH] Check return values of calls to malloc() everywhere. Try to let programs continue running. --- doc/doc-txt/ChangeLog | 9 +++++++++ src/OS/Makefile-Base | 8 ++++---- src/exim_monitor/em_version.c | 3 ++- src/exim_monitor/em_xs.c | 4 ++-- src/src/auths/auth-spa.c | 11 ++++++----- src/src/auths/call_pam.c | 2 +- src/src/auths/gsasl_exim.c | 2 +- src/src/auths/heimdal_gssapi.c | 4 ++-- src/src/buildconfig.c | 4 ++++ src/src/dbfn.c | 5 +++++ src/src/dbstuff.h | 17 +++++++++-------- src/src/dmarc.c | 4 ++-- src/src/exim.c | 8 ++++---- src/src/exim_dbmbuild.c | 4 ++-- src/src/exim_lock.c | 5 +++-- src/src/expand.c | 6 ++++++ src/src/hash.c | 6 ++++++ src/src/lookups/ldap.c | 4 ++-- src/src/malware.c | 12 ++++++------ src/src/mime.c | 2 ++ src/src/smtp_in.c | 9 ++------- src/src/store.c | 14 ++++++++++++++ src/src/store.h | 4 ++++ src/src/string.c | 5 +++++ src/src/tls-gnu.c | 11 ++++++----- src/src/transport.c | 11 +++++++++-- src/src/utf8.c | 6 +++--- test/src/cf.c | 5 +++++ test/src/fakens.c | 5 +++++ test/src/server.c | 5 +++++ 30 files changed, 136 insertions(+), 59 deletions(-) diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 0217e6ea2f..e0207abc26 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -51,6 +51,15 @@ LC/01 Prefer the use of size_t for variables representing sizes. Even if most LC/02 Some values representing maximum path size were hard coded. They are now replaced with the PATH_MAX macro. +LC/03 As everybody knows, malloc() can fails by returning 0. The return values + weren’t checked everywhere. + The values are checked manually in order handle the situation in way that + let the program continue running. Otherwise, replace direct calls to + malloc() with store_malloc() from the project standard memory management + facilities in order to stop the program. + Except if it isn’t possible to call store_malloc() or that some ressources + cleanup need to done. + Exim version 4.87 ----------------- diff --git a/src/OS/Makefile-Base b/src/OS/Makefile-Base index b9eaabaa6f..dd2afed32e 100644 --- a/src/OS/Makefile-Base +++ b/src/OS/Makefile-Base @@ -408,9 +408,9 @@ exim_tidydb: $(OBJ_TIDYDB) # The utility for building dbm files -exim_dbmbuild: exim_dbmbuild.o +exim_dbmbuild: util-store.o exim_dbmbuild.o @echo "$(LNCC) -o exim_dbmbuild" - $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dbmbuild $(LFLAGS) exim_dbmbuild.o \ + $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dbmbuild $(LFLAGS) exim_dbmbuild.o util-store.o \ $(LIBS) $(EXTRALIBS) $(DBMLIB) @if [ x"$(STRIP_COMMAND)" != x"" ]; then \ echo $(STRIP_COMMAND) exim_dbmbuild; \ @@ -421,11 +421,11 @@ exim_dbmbuild: exim_dbmbuild.o # The utility for locking a mailbox while messing around with it -exim_lock: exim_lock.c os.h +exim_lock: util-store.o exim_lock.c os.h @echo "$(CC) exim_lock.c" $(FE)$(CC) -c $(CFLAGS) $(INCLUDE) exim_lock.c @echo "$(LNCC) -o exim_lock" - $(FE)$(LNCC) -o exim_lock $(LFLAGS) exim_lock.o \ + $(FE)$(LNCC) -o exim_lock $(LFLAGS) exim_lock.o util-store.o \ $(LIBS) $(EXTRALIBS) @if [ x"$(STRIP_COMMAND)" != x"" ]; then \ echo $(STRIP_COMMAND) exim_lock; \ diff --git a/src/exim_monitor/em_version.c b/src/exim_monitor/em_version.c index a10aac4fba..2c7d67e192 100644 --- a/src/exim_monitor/em_version.c +++ b/src/exim_monitor/em_version.c @@ -7,6 +7,7 @@ #include "mytypes.h" #include "macros.h" +#include "store.h" #include #include @@ -25,7 +26,7 @@ Ustrcpy(today, __DATE__); if (today[4] == ' ') i = 1; today[3] = today[6] = '-'; -version_date = (uschar *)malloc(32); +version_date = (uschar *)store_malloc(32); version_date[0] = 0; Ustrncat(version_date, today+4+i, 3-i); Ustrncat(version_date, today, 4); diff --git a/src/exim_monitor/em_xs.c b/src/exim_monitor/em_xs.c index b145fb993f..e638127384 100644 --- a/src/exim_monitor/em_xs.c +++ b/src/exim_monitor/em_xs.c @@ -30,7 +30,7 @@ void xs_SetValues(Widget w, Cardinal num_args, ...) { int i; va_list ap; -Arg *aa = (num_args > 15)? (Arg *)malloc(num_args*sizeof(Arg)) : xs_temparg; +Arg *aa = (num_args > 15)? (Arg *)store_malloc(num_args*sizeof(Arg)) : xs_temparg; va_start(ap, num_args); for (i = 0; i < num_args; i++) { @@ -39,7 +39,7 @@ for (i = 0; i < num_args; i++) } va_end(ap); XtSetValues(w, aa, num_args); -if (num_args > 15) free(aa); +if (num_args > 15) store_free(aa); } /* End of em_xs.c */ diff --git a/src/src/auths/auth-spa.c b/src/src/auths/auth-spa.c index 9abc7b7789..ad5a490fd1 100644 --- a/src/src/auths/auth-spa.c +++ b/src/src/auths/auth-spa.c @@ -159,6 +159,7 @@ extern int DEBUGLEVEL; #include /* For size_t */ #include "auth-spa.h" +#include "../store.h" #include #include #include @@ -1401,7 +1402,7 @@ spa_build_auth_request (SPAAuthRequest * request, char *user, char *domain) SIVAL (&request->flags, 0, 0x0000b207); /* have to figure out what these mean */ spa_string_add (request, user, u); spa_string_add (request, domain, domain); - free (u); + store_free (u); } @@ -1483,8 +1484,8 @@ spa_build_auth_response (SPAAuthChallenge * challenge, response->flags = challenge->flags; - free (d); - free (u); + store_free (d); + store_free (u); } #endif @@ -1537,6 +1538,6 @@ spa_build_auth_response (SPAAuthChallenge * challenge, spa_string_add (response, sessionKey, NULL); response->flags = challenge->flags; - if (d != NULL) free (d); - free (u); + if (d != NULL) store_free (d); + store_free (u); } diff --git a/src/src/auths/call_pam.c b/src/src/auths/call_pam.c index b4677ec5ae..6b1f35b4d7 100644 --- a/src/src/auths/call_pam.c +++ b/src/src/auths/call_pam.c @@ -100,7 +100,7 @@ for (i = 0; i < num_msg; i++) break; default: /* Must be an error of some sort... */ - free (reply); + store_free (reply); pam_conv_had_error = TRUE; return PAM_CONV_ERR; } diff --git a/src/src/auths/gsasl_exim.c b/src/src/auths/gsasl_exim.c index 87be9b5e1d..0cbdf37e53 100644 --- a/src/src/auths/gsasl_exim.c +++ b/src/src/auths/gsasl_exim.c @@ -358,7 +358,7 @@ auth_gsasl_server(auth_instance *ablock, uschar *initial_data) auth_get_no64_data((uschar **)&received, (uschar *)to_send); if (to_send) { - free(to_send); + store_free(to_send); to_send = NULL; } diff --git a/src/src/auths/heimdal_gssapi.c b/src/src/auths/heimdal_gssapi.c index 7000562d87..3cac74304c 100644 --- a/src/src/auths/heimdal_gssapi.c +++ b/src/src/auths/heimdal_gssapi.c @@ -160,8 +160,8 @@ auth_heimdal_gssapi_init(auth_instance *ablock) principal ? principal : "??", entry.vno, enctype_s ? enctype_s : "??"); - free(principal); - free(enctype_s); + store_free(principal); + store_free(enctype_s); krb5_kt_free_entry(context, &entry); } krc = krb5_kt_end_seq_get(context, keytab, &cursor); diff --git a/src/src/buildconfig.c b/src/src/buildconfig.c index 4ed2874141..88ca38b3f5 100644 --- a/src/src/buildconfig.c +++ b/src/src/buildconfig.c @@ -688,6 +688,10 @@ else if (isgroup) while (*p != 0) if (*p++ == ':') count++; vector = malloc((count+1) * sizeof(uid_t)); + if (!vector) { + printf("memory allocation falied"); + return 1; + } vector[0] = (uid_t)count; for (i = 1, j = 0; i <= count; list++, i++) diff --git a/src/src/dbfn.c b/src/src/dbfn.c index e23b416966..9d593149cb 100644 --- a/src/src/dbfn.c +++ b/src/src/dbfn.c @@ -465,6 +465,11 @@ spool_directory = argv[1]; debug_selector = D_all - D_memory; debug_file = stderr; big_buffer = malloc(big_buffer_size); +if (!big_buffer) + { + printf("Memory allocation failed!\n"); + return 1; + } for (i = 0; i < max_db; i++) dbblock[i].dbptr = NULL; diff --git a/src/src/dbstuff.h b/src/src/dbstuff.h index ce81f1eb4f..6e3c0eb0b3 100644 --- a/src/src/dbstuff.h +++ b/src/src/dbstuff.h @@ -22,6 +22,7 @@ utilities as well as the main Exim binary. */ /* ************************* tdb interface ************************ */ #include +#include "store.h" /* Basic DB type */ #define EXIM_DB TDB_CONTEXT @@ -64,17 +65,17 @@ tdb_traverse to be called) */ /* EXIM_DBCREATE_CURSOR - initialize for scanning operation */ #define EXIM_DBCREATE_CURSOR(db, cursor) { \ - *(cursor) = malloc(sizeof(TDB_DATA)); (*(cursor))->dptr = NULL; } + *(cursor) = store_malloc(sizeof(TDB_DATA)); (*(cursor))->dptr = NULL; } /* EXIM_DBSCAN - This is complicated because we have to free the last datum free() must not die when passed NULL */ #define EXIM_DBSCAN(db, key, data, first, cursor) \ (key = (first ? tdb_firstkey(db) : tdb_nextkey(db, *(cursor))), \ - free((cursor)->dptr), *(cursor) = key, \ + store_free((cursor)->dptr), *(cursor) = key, \ key.dptr != NULL) /* EXIM_DBDELETE_CURSOR - terminate scanning operation. */ -#define EXIM_DBDELETE_CURSOR(cursor) free(cursor) +#define EXIM_DBDELETE_CURSOR(cursor) store_free(cursor) /* EXIM_DBCLOSE */ #define EXIM_DBCLOSE(db) tdb_close(db) @@ -395,7 +396,7 @@ typedef struct { (*(dbpp))->lkey.dptr = NULL;\ (*(dbpp))->gdbm = gdbm_open(CS name, 0, (((flags) & O_CREAT))?GDBM_WRCREAT:(((flags) & (O_RDWR|O_WRONLY))?GDBM_WRITER:GDBM_READER), mode, 0);\ if ((*(dbpp))->gdbm == NULL) {\ - free(*(dbpp));\ + store_free(*(dbpp));\ *(dbpp) = NULL;\ }\ }\ @@ -427,7 +428,7 @@ typedef struct { /* EXIM_DBSCAN */ #define EXIM_DBSCAN(db, key, data, first, cursor) \ ( key = ((first)? gdbm_firstkey(db->gdbm) : gdbm_nextkey(db->gdbm, db->lkey)), \ - (((db)->lkey.dptr != NULL)? (free((db)->lkey.dptr),1) : 1),\ + (((db)->lkey.dptr != NULL)? (store_free((db)->lkey.dptr),1) : 1),\ db->lkey = key, key.dptr != NULL) /* EXIM_DBDELETE_CURSOR - terminate scanning operation (null). Make it @@ -437,8 +438,8 @@ refer to cursor, to keep picky compilers happy. */ /* EXIM_DBCLOSE */ #define EXIM_DBCLOSE(db) \ { gdbm_close((db)->gdbm);\ - if ((db)->lkey.dptr != NULL) free((db)->lkey.dptr);\ - free(db); } + if ((db)->lkey.dptr != NULL) store_free((db)->lkey.dptr);\ + store_free(db); } /* Datum access types - these are intended to be assignable */ @@ -449,7 +450,7 @@ refer to cursor, to keep picky compilers happy. */ after reading data. */ #define EXIM_DATUM_INIT(datum) -#define EXIM_DATUM_FREE(datum) free(datum.dptr) +#define EXIM_DATUM_FREE(datum) store_free(datum.dptr) #else /* USE_GDBM */ diff --git a/src/src/dmarc.c b/src/src/dmarc.c index 988b1963dd..efc8b246d4 100644 --- a/src/src/dmarc.c +++ b/src/src/dmarc.c @@ -57,7 +57,7 @@ static dmarc_exim_p dmarc_policy_description[] = { static error_block * add_to_eblock(error_block *eblock, uschar *t1, uschar *t2) { -error_block *eb = malloc(sizeof(error_block)); +error_block *eb = store_malloc(sizeof(error_block)); if (eblock == NULL) eblock = eb; else @@ -347,7 +347,7 @@ if (!dmarc_abort && !sender_host_authenticated) libdm_status = opendmarc_policy_fetch_utilized_domain(dmarc_pctx, dmarc_domain, DMARC_MAXHOSTNAMELEN-1); dmarc_used_domain = string_copy(dmarc_domain); - free(dmarc_domain); + store_free(dmarc_domain); if (libdm_status != DMARC_PARSE_OKAY) log_write(0, LOG_MAIN|LOG_PANIC, diff --git a/src/src/exim.c b/src/src/exim.c index 81d58889d8..da29bc6825 100644 --- a/src/src/exim.c +++ b/src/src/exim.c @@ -1282,7 +1282,7 @@ for (i = 0;; i++) yield = string_catn(yield, &size, &ptr, p, ss - p); #ifdef USE_READLINE - if (fn_readline != NULL) free(readline_line); + if (fn_readline != NULL) store_free(readline_line); #endif /* yield can only be NULL if ss==p */ @@ -3973,7 +3973,7 @@ EXIM_TMPDIR by the build scripts. if (Ustrncmp(*p, "TMPDIR=", 7) == 0 && Ustrcmp(*p+7, EXIM_TMPDIR) != 0) { - uschar *newp = malloc(Ustrlen(EXIM_TMPDIR) + 8); + uschar *newp = store_malloc(Ustrlen(EXIM_TMPDIR) + 8); sprintf(CS newp, "TMPDIR=%s", EXIM_TMPDIR); *p = newp; DEBUG(D_any) debug_printf("reset TMPDIR=%s in environment\n", EXIM_TMPDIR); @@ -4010,7 +4010,7 @@ else int count = 0; if (environ) while (*p++ != NULL) count++; if (envtz == NULL) count++; - newp = new = malloc(sizeof(uschar *) * (count + 1)); + newp = new = store_malloc(sizeof(uschar *) * (count + 1)); if (environ) for (p = USS environ; *p != NULL; p++) { if (Ustrncmp(*p, "TZ=", 3) == 0) continue; @@ -4018,7 +4018,7 @@ else } if (timezone_string != NULL) { - *newp = malloc(Ustrlen(timezone_string) + 4); + *newp = store_malloc(Ustrlen(timezone_string) + 4); sprintf(CS *newp++, "TZ=%s", timezone_string); } *newp = NULL; diff --git a/src/src/exim_dbmbuild.c b/src/src/exim_dbmbuild.c index 7babc643e1..ebb5da47bb 100644 --- a/src/src/exim_dbmbuild.c +++ b/src/src/exim_dbmbuild.c @@ -151,8 +151,8 @@ uschar *bptr; uschar keybuffer[256]; uschar temp_dbmname[512]; uschar real_dbmname[512]; -uschar *buffer = malloc(max_outsize); -uschar *line = malloc(max_insize); +uschar *buffer = store_malloc(max_outsize); +uschar *line = store_malloc(max_insize); while (argc > 1) { diff --git a/src/src/exim_lock.c b/src/src/exim_lock.c index 8263ff78a2..72474da907 100644 --- a/src/src/exim_lock.c +++ b/src/src/exim_lock.c @@ -14,6 +14,7 @@ Copyright (c) The Exim Maintainers 2016 */ #include "os.h" +#include "store.h" #include #include @@ -299,9 +300,9 @@ if (use_lockfile) primary_hostname = s.nodename; len = (int)strlen(filename); - lockname = malloc(len + 8); + lockname = store_malloc(len + 8); sprintf(lockname, "%s.lock", filename); - hitchname = malloc(len + 32 + (int)strlen(primary_hostname)); + hitchname = store_malloc(len + 32 + (int)strlen(primary_hostname)); /* Presumably, this must match appendfile.c */ sprintf(hitchname, "%s.%s.%08x.%08x", lockname, primary_hostname, diff --git a/src/src/expand.c b/src/src/expand.c index 89f7e6fef7..6ccbfe26ab 100644 --- a/src/src/expand.c +++ b/src/src/expand.c @@ -7746,6 +7746,12 @@ debug_selector = D_v; debug_file = stderr; debug_fd = fileno(debug_file); big_buffer = malloc(big_buffer_size); +if (!big_buffer) + { + printf("** error Memory allocation failed!\n"); + exit(EXIT_FAILURE); + } + for (i = 1; i < argc; i++) { diff --git a/src/src/hash.c b/src/src/hash.c index c2be85d17c..b8a9d81121 100644 --- a/src/src/hash.c +++ b/src/src/hash.c @@ -787,10 +787,16 @@ for (i = 0; i < sizeof(tests)/sizeof(uschar *); i ++) /* 1 000 000 repetitions of "a" */ ctest = malloc(1000000); +if(!ctest) + { + printf("Memory allocation failed!\n*** No match ***\n"); + exit(EXIT_FAILURE); + } memset(ctest, 'a', 1000000); printf("1 000 000 repetitions of 'a'\n"); printf("Should be: %s\n", atest); +free(ctest); native_sha1_start(&base); native_sha1_end(&base, ctest, 1000000, digest); for (j = 0; j < 20; j++) sprintf(s+2*j, "%02X", digest[j]); diff --git a/src/src/lookups/ldap.c b/src/src/lookups/ldap.c index d5aee9054d..3f267ac8ee 100644 --- a/src/src/lookups/ldap.c +++ b/src/src/lookups/ldap.c @@ -746,7 +746,7 @@ while ((rc = ldap_result(lcp->ld, msgid, 0, timeoutptr, &result)) == #if defined LDAP_LIB_NETSCAPE || defined LDAP_LIB_OPENLDAP2 ldap_memfree(dn); #else /* OPENLDAP 1, UMich, Solaris */ - free(dn); + store_free(dn); #endif } /* Save for later */ @@ -904,7 +904,7 @@ if (dn != NULL) #if defined LDAP_LIB_NETSCAPE || defined LDAP_LIB_OPENLDAP2 ldap_memfree(dn); #else /* OPENLDAP 1, UMich, Solaris */ - free(dn); + store_free(dn); #endif } diff --git a/src/src/malware.c b/src/src/malware.c index 128ff0364e..5a3db5fd2b 100644 --- a/src/src/malware.c +++ b/src/src/malware.c @@ -643,7 +643,7 @@ if (!malware_ok) { int err = errno; (void)close(drweb_fd); - free(drweb_fbuf); + store_free(drweb_fbuf); return m_errlog_defer_3(scanent, NULL, string_sprintf("can't read spool file %s: %s", eml_filename, strerror(err)), @@ -654,7 +654,7 @@ if (!malware_ok) /* send file body to socket */ if (send(sock, drweb_fbuf, fsize, 0) < 0) { - free(drweb_fbuf); + store_free(drweb_fbuf); return m_errlog_defer_3(scanent, CUS callout_address, string_sprintf( "unable to send file body to socket (%s)", scanner_options), sock); @@ -1499,7 +1499,7 @@ if (!malware_ok) if ((result = read(clam_fd, clamav_fbuf, fsize_uint)) < 0) { int err = errno; - free(clamav_fbuf); CLOSE_SOCKDATA; (void)close(clam_fd); + CLOSE_SOCKDATA; (void)close(clam_fd); store_free(clamav_fbuf); return m_errlog_defer_3(scanent, NULL, string_sprintf("can't read spool file %s: %s", eml_filename, strerror(err)), @@ -1511,7 +1511,7 @@ if (!malware_ok) #ifdef WITH_OLD_CLAMAV_STREAM if (send(sockData, clamav_fbuf, fsize_uint, 0) < 0) { - free(clamav_fbuf); CLOSE_SOCKDATA; + CLOSE_SOCKDATA; store_free(clamav_fbuf); return m_errlog_defer_3(scanent, NULL, string_sprintf("unable to send file body to socket (%s:%u)", hostname, port), @@ -1524,14 +1524,14 @@ if (!malware_ok) (send(sock, clamav_fbuf, fsize_uint, 0) < 0) || (send(sock, &send_final_zeroblock, sizeof(send_final_zeroblock), 0) < 0)) { - free(clamav_fbuf); + store_free(clamav_fbuf); return m_errlog_defer_3(scanent, NULL, string_sprintf("unable to send file body to socket (%s)", hostname), sock); } #endif - free(clamav_fbuf); + store_free(clamav_fbuf); CLOSE_SOCKDATA; #undef CLOSE_SOCKDATA diff --git a/src/src/mime.c b/src/src/mime.c index 941d099f91..cfa4b1a38f 100644 --- a/src/src/mime.c +++ b/src/src/mime.c @@ -195,6 +195,8 @@ FILE *f = NULL; uschar *filename; filename = (uschar *)malloc(PATH_MAX); +if (!filename) + return NULL; if (pname && fname) { diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c index 4df4b7118a..98b4940fa2 100644 --- a/src/src/smtp_in.c +++ b/src/src/smtp_in.c @@ -1890,10 +1890,7 @@ acl_var_c = NULL; /* Allow for trailing 0 in the command and data buffers. */ -smtp_cmd_buffer = (uschar *)malloc(2*smtp_cmd_buffer_size + 2); -if (smtp_cmd_buffer == NULL) - log_write(0, LOG_MAIN|LOG_PANIC_DIE, - "malloc() failed for SMTP command buffer"); +smtp_cmd_buffer = (uschar *)store_malloc(2*smtp_cmd_buffer_size + 2); smtp_cmd_buffer[0] = 0; smtp_data_buffer = smtp_cmd_buffer + smtp_cmd_buffer_size + 1; @@ -1915,9 +1912,7 @@ else /* Set up the buffer for inputting using direct read() calls, and arrange to call the local functions instead of the standard C ones. */ -smtp_inbuffer = (uschar *)malloc(in_buffer_size); -if (smtp_inbuffer == NULL) - log_write(0, LOG_MAIN|LOG_PANIC_DIE, "malloc() failed for SMTP input buffer"); +smtp_inbuffer = (uschar *)store_malloc(in_buffer_size); receive_getc = smtp_getc; receive_ungetc = smtp_ungetc; receive_feof = smtp_feof; diff --git a/src/src/store.c b/src/src/store.c index cdfa311392..bb54996767 100644 --- a/src/src/store.c +++ b/src/src/store.c @@ -345,8 +345,14 @@ if ((char *)ptr < bc || (char *)ptr > bc + b->length) if ((char *)ptr >= bc && (char *)ptr <= bc + b->length) break; } if (b == NULL) +#ifndef COMPILE_UTILITY log_write(0, LOG_MAIN|LOG_PANIC_DIE, "internal error: store_reset(%p) " "failed: pool=%d %-14s %4d", ptr, store_pool, filename, linenumber); +#else + fprintf(stderr, "internal error: store_reset(%p) " + "failed: pool=%d %-14s %4d\n", ptr, store_pool, filename, linenumber); + exit(EXIT_FAILURE); +#endif } /* Back up, rounding to the alignment if necessary. When testing, flatten @@ -500,8 +506,16 @@ if (size < 16) size = 16; yield = malloc(size); if (yield == NULL) + { +#ifndef COMPILE_UTILITY log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to malloc %zd bytes of memory: " "called from line %d of %s", size, linenumber, filename); +#else + fprintf(stderr, "failed to malloc %zd bytes of memory: " + "called from line %d of %s\n", size, linenumber, filename); + exit(EXIT_FAILURE); +#endif + } nonpool_malloc += size; diff --git a/src/src/store.h b/src/src/store.h index 5e87d5ec5e..80f7f97aa0 100644 --- a/src/src/store.h +++ b/src/src/store.h @@ -9,6 +9,7 @@ #ifndef STORE_H #define STORE_H +#include /* Define symbols for identifying the store pools. */ @@ -37,6 +38,9 @@ tracing information for debugging. */ #define store_release(addr) store_release_3(addr, __FILE__, __LINE__) #define store_reset(addr) store_reset_3(addr, __FILE__, __LINE__) +#ifndef BOOL +#include "mytypes.h" +#endif /* The real functions */ diff --git a/src/src/string.c b/src/src/string.c index 565573549c..8a7064ad03 100644 --- a/src/src/string.c +++ b/src/src/string.c @@ -1847,6 +1847,11 @@ while (fgets(CS buffer, sizeof(buffer), stdin) != NULL) else { uschar *sss = malloc(s - ss + 1); + if(!sss) + { + printf("***ERROR\nMemory allocation failed!\n"); + exit(EXIT_FAILURE); + } Ustrncpy(sss, ss, s-ss); args[n++] = sss; } diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c index c06a294781..78639f56d4 100644 --- a/src/src/tls-gnu.c +++ b/src/src/tls-gnu.c @@ -33,6 +33,7 @@ than being dropped afterwards, but that was introduced in 2.10.0 and Debian compiler warnings of deprecated APIs. If it turns out that a lot of the rest require current GnuTLS, then we'll drop support for the ancient libraries). */ +#include "store.h" #include /* needed for cert checks in verification and DN extraction: */ @@ -587,13 +588,13 @@ if (fd >= 0) { saved_errno = errno; fclose(fp); - free(m.data); + store_free(m.data); return tls_error(US"fread failed", strerror(saved_errno), NULL); } fclose(fp); rc = gnutls_dh_params_import_pkcs3(dh_server_params, &m, GNUTLS_X509_FMT_PEM); - free(m.data); + store_free(m.data); exim_gnutls_err_check(US"gnutls_dh_params_import_pkcs3"); DEBUG(D_tls) debug_printf("read D-H parameters from file \"%s\"\n", filename); } @@ -673,7 +674,7 @@ if (rc < 0) m.data, &sz); if (rc != GNUTLS_E_SUCCESS) { - free(m.data); + store_free(m.data); exim_gnutls_err_check(US"gnutls_dh_params_export_pkcs3() real"); } m.size = sz; /* shrink by 1, probably */ @@ -681,11 +682,11 @@ if (rc < 0) sz = write_to_fd_buf(fd, m.data, (size_t) m.size); if (sz != m.size) { - free(m.data); + store_free(m.data); return tls_error(US"TLS cache write D-H params failed", strerror(errno), NULL); } - free(m.data); + store_free(m.data); sz = write_to_fd_buf(fd, US"\n", 1); if (sz != 1) return tls_error(US"TLS cache write D-H params final newline failed", diff --git a/src/src/transport.c b/src/src/transport.c index fcf3d22998..d1c8b8d434 100644 --- a/src/src/transport.c +++ b/src/src/transport.c @@ -1725,6 +1725,13 @@ while (1) /* create an array to read entire message queue into memory for processing */ msgq = (msgq_t*) malloc(sizeof(msgq_t) * host_record->count); + + if(!msgq) { + dbfn_close(dbm_file); + DEBUG(D_transport) debug_printf("memory allocation for message queue failed\n"); + return FALSE; + } + msgq_count = host_record->count; msgq_actual = msgq_count; @@ -1832,7 +1839,7 @@ test but the code should work */ if (bFound) /* Usual exit from main loop */ { - free (msgq); + store_free (msgq); break; } @@ -1858,7 +1865,7 @@ test but the code should work */ return FALSE; } - free(msgq); + store_free(msgq); } /* we need to process a continuation record */ /* Control gets here when an existing message has been encountered; its diff --git a/src/src/utf8.c b/src/src/utf8.c index 84ad1dc18f..4fc222e4ff 100644 --- a/src/src/utf8.c +++ b/src/src/utf8.c @@ -37,13 +37,13 @@ s = US stringprep_utf8_nfkc_normalize(CCS utf8, -1); if ( (rc = idna_to_ascii_8z(CCS s, CSS &s1, IDNA_ALLOW_UNASSIGNED)) != IDNA_SUCCESS) { - free(s); + store_free(s); if (err) *err = US idna_strerror(rc); return NULL; } -free(s); +store_free(s); s = string_copy(s1); -free(s1); +store_free(s1); return s; } diff --git a/test/src/cf.c b/test/src/cf.c index 2b982f10f5..ae9aed7916 100644 --- a/test/src/cf.c +++ b/test/src/cf.c @@ -680,6 +680,11 @@ bufbase_one = (char *)malloc(storesize); buftop_one = bufbase_one + storesize; bufbase_two = (char *)malloc(storesize); buftop_two = bufbase_two + storesize; +if (!bufbase_one || !buftop_two) + { + fprintf(stderr, "Memory allocation failed!\n"); + exit(EXIT_FAILURE); + } /* Do the job */ diff --git a/test/src/fakens.c b/test/src/fakens.c index e4584c4df7..d1fb31fa21 100644 --- a/test/src/fakens.c +++ b/test/src/fakens.c @@ -182,6 +182,11 @@ va_start(ap, format); vsprintf(buffer, CS format, ap); va_end(ap); yield = (uschar *)malloc(Ustrlen(buffer) + 1); +if (!yield) +{ +fprintf(stderr, "Memory allocation failed!\n"); +exit(EXIT_FAILURE); +} Ustrcpy(yield, buffer); return yield; } diff --git a/test/src/server.c b/test/src/server.c index 4f21723763..12b7c5ab8b 100644 --- a/test/src/server.c +++ b/test/src/server.c @@ -460,6 +460,11 @@ while (fgets(CS buffer, sizeof(buffer), stdin) != NULL) buffer[n] = 0; if (strcmp(CS buffer, "++++") == 0) break; next = malloc(sizeof(line) + n); + if(!next) + { + fprintf(stderr, "memory allocation failed\n"); + exit(1); + } next->next = NULL; d = next->line; {