colin/NetworkManager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

libnmc: drop redundant defines for array lengths

Browse Source 
- use G_N_ELEMENTS() macro instead of having separate defines. The separate
  defines mean that when we check g_return_val_if_fail(oc_argc <= OC_ARGS_MAX, FALSE)
  that we must double check that OC_ARGS_MAX is really the size of the array
  that we want to check.

- replace g_return_val_if_fail() with nm_assert(). In this case, it should be
  very clear by review that the buffer is indeed large enough and the assertion
  holds. Use nm_assert().

- use unsigned integer for the loop variables. While int theoretically
  might exploit undefined behavior of signed overflow, we should instead
  use unsigned at places where it's appropriate (for example, those
  variables are compared against G_N_ELEMENTS() which gives a size_t type.

- declare auto variables on separate lines.

- make the global variable oc_property_args static and const. The const
  means the linker will put it into read-only memory, so we would get
  a crash on accidental modification.
This commit is contained in:
Thomas Haller
2023-05-11 12:51:58 +02:00
parent 62d742625d
commit a8ba0ea4c7
1 changed files with 8 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
src/libnmc-base/nm-vpn-helpers.c
View File

@@ -213,7 +213,7 @@ _extract_variable_value(char *line, const char *tag, char **value)
#define NM_OPENCONNECT_KEY_MCAKEY "mcakey" #define NM_OPENCONNECT_KEY_MCAKEY "mcakey"
#define NM_OPENCONNECT_KEY_MCA_PASS "mca_key_pass" #define NM_OPENCONNECT_KEY_MCA_PASS "mca_key_pass"
struct { static const struct {
const char *property; const char *property;
const char *cmdline; const char *cmdline;
} oc_property_args[] = { } oc_property_args[] = {
@@ -230,9 +230,6 @@ struct {
{NM_OPENCONNECT_KEY_MCA_PASS, "--mca-key-password"}, {NM_OPENCONNECT_KEY_MCA_PASS, "--mca-key-password"},
}; };
#define NR_OC_STRING_PROPS (sizeof(oc_property_args) / sizeof(oc_property_args[0]))
#define OC_ARGS_MAX (12 + 2 * NR_OC_STRING_PROPS)
/* /*
* For old versions of openconnect we need to extract the port# and * For old versions of openconnect we need to extract the port# and
* append it to the hostname that is returned to us. Use a cut-down * append it to the hostname that is returned to us. Use a cut-down
@@ -296,10 +293,11 @@ nm_vpn_openconnect_authenticate_helper(NMSettingVpn *s_vpn, GPtrArray *secrets,
"/usr/local/bin/", "/usr/local/bin/",
NULL, NULL,
}; };
int port = 0; const char *oc_argv[(12 + 2 * G_N_ELEMENTS(oc_property_args))];
const char *gw; const char *gw;
const char *oc_argv[OC_ARGS_MAX]; int port;
int i, oc_argc = 0; guint oc_argc = 0;
guint i;
/* Get gateway and port */ /* Get gateway and port */
gw = nm_setting_vpn_get_data_item(s_vpn, "gateway"); gw = nm_setting_vpn_get_data_item(s_vpn, "gateway");
@@ -327,7 +325,7 @@ nm_vpn_openconnect_authenticate_helper(NMSettingVpn *s_vpn, GPtrArray *secrets,
oc_argv[oc_argc++] = "--authenticate"; oc_argv[oc_argc++] = "--authenticate";
oc_argv[oc_argc++] = gw; oc_argv[oc_argc++] = gw;
for (i = 0; i < NR_OC_STRING_PROPS; i++) { for (i = 0; i < G_N_ELEMENTS(oc_property_args); i++) {
opt = nm_setting_vpn_get_data_item(s_vpn, oc_property_args[i].property); opt = nm_setting_vpn_get_data_item(s_vpn, oc_property_args[i].property);
if (opt) { if (opt) {
oc_argv[oc_argc++] = oc_property_args[i].cmdline; oc_argv[oc_argc++] = oc_property_args[i].cmdline;
@@ -371,7 +369,8 @@ nm_vpn_openconnect_authenticate_helper(NMSettingVpn *s_vpn, GPtrArray *secrets,
} }
oc_argv[oc_argc++] = NULL; oc_argv[oc_argc++] = NULL;
g_return_val_if_fail(oc_argc <= OC_ARGS_MAX, FALSE);
nm_assert(oc_argc <= G_N_ELEMENTS(oc_argv));
if (!g_spawn_sync(NULL, if (!g_spawn_sync(NULL,
(char **) oc_argv, (char **) oc_argv,