Rewrite some manual char-buffer-handling code.

In the course of recent refactorings I noticed a couple of cases where we were doing old-fashioned preallocation of a char array with some conservative maximum size, then writing into it via *p++ or similar and hoping we got the calculation right. Now we have strbuf and dupcat, so we shouldn't ever have to do that. Fixed as many cases as I could find by searching for allocations of the form 'snewn(foo, char)'. Particularly worth a mention was the Windows GSSAPI setup code, which was directly using the Win32 Registry API, and looks much more legible using the windows/utils/registry.c wrappers. (But that was why I had to enhance them in the previous commit so as to be able to open registry keys read-only: without that, the open operation would actually fail on this key, which is not user-writable.) Also unix/askpass.c, which was doing a careful reallocation of its buffer to avoid secrets being left behind in the vacated memory - which is now just a matter of ensuring we called strbuf_new_nm().
2025-07-01 03:22:48 -05:00 · 2022-09-13 15:00:26 +01:00
parent 7339e00f4a
commit 6cf6682c54
13 changed files with 174 additions and 291 deletions
--- a/ssh/scpserver.c
+++ b/ssh/scpserver.c
@ -799,20 +799,17 @@ static void scp_source_process_stack(ScpSource *scp)
            scp->head = node;     /* put back the unfinished READDIR */
            node = NULL;          /* and prevent it being freed */
        } else {
-            ptrlen subpath;
-            subpath.len = node->pathname.len + 1 + scp->reply.name.len;
-            char *subpath_space = snewn(subpath.len, char);
-            subpath.ptr = subpath_space;
-            memcpy(subpath_space, node->pathname.ptr, node->pathname.len);
-            subpath_space[node->pathname.len] = '/';
-            memcpy(subpath_space + node->pathname.len + 1,
-                   scp->reply.name.ptr, scp->reply.name.len);
+            strbuf *subpath = strbuf_new();
+            put_datapl(subpath, node->pathname);
+            put_byte(subpath, '/');
+            put_datapl(subpath, scp->reply.name);

            scp->head = node;     /* put back the unfinished READDIR */
            node = NULL;          /* and prevent it being freed */
-            scp_source_push_name(scp, subpath, scp->reply.attrs, NULL);
+            scp_source_push_name(scp, ptrlen_from_strbuf(subpath),
+                                 scp->reply.attrs, NULL);

-            sfree(subpath_space);
+            strbuf_free(subpath);
        }
    } else if (node->attrs.permissions & PERMS_DIRECTORY) {
        assert(scp->recursive || node->wildcard);