Clean up database_check

git-core · git-core · commit a315e38b69ad · 2012-07-19T19:48:34.000+04:00
o don't use malloc/free, allocate space on stack
o don't use unsafe sprintf
o use ARG_MAX as cmd size for clarity, cmd isn't just a filename
o remove unsafe logging, ensure last points inside cmd
diff --git a/db.c b/db.c
@@ -24,29 +24,30 @@
 int database_check(const struct su_context *ctx)
 {
     FILE *fp;
-    char allow = '-';
-    char *filename = malloc(snprintf(NULL, 0, "%s/%u-%u", REQUESTOR_STORED_PATH, ctx->from.uid, ctx->to.uid) + 1);
-    sprintf(filename, "%s/%u-%u", REQUESTOR_STORED_PATH, ctx->from.uid, ctx->to.uid);
+    int allow = '-';
+    char filename[PATH_MAX];
+
+    snprintf(filename, sizeof(filename),
+                REQUESTOR_STORED_PATH "/%u-%u", ctx->from.uid, ctx->to.uid);
     if ((fp = fopen(filename, "r"))) {
-    LOGD("Found file");
-        char cmd[PATH_MAX];
+        LOGD("Found file %s", filename);
+        char cmd[ARG_MAX];
         fgets(cmd, sizeof(cmd), fp);
+        /* skip trailing '\n' */
         int last = strlen(cmd) - 1;
-        LOGD("this is the last character %u of the string", cmd[5]);
-        if (cmd[last] == '\n') {
-            cmd[last] = '\0';
-        }
-        LOGD("Comparing %c %s, %u to %s", cmd[last - 2], cmd, last, get_command(&ctx->to));
+        if (last >= 0)
+            cmd[last] = 0;
+
+        LOGD("Comparing '%s' to '%s'", cmd, get_command(&ctx->to));
         if (strcmp(cmd, get_command(&ctx->to)) == 0) {
             allow = fgetc(fp);
         }
         fclose(fp);
     } else if ((fp = fopen(REQUESTOR_STORED_DEFAULT, "r"))) {
-    LOGD("Using default");
+        LOGD("Using default file %s", REQUESTOR_STORED_DEFAULT);
         allow = fgetc(fp);
         fclose(fp);
     }
-    free(filename);
 
     if (allow == '1') {
         return DB_ALLOW;
