fixup: uninitialized argument vector element

This patch addresses the potential issue of uninitialized elements in the argument vector returned by `lwp_get_command_line_args()`. The previous implementation could leave `argv` in an inconsistent state if certain errors occurred, leading to possible undefined behavior. Changes: - Replaced `rt_malloc()` with `rt_calloc()` to ensure `argv` is properly initialized. - Added a consistent error handling path using `goto error_exit` to handle memory allocation failures and string copy errors. - Ensured `lwp_free_command_line_args()` is called before returning on error, preventing potential memory leaks. Signed-off-by: Shell <smokewood@qq.com>
2024-08-21 18:10:25 +08:00 · 2024-08-21 18:10:25 +08:00 · 564ca848f4
parent d6d6752627
commit 564ca848f4
1 changed files with 12 additions and 11 deletions
--- a/components/lwp/lwp_args.c
+++ b/components/lwp/lwp_args.c
@ -648,7 +648,7 @@ char** lwp_get_command_line_args(struct rt_lwp *lwp)
        {
            return RT_NULL;
        }
-        argv = (char**)rt_malloc((argc + 1) * sizeof(char*));
+        argv = (char**)rt_calloc((argc + 1), sizeof(char*));

        if (argv)
        {
@ -658,25 +658,23 @@ char** lwp_get_command_line_args(struct rt_lwp *lwp)
                ret = lwp_data_get(lwp, &argvp, &((char **)lwp->args)[1 + i], sizeof(argvp));
                if (ret == 0)
                {
-                    lwp_free_command_line_args(argv);
-                    return RT_NULL;
+                    goto error_exit;
                }
-                len = lwp_user_strlen_ext(lwp, argvp);

-                if (len > 0)
+                len = lwp_user_strlen_ext(lwp, argvp);
+                if (len >= 0)
                {
                    argv[i] = (char*)rt_malloc(len + 1);
                    ret = lwp_data_get(lwp, argv[i], argvp, len);
-                    if (ret == 0)
+                    if (ret != len)
                    {
-                        lwp_free_command_line_args(argv);
-                        return RT_NULL;
+                        goto error_exit;
                    }
                    argv[i][len] = '\0';
                }
                else
                {
-                    argv[i] = NULL;
+                    goto error_exit;
                }
            }
            argv[argc] = NULL;
@ -684,6 +682,9 @@ char** lwp_get_command_line_args(struct rt_lwp *lwp)
    }

    return argv;
+error_exit:
+    lwp_free_command_line_args(argv);
+    return RT_NULL;
 }

 void lwp_print_envp(struct rt_lwp *lwp)