From 038a49818eaaa95fb6180eb4ad3a3afa8288617c Mon Sep 17 00:00:00 2001
From: Willy Tarreau <w@1wt.eu>
Date: Thu, 23 Jan 2014 21:12:04 +0100
Subject: BUG: use assert() to control each asprintf() return value

It might be responsible for random crashes.
---
 fileconfig.c | 13 +++++++------
 main.c       |  5 +++--
 nbsmtp.c     | 47 ++++++++++++++++++++++++-----------------------
 original.c   | 17 +++++++++--------
 osx.c        |  3 ++-
 smtp.c       |  3 ++-
 6 files changed, 47 insertions(+), 41 deletions(-)

diff --git a/fileconfig.c b/fileconfig.c
index 30671a0..c3af4f6 100644
--- a/fileconfig.c
+++ b/fileconfig.c
@@ -30,6 +30,7 @@
 #include <stdlib.h>
 #include <errno.h>
 #include <pwd.h>
+#include <assert.h>
 
 #include "servinfo.h"
 #include "nbsmtp.h"
@@ -64,7 +65,7 @@ int fileconfig_parse_all(bool_t read_syswide, bool_t read_localconf, servinfo_t
 	if (read_syswide)
 	{
 		/* First of all parse system-wide config file */
-		asprintf(&local_tmp_buf,"%s/nbsmtprc",SYSCONFDIR);
+		assert(asprintf(&local_tmp_buf,"%s/nbsmtprc",SYSCONFDIR) >= 0);
 		if (fileconfig_parse(local_tmp_buf,serverinfo)==1)
 		{
 			perror("fileconfig_parse");
@@ -81,7 +82,7 @@ int fileconfig_parse_all(bool_t read_syswide, bool_t read_localconf, servinfo_t
 		/* Then read local config files */
 		for ( p = relative_paths ; *p && state==2 ; p++ )
 		{
-			asprintf(&local_tmp_buf,"%s/%s",user->pw_dir,*p);
+			assert(asprintf(&local_tmp_buf,"%s/%s",user->pw_dir,*p) >= 0);
 			state = fileconfig_parse(local_tmp_buf,serverinfo);
 			free(local_tmp_buf);
 
@@ -96,7 +97,7 @@ int fileconfig_parse_all(bool_t read_syswide, bool_t read_localconf, servinfo_t
 		/* Get current OSX network location */
 		osx_current_location = osx_location();
 		/* Build the path and parse the config */
-		asprintf(&local_tmp_buf,"%s/.nbsmtp/%s",user->pw_dir,osx_current_location);
+		assert(asprintf(&local_tmp_buf,"%s/.nbsmtp/%s",user->pw_dir,osx_current_location) >= 0);
 		state = fileconfig_parse(local_tmp_buf,serverinfo);
 		
 		/* Free the buffers */
@@ -116,7 +117,7 @@ int fileconfig_parse_all(bool_t read_syswide, bool_t read_localconf, servinfo_t
 			 * parse the file 
 			 * and free the buffer
 			 */
-			asprintf(&local_tmp_buf,"%s/.nbsmtp/default",user->pw_dir);
+			assert(asprintf(&local_tmp_buf,"%s/.nbsmtp/default",user->pw_dir) >= 0);
 			state = fileconfig_parse(local_tmp_buf,serverinfo);
 			free(local_tmp_buf);
 
@@ -202,7 +203,7 @@ int fileconfig_parse(const char *path,servinfo_t *serverinfo)
 		/* Avoid segfault in case of opts[1] being NULL */
 		if (opts[1]==NULL)
 		{
-			asprintf(&tempo,"Empty option [%s] in %s",opts[0],path);
+			assert(asprintf(&tempo,"Empty option [%s] in %s",opts[0],path) >= 0);
 			log_msg(LOG_WARNING,tempo);
 			free(tempo);
 			continue;
@@ -279,7 +280,7 @@ int fileconfig_parse(const char *path,servinfo_t *serverinfo)
 		}
 		else
 		{
-			asprintf(&tempo,"Unknown option [%s]",opts[0]);
+			assert(asprintf(&tempo,"Unknown option [%s]",opts[0]) >= 0);
 			log_msg(LOG_WARNING,tempo);
 			free(tempo);
 		}
diff --git a/main.c b/main.c
index 1a9bf45..429a3e8 100644
--- a/main.c
+++ b/main.c
@@ -27,6 +27,7 @@
 #include <stdlib.h>
 #include <stdio.h>
 #include <string.h>
+#include <assert.h>
 
 #include "original.h"
 #include "util.h"
@@ -136,12 +137,12 @@ int main(int argc, char *argv[])
 		return 1;
 	}
 
-	asprintf(&buffer,"Mail sent for %s. Closing connection",serverinfo.fromaddr);
+	assert(asprintf(&buffer,"Mail sent for %s. Closing connection",serverinfo.fromaddr) >= 0);
 	log_msg(LOG_INFO,buffer);
 	free(buffer);
 
 #ifdef HAVE_GROWLNOTIFY
-	asprintf(&buffer,"Mail sent for %s", serverinfo.fromaddr);
+	assert(asprintf(&buffer,"Mail sent for %s", serverinfo.fromaddr) >= 0);
 	osx_notify("nbSMTP",buffer);
 	free(buffer);
 #endif
diff --git a/nbsmtp.c b/nbsmtp.c
index 2282a5e..7b6fba2 100644
--- a/nbsmtp.c
+++ b/nbsmtp.c
@@ -38,6 +38,7 @@
 #include <string.h>
 #include <syslog.h>
 #include <pwd.h>
+#include <assert.h>
 #ifdef HAVE_SSL
 #include <openssl/crypto.h>
 #include <openssl/x509.h>
@@ -134,7 +135,7 @@ int nbsmtp_data(servinfo_t *serverinfo, string_t *msg)
 	char local_in_buf[BUF_SIZE];
 	char *msg_tmp;
 	
-	asprintf(&local_out_buf,"%s","DATA");
+	assert(asprintf(&local_out_buf,"%s","DATA") >= 0);
 	
 	if(smtp_write(serverinfo, local_out_buf)<1)
 	{
@@ -149,7 +150,7 @@ int nbsmtp_data(servinfo_t *serverinfo, string_t *msg)
 	{
 		log_msg(LOG_ERR,"An error ocurred after sending the DATA command");
 
-		asprintf(&local_out_buf,"Server said: '%s'",smtp_last_message());
+		assert(asprintf(&local_out_buf,"Server said: '%s'",smtp_last_message()) >= 0);
 		log_msg(LOG_ERR,local_out_buf);
 		free(local_out_buf);
 		
@@ -173,14 +174,14 @@ int nbsmtp_data(servinfo_t *serverinfo, string_t *msg)
 	
 	if (nbsmtp_data_body(serverinfo)<1)
 	{
-		asprintf(&local_out_buf,"Error sending mail body");
+		assert(asprintf(&local_out_buf,"Error sending mail body") >= 0);
 		log_msg(LOG_ERR,local_out_buf);
 		free(local_out_buf);
 		
 		return -1;
 	}
 		
-	asprintf(&local_out_buf,"\r\n.\r\n");
+	assert(asprintf(&local_out_buf,"\r\n.\r\n") >= 0);
 
 	if (fd_puts(serverinfo,local_out_buf,strlen(local_out_buf))<1)
 	{
@@ -213,21 +214,21 @@ int nbsmtp_header(servinfo_t *serverinfo)
 	if (serverinfo->using_tls)
 	{
 		cipher_bits = SSL_get_cipher_bits(serverinfo->ssl,&algo_bits);
-		asprintf(&tls_header_buf,"\r\n\t(using %s with cipher %s (%d/%d bits))",
+		assert(asprintf(&tls_header_buf,"\r\n\t(using %s with cipher %s (%d/%d bits))",
 				SSL_get_cipher_version(serverinfo->ssl),
 				SSL_get_cipher_name(serverinfo->ssl),
-				cipher_bits,algo_bits);
+				cipher_bits,algo_bits) >= 0);
 	}
 #endif
 	
-	asprintf(&local_out_buf,"Received: by %s (nbSMTP-%s) for uid %d%s\r\n\tfor <%s>; %s",
+	assert(asprintf(&local_out_buf,"Received: by %s (nbSMTP-%s) for uid %d%s\r\n\tfor <%s>; %s",
 			serverinfo->domain,PACKAGE_VERSION,getuid(),
 #ifdef HAVE_SSL
 			(serverinfo->using_tls ? tls_header_buf : ""),
 #else
 			"",
 #endif
-			serverinfo->fromaddr,local_tmp_buf);
+			serverinfo->fromaddr,local_tmp_buf) >= 0);
 
 	if (smtp_write(serverinfo,local_out_buf)<1)
 	{
@@ -261,7 +262,7 @@ int nbsmtp_rcpts(servinfo_t *serverinfo, string_t *rcpts)
 	
 	for( i=0 ; i<serverinfo->num_rcpts ; i++ )
 	{
-		asprintf(&local_out_buf,"RCPT TO:<%s>", rcpts[i].str);
+		assert(asprintf(&local_out_buf,"RCPT TO:<%s>", rcpts[i].str) >= 0);
 		
 		if (smtp_write(serverinfo, local_out_buf)<1)
 		{
@@ -273,18 +274,18 @@ int nbsmtp_rcpts(servinfo_t *serverinfo, string_t *rcpts)
 
 		if (!smtp_okay(serverinfo))
 		{
-			asprintf(&local_out_buf,
+			assert(asprintf(&local_out_buf,
 					"Recipient REJECTED [%s] -> '%s'",
-					rcpts[i].str,smtp_last_message());
+					rcpts[i].str,smtp_last_message()) >= 0);
 			
 			log_msg(LOG_WARNING,local_out_buf);
 			free(local_out_buf);
 		}
 		else
 		{
-			asprintf(&local_out_buf,
+			assert(asprintf(&local_out_buf,
 					"Recipient accepted [%s]",
-					rcpts[i].str);
+					rcpts[i].str) >= 0);
 			log_msg(LOG_INFO,local_out_buf);
 			free(local_out_buf);
 			validrcpts = True;
@@ -313,7 +314,7 @@ int nbsmtp_ehlo(servinfo_t *serverinfo)
 {
 	char *local_out_buf;
 
-	asprintf(&local_out_buf,"EHLO %s",serverinfo->domain);
+	assert(asprintf(&local_out_buf,"EHLO %s",serverinfo->domain) >= 0);
 
 	if (smtp_write(serverinfo,local_out_buf)<1)
 	{
@@ -343,7 +344,7 @@ int nbsmtp_helo(servinfo_t *serverinfo)
 {
 	char *local_out_buf;
 
-	asprintf(&local_out_buf,"HELO %s",serverinfo->domain);
+	assert(asprintf(&local_out_buf,"HELO %s",serverinfo->domain) >= 0);
 
 	if(smtp_write(serverinfo,local_out_buf)<1)
 	{
@@ -385,7 +386,7 @@ int nbsmtp_auth(servinfo_t *serverinfo)
 				(const unsigned char *)serverinfo->auth_user,
 				strlen(serverinfo->auth_user));
 		
-		asprintf(&local_out_buf,"AUTH LOGIN %s",local_tmp_buf);
+		assert(asprintf(&local_out_buf,"AUTH LOGIN %s",local_tmp_buf) >= 0);
 
 		if (smtp_write(serverinfo,local_out_buf)<1)
 		{
@@ -399,7 +400,7 @@ int nbsmtp_auth(servinfo_t *serverinfo)
 		{
 			log_msg(LOG_ERR,"The server rejected the authentication method");
 
-			asprintf(&local_out_buf,"Server said: '%s'",smtp_last_message());
+			assert(asprintf(&local_out_buf,"Server said: '%s'",smtp_last_message()) >= 0);
 			log_msg(LOG_ERR,local_out_buf);
 			free(local_out_buf);
 
@@ -412,7 +413,7 @@ int nbsmtp_auth(servinfo_t *serverinfo)
 				(const unsigned char *)serverinfo->auth_pass,
 				strlen(serverinfo->auth_pass));
 
-		asprintf(&local_out_buf,"%s",local_tmp_buf);
+		assert(asprintf(&local_out_buf,"%s",local_tmp_buf) >= 0);
 		
 		if (smtp_write(serverinfo,local_out_buf)<1)
 		{
@@ -426,7 +427,7 @@ int nbsmtp_auth(servinfo_t *serverinfo)
 		{
 			log_msg(LOG_ERR,"The password wasn't accepted");
 
-			asprintf(&local_out_buf,"Server said: '%s'",smtp_last_message());
+			assert(asprintf(&local_out_buf,"Server said: '%s'",smtp_last_message()) >= 0);
 			log_msg(LOG_ERR,local_out_buf);
 			free(local_out_buf);
 
@@ -435,7 +436,7 @@ int nbsmtp_auth(servinfo_t *serverinfo)
 	}
 	else /* if(serverinfo->auth_mech==SASL_PLAIN) */
 	{
-		asprintf(&local_out_buf,"^%s^%s",serverinfo->auth_user,serverinfo->auth_pass);
+		assert(asprintf(&local_out_buf,"^%s^%s",serverinfo->auth_user,serverinfo->auth_pass) >= 0);
 		len = strlen(local_out_buf);
 		
 		for ( i = len-1 ; i >= 0 ; i-- )
@@ -450,7 +451,7 @@ int nbsmtp_auth(servinfo_t *serverinfo)
 		
 		free(local_out_buf);
 		
-		asprintf(&local_out_buf,"AUTH PLAIN %s",local_tmp_buf);
+		assert(asprintf(&local_out_buf,"AUTH PLAIN %s",local_tmp_buf) >= 0);
 
 		if (smtp_write(serverinfo,local_out_buf)<1)
 		{
@@ -464,7 +465,7 @@ int nbsmtp_auth(servinfo_t *serverinfo)
 		{
 			log_msg(LOG_ERR,"Error, the authentication failed");
 
-			asprintf(&local_out_buf,"Server said: '%s'",smtp_last_message());
+			assert(asprintf(&local_out_buf,"Server said: '%s'",smtp_last_message()) >= 0);
 			log_msg(LOG_ERR,local_out_buf);
 			free(local_out_buf);
 
@@ -474,7 +475,7 @@ int nbsmtp_auth(servinfo_t *serverinfo)
 
 
 	/* Command succeded so tell the log */
-	asprintf(&local_out_buf,"Authentication succeded [%s]",serverinfo->auth_user);
+	assert(asprintf(&local_out_buf,"Authentication succeded [%s]",serverinfo->auth_user) >= 0);
 	log_msg(LOG_INFO,local_out_buf);
 	free(local_out_buf);
 	
diff --git a/original.c b/original.c
index ef272f7..6e7832e 100644
--- a/original.c
+++ b/original.c
@@ -35,6 +35,7 @@
 #include <syslog.h>
 #include <stdio.h>
 #include <stdlib.h>
+#include <assert.h>
 
 #include "original.h"
 #include "nbsmtp.h"
@@ -442,7 +443,7 @@ int send_mail(string_t *msg, servinfo_t *serverinfo, string_t *rcpts)
 #ifdef HAVE_SSL
 	if (serverinfo->use_starttls==True)
 	{
-		asprintf(&local_out_buf,"STARTTLS");
+		assert(asprintf(&local_out_buf,"STARTTLS") >= 0);
 
 		if (smtp_write(serverinfo,local_out_buf)<1)
 		{
@@ -476,7 +477,7 @@ int send_mail(string_t *msg, servinfo_t *serverinfo, string_t *rcpts)
 		}
 	}
 	
-	asprintf(&local_out_buf,"MAIL FROM:<%s>",serverinfo->fromaddr);
+	assert(asprintf(&local_out_buf,"MAIL FROM:<%s>",serverinfo->fromaddr) >= 0);
 	
 	if(smtp_write(serverinfo, local_out_buf)<1)
 	{
@@ -490,7 +491,7 @@ int send_mail(string_t *msg, servinfo_t *serverinfo, string_t *rcpts)
 	{
 		log_msg(LOG_ERR,"Error issuing MAIL command");
 
-		asprintf(&local_out_buf,"Server said: '%s'",smtp_last_message());
+		assert(asprintf(&local_out_buf,"Server said: '%s'",smtp_last_message()) >= 0);
 		log_msg(LOG_ERR,local_out_buf);
 		free(local_out_buf);
 
@@ -507,7 +508,7 @@ int send_mail(string_t *msg, servinfo_t *serverinfo, string_t *rcpts)
 		return 1;
 	}
 
-	asprintf(&local_out_buf,"%s","QUIT");
+	assert(asprintf(&local_out_buf,"%s","QUIT") >= 0);
 	
 	if(smtp_write(serverinfo, local_out_buf)<1)
 	{
@@ -553,7 +554,7 @@ int get_socket(servinfo_t *serverinfo)
 	
 	hints.ai_family = PF_UNSPEC;
 	hints.ai_socktype = SOCK_STREAM;
-	asprintf(&servname,"%d",serverinfo->port);
+	assert(asprintf(&servname,"%d",serverinfo->port) >= 0);
 	
 	error = getaddrinfo(serverinfo->host,servname,&hints,&res0);
 	
@@ -625,10 +626,10 @@ int get_socket(servinfo_t *serverinfo)
 		}
 	}
 	
-	asprintf(&local_tmp_buf,"Creating%sconnection to host (%s:%d)",
-			(serverinfo->use_tls==True?" SSL ":" "),serverinfo->host,serverinfo->port);
+	assert(asprintf(&local_tmp_buf,"Creating%sconnection to host (%s:%d)",
+			(serverinfo->use_tls==True?" SSL ":" "),serverinfo->host,serverinfo->port) >= 0);
 #else
-	asprintf(&local_tmp_buf,"Creating connection to host (%s:%d)",serverinfo->host,serverinfo->port);
+	assert(asprintf(&local_tmp_buf,"Creating connection to host (%s:%d)",serverinfo->host,serverinfo->port) >= 0);
 #endif
 	log_msg(LOG_INFO,local_tmp_buf);
 	free(local_tmp_buf);
diff --git a/osx.c b/osx.c
index 710d619..a7972ae 100644
--- a/osx.c
+++ b/osx.c
@@ -24,6 +24,7 @@
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
+#include <assert.h>
 #include "osx.h"
 
 
@@ -77,7 +78,7 @@ int osx_notify(char *title, char *message)
 	FILE *growlnotify;
 	char *local_tmp_buf;
 
-	asprintf(&local_tmp_buf,"%s %s 2>/dev/null",GROWLNOTIFYPATH,title);
+	assert(asprintf(&local_tmp_buf,"%s %s 2>/dev/null",GROWLNOTIFYPATH,title) >= 0);
 
 	if ((growlnotify = popen(local_tmp_buf,"w"))!=NULL)
 	{
diff --git a/smtp.c b/smtp.c
index a6808c6..20362f3 100644
--- a/smtp.c
+++ b/smtp.c
@@ -24,6 +24,7 @@
  */
 
 #include <stdio.h>
+#include <assert.h>
 
 #include <stdlib.h>
 #include <string.h>
@@ -48,7 +49,7 @@ ssize_t smtp_write(servinfo_t *serverinfo, char *str)
 	char *buf;
 	ssize_t ret;
 	
-	asprintf(&buf,"%s\r\n",str);
+	assert(asprintf(&buf,"%s\r\n",str) >= 0);
 	ret = fd_puts(serverinfo,buf,strlen(buf));
 
 	free(buf);
-- 
1.7.12.1