Make use of libxtables allocators where sensible to have implicit error checking. Leave library-internal calls in place to not create unexpected program exit points for users, apart from xt_xlate_alloc() as that function called xtables_error() in error case which exits by itself already. Signed-off-by: Phil Sutter <phil@xxxxxx> --- iptables/nft-bridge.c | 6 +----- iptables/nft-cmd.c | 5 +---- iptables/nft.c | 15 +++------------ iptables/xshared.c | 8 ++------ iptables/xtables-eb.c | 14 +++----------- libxtables/xtables.c | 11 ++--------- 6 files changed, 12 insertions(+), 47 deletions(-) diff --git a/iptables/nft-bridge.c b/iptables/nft-bridge.c index d98fd527d9549..11f3df3582aa5 100644 --- a/iptables/nft-bridge.c +++ b/iptables/nft-bridge.c @@ -477,11 +477,7 @@ static void nft_bridge_parse_lookup(struct nft_xt_ctx *ctx, static void parse_watcher(void *object, struct ebt_match **match_list, bool ismatch) { - struct ebt_match *m; - - m = calloc(1, sizeof(struct ebt_match)); - if (m == NULL) - xtables_error(OTHER_PROBLEM, "Can't allocate memory"); + struct ebt_match *m = xtables_calloc(1, sizeof(struct ebt_match)); if (ismatch) m->u.match = object; diff --git a/iptables/nft-cmd.c b/iptables/nft-cmd.c index a0c76a795e59c..87e66905655d6 100644 --- a/iptables/nft-cmd.c +++ b/iptables/nft-cmd.c @@ -23,10 +23,7 @@ struct nft_cmd *nft_cmd_new(struct nft_handle *h, int command, struct nftnl_rule *rule; struct nft_cmd *cmd; - cmd = calloc(1, sizeof(struct nft_cmd)); - if (!cmd) - return NULL; - + cmd = xtables_calloc(1, sizeof(struct nft_cmd)); cmd->command = command; cmd->table = xtables_strdup(table); if (chain) diff --git a/iptables/nft.c b/iptables/nft.c index a470939db54fb..c9ed38bd29a53 100644 --- a/iptables/nft.c +++ b/iptables/nft.c @@ -362,10 +362,7 @@ static struct obj_update *batch_add(struct nft_handle *h, enum obj_update_type t { struct obj_update *obj; - obj = calloc(1, sizeof(struct obj_update)); - if (obj == NULL) - return NULL; - + obj = xtables_calloc(1, sizeof(struct obj_update)); obj->ptr = ptr; obj->error.lineno = h->error.lineno; obj->type = type; @@ -997,10 +994,7 @@ static int __add_match(struct nftnl_expr *e, struct xt_entry_match *m) nftnl_expr_set(e, NFTNL_EXPR_MT_NAME, m->u.user.name, strlen(m->u.user.name)); nftnl_expr_set_u32(e, NFTNL_EXPR_MT_REV, m->u.user.revision); - info = calloc(1, m->u.match_size); - if (info == NULL) - return -ENOMEM; - + info = xtables_calloc(1, m->u.match_size); memcpy(info, m->data, m->u.match_size - sizeof(*m)); nftnl_expr_set(e, NFTNL_EXPR_MT_INFO, info, m->u.match_size - sizeof(*m)); @@ -1245,10 +1239,7 @@ static int __add_target(struct nftnl_expr *e, struct xt_entry_target *t) strlen(t->u.user.name)); nftnl_expr_set_u32(e, NFTNL_EXPR_TG_REV, t->u.user.revision); - info = calloc(1, t->u.target_size); - if (info == NULL) - return -ENOMEM; - + info = xtables_calloc(1, t->u.target_size); memcpy(info, t->data, t->u.target_size - sizeof(*t)); nftnl_expr_set(e, NFTNL_EXPR_TG_INFO, info, t->u.target_size - sizeof(*t)); diff --git a/iptables/xshared.c b/iptables/xshared.c index ed3e9c5a4426a..2d3ef679fd765 100644 --- a/iptables/xshared.c +++ b/iptables/xshared.c @@ -220,9 +220,7 @@ void xs_init_target(struct xtables_target *target) { if (target->udata_size != 0) { free(target->udata); - target->udata = calloc(1, target->udata_size); - if (target->udata == NULL) - xtables_error(RESOURCE_PROBLEM, "malloc"); + target->udata = xtables_calloc(1, target->udata_size); } if (target->init != NULL) target->init(target->t); @@ -238,9 +236,7 @@ void xs_init_match(struct xtables_match *match) * Same goes for target. */ free(match->udata); - match->udata = calloc(1, match->udata_size); - if (match->udata == NULL) - xtables_error(RESOURCE_PROBLEM, "malloc"); + match->udata = xtables_calloc(1, match->udata_size); } if (match->init != NULL) match->init(match->m); diff --git a/iptables/xtables-eb.c b/iptables/xtables-eb.c index 6e35f58ee685f..6e5ecd4864fa5 100644 --- a/iptables/xtables-eb.c +++ b/iptables/xtables-eb.c @@ -274,9 +274,7 @@ static struct option *merge_options(struct option *oldopts, ebtables_globals.option_offset += OPTION_OFFSET; *options_offset = ebtables_globals.option_offset; - merge = malloc(sizeof(struct option) * (num_new + num_old + 1)); - if (!merge) - return NULL; + merge = xtables_malloc(sizeof(struct option) * (num_new + num_old + 1)); memcpy(merge, oldopts, num_old * sizeof(struct option)); for (i = 0; i < num_new; i++) { merge[num_old + i] = newopts[i]; @@ -571,10 +569,7 @@ void ebt_add_match(struct xtables_match *m, m->mflags = 0; /* glue code for watchers */ - newnode = calloc(1, sizeof(struct ebt_match)); - if (newnode == NULL) - xtables_error(OTHER_PROBLEM, "Unable to alloc memory"); - + newnode = xtables_calloc(1, sizeof(struct ebt_match)); newnode->ismatch = true; newnode->u.match = newm; @@ -603,10 +598,7 @@ void ebt_add_watcher(struct xtables_target *watcher, watcher->tflags = 0; - newnode = calloc(1, sizeof(struct ebt_match)); - if (newnode == NULL) - xtables_error(OTHER_PROBLEM, "Unable to alloc memory"); - + newnode = xtables_calloc(1, sizeof(struct ebt_match)); newnode->u.watcher = clone; for (matchp = &cs->match_list; *matchp; matchp = &(*matchp)->next) diff --git a/libxtables/xtables.c b/libxtables/xtables.c index b261e97bba3b7..d670175db2236 100644 --- a/libxtables/xtables.c +++ b/libxtables/xtables.c @@ -2353,18 +2353,11 @@ struct xt_xlate { struct xt_xlate *xt_xlate_alloc(int size) { - struct xt_xlate *xl; + struct xt_xlate *xl = xtables_malloc(sizeof(struct xt_xlate)); int i; - xl = malloc(sizeof(struct xt_xlate)); - if (xl == NULL) - xtables_error(RESOURCE_PROBLEM, "OOM"); - for (i = 0; i < __XT_XLATE_MAX; i++) { - xl->buf[i].data = malloc(size); - if (xl->buf[i].data == NULL) - xtables_error(RESOURCE_PROBLEM, "OOM"); - + xl->buf[i].data = xtables_malloc(size); xl->buf[i].data[0] = '\0'; xl->buf[i].size = size; xl->buf[i].rem = size; -- 2.32.0