From dan@kulesh.obluda.cz  Tue Jul 12 22:21:04 2005
Return-Path: <dan@kulesh.obluda.cz>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 0C9B116A41C
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 12 Jul 2005 22:21:04 +0000 (GMT)
	(envelope-from dan@kulesh.obluda.cz)
Received: from kulesh.obluda.cz (kulesh.obluda.cz [193.179.22.243])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 99B4E43D46
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 12 Jul 2005 22:21:02 +0000 (GMT)
	(envelope-from dan@kulesh.obluda.cz)
Received: from kulesh.obluda.cz (localhost.eunet.cz [127.0.0.1])
	by kulesh.obluda.cz (8.13.3/8.13.3) with ESMTP id j6CML0ia017849
	for <FreeBSD-gnats-submit@freebsd.org>; Wed, 13 Jul 2005 00:21:00 +0200 (CEST)
	(envelope-from dan@kulesh.obluda.cz)
Received: (from root@localhost)
	by kulesh.obluda.cz (8.13.3/8.13.1/Submit) id j6CMKxMZ017848;
	Wed, 13 Jul 2005 00:20:59 +0200 (CEST)
	(envelope-from dan)
Message-Id: <200507122220.j6CMKxMZ017848@kulesh.obluda.cz>
Date: Wed, 13 Jul 2005 00:20:59 +0200 (CEST)
From: Dan Lukes <dan@obluda.cz>
Reply-To: Dan Lukes <dan@obluda.cz>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: [ PATCH ] improper handling of malloc failures within rexec()
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         83358
>Category:       kern
>Synopsis:       [libcompat] [patch] improper handling of malloc failures within rexec(3)
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Jul 12 22:30:08 GMT 2005
>Closed-Date:    
>Last-Modified:  Sun May 04 04:24:00 UTC 2014
>Originator:     Dan Lukes
>Release:        FreeBSD 5.4-STABLE i386
>Organization:
Obludarium
>Environment:
System: FreeBSD 5.4-STABLE #8: Sat Jul 9 16:31:08 CEST 2005 i386
lib/libcompat/4.3/rexec.c,v 1.6 2000/08/04 11:15:48 kris

>Description:
	1. malloc() not tested for failures within ruserpass()
	2. port variable within rexec() can be uset uninitialized causing
possible close of random socket (within bad: part of code)

>How-To-Repeat:
>Fix:

--- patch begins here ---
--- lib/libcompat/4.3/rexec.c.ORIG	Fri Aug  4 13:15:48 2000
+++ lib/libcompat/4.3/rexec.c	Wed Jul 13 00:09:08 2005
@@ -34,7 +34,7 @@
  */
 
 #if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)rexec.c	8.1 (Berkeley) 6/4/93";
+static volatile char sccsid[] = "@(#)rexec.c	8.1 (Berkeley) 6/4/93";
 #endif /* LIBC_SCCS and not lint */
 
 #include <sys/types.h>
@@ -143,6 +143,7 @@
 	char *hdir, buf[BUFSIZ], *tmp;
 	char myname[MAXHOSTNAMELEN], *mydomain;
 	int t, i, c, usedefault = 0;
+	int myaname=0, myapass=0, myaacct=0;
 	struct stat stb;
 
 	hdir = getenv("HOME");
@@ -190,26 +191,33 @@
 		while ((t = token()) && t != MACH && t != DEFAULT) switch(t) {
 
 		case LOGIN:
-			if (token())
-				if (*aname == 0) {
-					*aname = malloc((unsigned) strlen(tokval) + 1);
-					(void) strcpy(*aname, tokval);
+			if (token()) {
+				if (*aname == NULL) {
+					if ((*aname = strdup(tokval)) == NULL) {
+	warnx("Error: Cannot allocate memory for user name");
+						goto bad;
+					}
+					myaname=1;
 				} else {
 					if (strcmp(*aname, tokval))
 						goto next;
 				}
+			}
 			break;
 		case PASSWD:
-			if ((*aname == 0 || strcmp(*aname, "anonymous")) &&
+			if ((*aname == NULL || strcmp(*aname, "anonymous")) &&
 			    fstat(fileno(cfile), &stb) >= 0 &&
 			    (stb.st_mode & 077) != 0) {
 	warnx("Error: .netrc file is readable by others.");
 	warnx("Remove password or make file unreadable by others.");
 				goto bad;
 			}
-			if (token() && *apass == 0) {
-				*apass = malloc((unsigned) strlen(tokval) + 1);
-				(void) strcpy(*apass, tokval);
+			if (token() && *apass == NULL) {
+				if ((*apass = strdup(tokval)) == NULL) {
+	warnx("Error: Cannot allocate memory for password");
+					goto bad;
+				}
+				myapass=1;
 			}
 			break;
 		case ACCOUNT:
@@ -219,9 +227,12 @@
 	warnx("Remove account or make file unreadable by others.");
 				goto bad;
 			}
-			if (token() && *aacct == 0) {
-				*aacct = malloc((unsigned) strlen(tokval) + 1);
-				(void) strcpy(*aacct, tokval);
+			if (token() && *aacct == NULL) {
+				if ((*aacct = strdup(tokval)) == NULL) {
+	warnx("Error: Cannot allocate memory for account");
+					goto bad;
+				}
+				myaacct=1;
 			}
 			break;
 		case MACDEF:
@@ -291,6 +302,18 @@
 	(void) fclose(cfile);
 	return (0);
 bad:
+	if (myaname == 1) {
+		free(*aname);
+		*aname = NULL;
+	}
+	if (myapass == 1) {
+		free(*apass);
+		*apass = NULL;
+	}
+	if (myaacct == 1) {
+		free(*aacct);
+		*aacct = NULL;
+	}
 	(void) fclose(cfile);
 	return (-1);
 }
@@ -304,8 +327,7 @@
 {
 	struct sockaddr_in sin, sin2, from;
 	struct hostent *hp;
-	u_short port;
-	int s, timo = 1, s3;
+	int s, timo = 1, s3 = -1;
 	char c;
 
 	hp = gethostbyname(*ahost);
@@ -336,10 +358,10 @@
 	}
 	if (fd2p == 0) {
 		(void) write(s, "", 1);
-		port = 0;
 	} else {
 		char num[8];
 		int s2, sin2len;
+		u_short port;
 
 		s2 = socket(AF_INET, SOCK_STREAM, 0);
 		if (s2 < 0) {
@@ -362,7 +384,6 @@
 		  close(s2);
 		  if (s3 < 0) {
 			perror("accept");
-			port = 0;
 			goto bad;
 		  }
 		}
@@ -386,7 +407,7 @@
 	}
 	return (s);
 bad:
-	if (port)
+	if (s3 >= 0)
 		(void) close(*fd2p);
 	(void) close(s);
 	return (-1);
--- patch ends here ---
>Release-Note:
>Audit-Trail:

From: "Garrett Cooper" <yanefbsd@gmail.com>
To: bug-followup@FreeBSD.org, dan@obluda.cz
Cc:  
Subject: Re: bin/83358: [patch] improper handling of malloc failures within rexec()
Date: Fri, 20 Jun 2008 22:07:16 -0700

 ------=_Part_14701_30557979.1214024836491
 Content-Type: text/plain; charset=ISO-8859-1
 Content-Transfer-Encoding: 7bit
 Content-Disposition: inline
 
 This patch includes the fixes provided previously (minus the port var
 removal provided by the OP), plus some style fixes and source
 updating.
 
 Which makes me wonder: is libcompat-4.3's rexec.c used for compiling
 purposes at all?
 
 -Garrett
 
 ------=_Part_14701_30557979.1214024836491
 Content-Type: text/x-patch; name=4_3_compat_update.patch
 Content-Transfer-Encoding: base64
 X-Attachment-Id: f_fhpr0ztf0
 Content-Disposition: attachment; filename=4_3_compat_update.patch
 
 SW5kZXg6IGNmcmVlLmMKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09
 PT09PT09PT09PT09PT09PT09PT09PT09PQpSQ1MgZmlsZTogL2hvbWUvbmN2cy9zcmMvbGliL2xp
 YmNvbXBhdC80LjMvY2ZyZWUuYyx2CnJldHJpZXZpbmcgcmV2aXNpb24gMS4zCmRpZmYgLXUgLXIx
 LjMgY2ZyZWUuYwotLS0gY2ZyZWUuYwk5IEphbiAyMDA3IDAxOjAyOjAyIC0wMDAwCTEuMworKysg
 Y2ZyZWUuYwkyMSBKdW4gMjAwOCAwNDo1MjoxMSAtMDAwMApAQCAtMzcsOCArMzcsNyBAQAogI2lu
 Y2x1ZGUgPHN0ZGxpYi5oPgogCiB2b2lkCi1jZnJlZShwKQotCXZvaWQgKnA7CitjZnJlZSh2b2lk
 ICpwKQogewogCWZyZWUocCk7CiB9CkluZGV4OiByZWdleC5jCj09PT09PT09PT09PT09PT09PT09
 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KUkNTIGZpbGU6
 IC9ob21lL25jdnMvc3JjL2xpYi9saWJjb21wYXQvNC4zL3JlZ2V4LmMsdgpyZXRyaWV2aW5nIHJl
 dmlzaW9uIDEuNQpkaWZmIC11IC1yMS41IHJlZ2V4LmMKLS0tIHJlZ2V4LmMJOSBKYW4gMjAwNyAw
 MTowMjowMiAtMDAwMAkxLjUKKysrIHJlZ2V4LmMJMjEgSnVuIDIwMDggMDQ6NTI6MTIgLTAwMDAK
 QEAgLTU2LDE3ICs1NiwxNiBAQAogc3RhdGljIGNoYXIgKnJlX2VycnN0cjsKIAogY2hhciAqCi1y
 ZV9jb21wKHMpCi0JY2hhciAqczsKK3JlX2NvbXAoY2hhciAqcykKIHsKIAlpZiAocyA9PSBOVUxM
 IHx8ICpzID09ICdcMCcpIHsKIAkJaWYgKHJlX3JlZ2V4cCA9PSBOVUxMKQogCQkJcmV0dXJuICJu
 byBwcmV2aW91cyByZWd1bGFyIGV4cHJlc3Npb24iOwogCQlyZXR1cm4gKE5VTEwpOwogCX0KLQlp
 ZiAocmVfcmVnZXhwKQorCWlmIChyZV9yZWdleHAgIT0gTlVMTCkKIAkJZnJlZShyZV9yZWdleHAp
 OwotCWlmIChyZV9lcnJzdHIpCisJaWYgKHJlX2VycnN0ciAhPSBOVUxMKQogCQlmcmVlKHJlX2Vy
 cnN0cik7CiAJcmVfZ290ZXJyID0gMDsKIAlyZV9yZWdleHAgPSByZWdjb21wKHMpOwpAQCAtODks
 NyArODgsNyBAQAogCWNvbnN0IGNoYXIgKnM7CiB7CiAJcmVfZ290ZXJyID0gMTsKLQlpZiAocmVf
 ZXJyc3RyKQorCWlmIChyZV9lcnJzdHIgIT0gTlVMTCkKIAkJZnJlZShyZV9lcnJzdHIpOwogCXJl
 X2VycnN0ciA9IHN0cmR1cChzKTsKIH0KSW5kZXg6IHJleGVjLmMKPT09PT09PT09PT09PT09PT09
 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQpSQ1MgZmls
 ZTogL2hvbWUvbmN2cy9zcmMvbGliL2xpYmNvbXBhdC80LjMvcmV4ZWMuYyx2CnJldHJpZXZpbmcg
 cmV2aXNpb24gMS43CmRpZmYgLXUgLXIxLjcgcmV4ZWMuYwotLS0gcmV4ZWMuYwk5IEphbiAyMDA3
 IDAxOjAyOjAyIC0wMDAwCTEuNworKysgcmV4ZWMuYwkyMSBKdW4gMjAwOCAwNDo1MjoxMyAtMDAw
 MApAQCAtMzAsNyArMzAsNyBAQAogICovCiAKICNpZiBkZWZpbmVkKExJQkNfU0NDUykgJiYgIWRl
 ZmluZWQobGludCkKLXN0YXRpYyBjaGFyIHNjY3NpZFtdID0gIkAoIylyZXhlYy5jCTguMSAoQmVy
 a2VsZXkpIDYvNC85MyI7CitzdGF0aWMgY2hhciBzY2NzaWRbXSA9ICJAKCMpcmV4ZWMuYyAgICA4
 LjEgKEJlcmtlbGV5KSA2LzQvOTMiOwogI2VuZGlmIC8qIExJQkNfU0NDUyBhbmQgbm90IGxpbnQg
 Ki8KIAogI2luY2x1ZGUgPHN5cy90eXBlcy5oPgpAQCAtNTEsMzM5ICs1MSwzNjkgQEAKICNpbmNs
 dWRlIDxzdGRsaWIuaD4KICNpbmNsdWRlIDx1bmlzdGQuaD4KIAotaW50CXJleGVjb3B0aW9uczsK
 LWNoYXIJKmdldHBhc3MoKSwgKmdldGxvZ2luKCk7CitjaGFyICAgICpnZXRwYXNzKCk7CitjaGFy
 ICAgICpnZXRsb2dpbigpOwogCiAvKgogICogT3B0aW9ucyBhbmQgb3RoZXIgc3RhdGUgaW5mby4K
 ICAqLwogc3RydWN0IG1hY2VsIHsKLQljaGFyIG1hY19uYW1lWzldOwkvKiBtYWNybyBuYW1lICov
 Ci0JY2hhciAqbWFjX3N0YXJ0OwkvKiBzdGFydCBvZiBtYWNybyBpbiBtYWNidWYgKi8KLQljaGFy
 ICptYWNfZW5kOwkJLyogZW5kIG9mIG1hY3JvIGluIG1hY2J1ZiAqLworICAgICAgICBjaGFyIG1h
 Y19uYW1lWzldOyAgICAvKiBtYWNybyBuYW1lICovCisgICAgICAgIGNoYXIgKm1hY19zdGFydDsg
 ICAgLyogc3RhcnQgb2YgbWFjcm8gaW4gbWFjYnVmICovCisgICAgICAgIGNoYXIgKm1hY19lbmQ7
 ICAgICAgICAvKiBlbmQgb2YgbWFjcm8gaW4gbWFjYnVmICovCiB9OwogCi1pbnQgbWFjbnVtOwkJ
 CS8qIG51bWJlciBvZiBkZWZpbmVkIG1hY3JvcyAqLworaW50IG1hY251bTsgICAgICAgICAgICAv
 KiBudW1iZXIgb2YgZGVmaW5lZCBtYWNyb3MgKi8KIHN0cnVjdCBtYWNlbCBtYWNyb3NbMTZdOwog
 Y2hhciBtYWNidWZbNDA5Nl07CiAKLXN0YXRpYwlGSUxFICpjZmlsZTsKK3N0YXRpYyAgICBGSUxF
 ICpjZmlsZTsKIAogI2RlZmluZQlERUZBVUxUCTEKICNkZWZpbmUJTE9HSU4JMgogI2RlZmluZQlQ
 QVNTV0QJMwotI2RlZmluZQlBQ0NPVU5UIDQKLSNkZWZpbmUgTUFDREVGICA1CisjZGVmaW5lCUFD
 Q09VTlQJNAorI2RlZmluZSBNQUNERUYJNQogI2RlZmluZQlJRAkxMAogI2RlZmluZQlNQUNICTEx
 CiAKIHN0YXRpYyBjaGFyIHRva3ZhbFsxMDBdOwogCiBzdGF0aWMgc3RydWN0IHRva3RhYiB7Ci0J
 Y2hhciAqdG9rc3RyOwotCWludCB0dmFsOworICAgICAgICBjaGFyICp0b2tzdHI7CisgICAgICAg
 IGludCB0dmFsOwogfSB0b2t0YWJbXT0gewotCXsgImRlZmF1bHQiLAlERUZBVUxUIH0sCi0JeyAi
 bG9naW4iLAlMT0dJTiB9LAotCXsgInBhc3N3b3JkIiwJUEFTU1dEIH0sCi0JeyAicGFzc3dkIiwJ
 UEFTU1dEIH0sCi0JeyAiYWNjb3VudCIsCUFDQ09VTlQgfSwKLQl7ICJtYWNoaW5lIiwJTUFDSCB9
 LAotCXsgIm1hY2RlZiIsCU1BQ0RFRiB9LAotCXsgTlVMTCwJCTAgfQorICAgICAgICB7ICJkZWZh
 dWx0IiwJREVGQVVMVCB9LAorICAgICAgICB7ICJsb2dpbiIsCUxPR0lOIH0sCisgICAgICAgIHsg
 InBhc3N3b3JkIiwJUEFTU1dEIH0sCisgICAgICAgIHsgInBhc3N3ZCIsCVBBU1NXRCB9LAorICAg
 ICAgICB7ICJhY2NvdW50IiwJQUNDT1VOVCB9LAorICAgICAgICB7ICJtYWNoaW5lIiwJTUFDSCB9
 LAorICAgICAgICB7ICJtYWNkZWYiLAlNQUNERUYgfSwKKyAgICAgICAgeyBOVUxMLAkJMCB9CiB9
 OwogCiBzdGF0aWMgaW50CiB0b2tlbigpCiB7Ci0JY2hhciAqY3A7Ci0JaW50IGM7Ci0Jc3RydWN0
 IHRva3RhYiAqdDsKLQotCWlmIChmZW9mKGNmaWxlKSB8fCBmZXJyb3IoY2ZpbGUpKQotCQlyZXR1
 cm4gKDApOwotCXdoaWxlICgoYyA9IGdldGMoY2ZpbGUpKSAhPSBFT0YgJiYKLQkgICAgKGMgPT0g
 J1xuJyB8fCBjID09ICdcdCcgfHwgYyA9PSAnICcgfHwgYyA9PSAnLCcpKQotCQljb250aW51ZTsK
 LQlpZiAoYyA9PSBFT0YpCi0JCXJldHVybiAoMCk7Ci0JY3AgPSB0b2t2YWw7Ci0JaWYgKGMgPT0g
 JyInKSB7Ci0JCXdoaWxlICgoYyA9IGdldGMoY2ZpbGUpKSAhPSBFT0YgJiYgYyAhPSAnIicpIHsK
 LQkJCWlmIChjID09ICdcXCcpCi0JCQkJYyA9IGdldGMoY2ZpbGUpOwotCQkJKmNwKysgPSBjOwot
 CQl9Ci0JfSBlbHNlIHsKLQkJKmNwKysgPSBjOwotCQl3aGlsZSAoKGMgPSBnZXRjKGNmaWxlKSkg
 IT0gRU9GCi0JCSAgICAmJiBjICE9ICdcbicgJiYgYyAhPSAnXHQnICYmIGMgIT0gJyAnICYmIGMg
 IT0gJywnKSB7Ci0JCQlpZiAoYyA9PSAnXFwnKQotCQkJCWMgPSBnZXRjKGNmaWxlKTsKLQkJCSpj
 cCsrID0gYzsKLQkJfQotCX0KLQkqY3AgPSAwOwotCWlmICh0b2t2YWxbMF0gPT0gMCkKLQkJcmV0
 dXJuICgwKTsKLQlmb3IgKHQgPSB0b2t0YWI7IHQtPnRva3N0cjsgdCsrKQotCQlpZiAoIXN0cmNt
 cCh0LT50b2tzdHIsIHRva3ZhbCkpCi0JCQlyZXR1cm4gKHQtPnR2YWwpOwotCXJldHVybiAoSUQp
 OworICAgICAgICBjaGFyICpjcDsKKyAgICAgICAgaW50IGM7CisgICAgICAgIHN0cnVjdCB0b2t0
 YWIgKnQ7CisKKyAgICAgICAgaWYgKGZlb2YoY2ZpbGUpIHx8IGZlcnJvcihjZmlsZSkpCisgICAg
 ICAgICAgICByZXR1cm4gKDApOworICAgICAgICB3aGlsZSAoKGMgPSBnZXRjKGNmaWxlKSkgIT0g
 RU9GICYmCisgICAgICAgICAgICAoYyA9PSAnXG4nIHx8IGMgPT0gJ1x0JyB8fCBjID09ICcgJyB8
 fCBjID09ICcsJykpCisgICAgICAgICAgICBjb250aW51ZTsKKyAgICAgICAgaWYgKGMgPT0gRU9G
 KQorICAgICAgICAgICAgcmV0dXJuICgwKTsKKyAgICAgICAgY3AgPSB0b2t2YWw7CisgICAgICAg
 IGlmIChjID09ICciJykgeworICAgICAgICAgICAgd2hpbGUgKChjID0gZ2V0YyhjZmlsZSkpICE9
 IEVPRiAmJiBjICE9ICciJykgeworICAgICAgICAgICAgICAgIGlmIChjID09ICdcXCcpCisgICAg
 ICAgICAgICAgICAgICAgIGMgPSBnZXRjKGNmaWxlKTsKKyAgICAgICAgICAgICAgICAqY3ArKyA9
 IGM7CisgICAgICAgICAgICB9CisgICAgICAgIH0gZWxzZSB7CisgICAgICAgICAgICAqY3ArKyA9
 IGM7CisgICAgICAgICAgICB3aGlsZSAoKGMgPSBnZXRjKGNmaWxlKSkgIT0gRU9GCisgICAgICAg
 ICAgICAgICAgJiYgYyAhPSAnXG4nICYmIGMgIT0gJ1x0JyAmJiBjICE9ICcgJyAmJiBjICE9ICcs
 JykgeworICAgICAgICAgICAgICAgIGlmIChjID09ICdcXCcpCisgICAgICAgICAgICAgICAgICAg
 IGMgPSBnZXRjKGNmaWxlKTsKKyAgICAgICAgICAgICAgICAqY3ArKyA9IGM7CisgICAgICAgICAg
 ICB9CisgICAgICAgIH0KKyAgICAgICAgKmNwID0gMDsKKyAgICAgICAgaWYgKHRva3ZhbFswXSA9
 PSAwKQorICAgICAgICAgICAgcmV0dXJuICgwKTsKKyAgICAgICAgZm9yICh0ID0gdG9rdGFiOyB0
 LT50b2tzdHI7IHQrKykKKyAgICAgICAgICAgIGlmICghc3RyY21wKHQtPnRva3N0ciwgdG9rdmFs
 KSkKKyAgICAgICAgICAgICAgICByZXR1cm4gKHQtPnR2YWwpOworICAgICAgICByZXR1cm4gKElE
 KTsKIH0KIAogc3RhdGljIGludAotcnVzZXJwYXNzKGhvc3QsIGFuYW1lLCBhcGFzcywgYWFjY3Qp
 Ci0JY2hhciAqaG9zdCwgKiphbmFtZSwgKiphcGFzcywgKiphYWNjdDsKK3J1c2VycGFzcyhjaGFy
 ICpob3N0LCBjaGFyICoqYW5hbWUsIGNoYXIgKiphcGFzcywgY2hhciAqKmFhY2N0KQogewotCWNo
 YXIgKmhkaXIsIGJ1ZltCVUZTSVpdLCAqdG1wOwotCWNoYXIgbXluYW1lW01BWEhPU1ROQU1FTEVO
 XSwgKm15ZG9tYWluOwotCWludCB0LCBpLCBjLCB1c2VkZWZhdWx0ID0gMDsKLQlzdHJ1Y3Qgc3Rh
 dCBzdGI7Ci0KLQloZGlyID0gZ2V0ZW52KCJIT01FIik7Ci0JaWYgKGhkaXIgPT0gTlVMTCkKLQkJ
 aGRpciA9ICIuIjsKLQlpZiAoc3RybGVuKGhkaXIpICsgOCA+IHNpemVvZihidWYpKQotCQlyZXR1
 cm4gKDApOwotCSh2b2lkKSBzcHJpbnRmKGJ1ZiwgIiVzLy5uZXRyYyIsIGhkaXIpOwotCWNmaWxl
 ID0gZm9wZW4oYnVmLCAiciIpOwotCWlmIChjZmlsZSA9PSBOVUxMKSB7Ci0JCWlmIChlcnJubyAh
 PSBFTk9FTlQpCi0JCQl3YXJuKCIlcyIsIGJ1Zik7Ci0JCXJldHVybiAoMCk7Ci0JfQotCWlmIChn
 ZXRob3N0bmFtZShteW5hbWUsIHNpemVvZihteW5hbWUpKSA8IDApCi0JCW15bmFtZVswXSA9ICdc
 MCc7Ci0JaWYgKChteWRvbWFpbiA9IHN0cmNocihteW5hbWUsICcuJykpID09IE5VTEwpCi0JCW15
 ZG9tYWluID0gIiI7CisgICAgICAgIGNoYXIgKmhkaXIsIGJ1ZltCVUZTSVpdLCAqdG1wOworICAg
 ICAgICBjaGFyIG15bmFtZVtNQVhIT1NUTkFNRUxFTl0sICpteWRvbWFpbjsKKyAgICAgICAgaW50
 IHQsIGksIGMsIHVzZWRlZmF1bHQgPSAwOworICAgICAgICBpbnQgcmV0X2NvZGUgPSAwOworICAg
 ICAgICBzdHJ1Y3Qgc3RhdCBzdGI7CisKKyAgICAgICAgaGRpciA9IGdldGVudigiSE9NRSIpOwor
 ICAgICAgICBpZiAoaGRpciA9PSBOVUxMKQorICAgICAgICAgICAgaGRpciA9ICIuIjsKKyAgICAg
 ICAgaWYgKHN0cmxlbihoZGlyKSArIDggPiBzaXplb2YoYnVmKSkKKyAgICAgICAgICAgIHJldHVy
 biAoMCk7CisgICAgICAgIHNwcmludGYoYnVmLCAiJXMvLm5ldHJjIiwgaGRpcik7CisgICAgICAg
 IGNmaWxlID0gZm9wZW4oYnVmLCAiciIpOworICAgICAgICBpZiAoY2ZpbGUgPT0gTlVMTCkgewor
 ICAgICAgICAgICAgaWYgKGVycm5vICE9IEVOT0VOVCkKKyAgICAgICAgICAgICAgICB3YXJuKCIl
 cyIsIGJ1Zik7CisgICAgICAgICAgICByZXR1cm4gKDApOworICAgICAgICB9CisgICAgICAgIGlm
 IChnZXRob3N0bmFtZShteW5hbWUsIHNpemVvZihteW5hbWUpKSA8IDApCisgICAgICAgICAgICBt
 eW5hbWVbMF0gPSAnXDAnOworICAgICAgICBpZiAoKG15ZG9tYWluID0gc3RyY2hyKG15bmFtZSwg
 Jy4nKSkgPT0gTlVMTCkKKyAgICAgICAgICAgIG15ZG9tYWluID0gIiI7CiBuZXh0OgotCXdoaWxl
 ICgodCA9IHRva2VuKCkpKSBzd2l0Y2godCkgeworICAgICAgICB3aGlsZSAoKHQgPSB0b2tlbigp
 KSAhPSAwKSB7CisKKyAgICAgICAgICAgIHN3aXRjaCh0KSB7CisgICAgICAgICAgICBjYXNlIERF
 RkFVTFQ6CisgICAgICAgICAgICAgICAgdXNlZGVmYXVsdCA9IDE7CisgICAgICAgICAgICAgICAg
 LyogRkFMTCBUSFJPVUdIICovCisKKyAgICAgICAgICAgIGNhc2UgTUFDSDoKKyAgICAgICAgICAg
 ICAgICBpZiAoIXVzZWRlZmF1bHQpIHsKKyAgICAgICAgICAgICAgICAgICAgaWYgKHRva2VuKCkg
 IT0gSUQpCisgICAgICAgICAgICAgICAgICAgICAgICBjb250aW51ZTsKKyAgICAgICAgICAgICAg
 ICAgICAgLyoKKyAgICAgICAgICAgICAgICAgICAgICogQWxsb3cgbWF0Y2ggZWl0aGVyIGZvciB1
 c2VyJ3MgaW5wdXQgaG9zdAorICAgICAgICAgICAgICAgICAgICAgKiBuYW1lIG9yIG9mZmljaWFs
 IGhvc3RuYW1lLiAgQWxzbyBhbGxvdyBtYXRjaAorICAgICAgICAgICAgICAgICAgICAgKiBvZiBp
 bmNvbXBsZXRlbHktc3BlY2lmaWVkIGhvc3QgaW4gbG9jYWwKKyAgICAgICAgICAgICAgICAgICAg
 ICogZG9tYWluLgorICAgICAgICAgICAgICAgICAgICAgKi8KKyAgICAgICAgICAgICAgICAgICAg
 aWYgKHN0cmNhc2VjbXAoaG9zdCwgdG9rdmFsKSA9PSAwKQorICAgICAgICAgICAgICAgICAgICAg
 ICAgZ290byBtYXRjaDsKKyAgICAgICAgICAgICAgICAgICAgaWYgKCh0bXAgPSBzdHJjaHIoaG9z
 dCwgJy4nKSkgIT0gTlVMTCAmJgorICAgICAgICAgICAgICAgICAgICAgICAgc3RyY2FzZWNtcCh0
 bXAsIG15ZG9tYWluKSA9PSAwICYmCisgICAgICAgICAgICAgICAgICAgICAgICBzdHJuY2FzZWNt
 cChob3N0LCB0b2t2YWwsIHRtcC1ob3N0KSA9PSAwICYmCisgICAgICAgICAgICAgICAgICAgICAg
 ICB0b2t2YWxbdG1wIC0gaG9zdF0gPT0gJ1wwJykgeworICAgICAgICAgICAgICAgICAgICAgICAg
 Z290byBtYXRjaDsKKyAgICAgICAgICAgICAgICAgICAgfQorICAgICAgICAgICAgICAgICAgICBj
 b250aW51ZTsKKyAgICAgICAgICAgICAgICB9CisgICAgICAgICAgICBtYXRjaDoKKyAgICAgICAg
 ICAgICAgICB3aGlsZSAoKHQgPSB0b2tlbigpKSAmJiB0ICE9IE1BQ0ggJiYgdCAhPSBERUZBVUxU
 KSB7CisgICAgICAgICAgICAgICAgICAgIHN3aXRjaCh0KSB7CisgICAgICAgICAgICAgICAgICAg
 IGNhc2UgTE9HSU46CisgICAgICAgICAgICAgICAgICAgICAgICBpZiAodG9rZW4oKSkgeworICAg
 ICAgICAgICAgICAgICAgICAgICAgICAgIGlmICgqYW5hbWUgPT0gMCkgeworICAgICAgICAgICAg
 ICAgICAgICAgICAgICAgICAgICAqYW5hbWUgPSBtYWxsb2Moc3RybGVuKHRva3ZhbCkrMSk7Cisg
 ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGlmICgqYW5hbWUgPT0gTlVMTCkgeworICAg
 ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2FybngoIm1hbGxvYyBmb3IgYW5hbWUg
 ZmFpbGVkXG4iKTsKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGdvdG8gYmFk
 OworICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB9CisgICAgICAgICAgICAgICAgICAg
 ICAgICAgICAgICAgIHN0cmNweSgqYW5hbWUsIHRva3ZhbCk7CisgICAgICAgICAgICAgICAgICAg
 ICAgICAgICAgfSBlbHNlIHsKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgKHN0
 cmNtcCgqYW5hbWUsIHRva3ZhbCkpCisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
 ICBnb3RvIG5leHQ7CisgICAgICAgICAgICAgICAgICAgICAgICAgICAgfQorICAgICAgICAgICAg
 ICAgICAgICAgICAgfQorICAgICAgICAgICAgICAgICAgICAgICAgYnJlYWs7CisgICAgICAgICAg
 ICAgICAgICAgIGNhc2UgUEFTU1dEOgorICAgICAgICAgICAgICAgICAgICAgICAgaWYgKCgqYW5h
 bWUgPT0gMCB8fCBzdHJjbXAoKmFuYW1lLCAiYW5vbnltb3VzIikpICYmCisgICAgICAgICAgICAg
 ICAgICAgICAgICAgICAgZnN0YXQoZmlsZW5vKGNmaWxlKSwgJnN0YikgPj0gMCAmJgorICAgICAg
 ICAgICAgICAgICAgICAgICAgICAgIChzdGIuc3RfbW9kZSAmIDA3NykgIT0gMCkgeworICAgICAg
 ICAgICAgICAgICAgICAgICAgICAgIHdhcm54KCJFcnJvcjogLm5ldHJjIGZpbGUgaXMgcmVhZGFi
 bGUiCisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICIgYnkgb3RoZXJzLlxuUmVtb3Zl
 IHBhc3N3b3JkIgorICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAiIG9yIG1ha2UgZmls
 ZSB1bnJlYWRhYmxlIGJ5IgorICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAiIG90aGVy
 cy5cbiIpOworICAgICAgICAgICAgICAgICAgICAgICAgICAgIGdvdG8gYmFkOworICAgICAgICAg
 ICAgICAgICAgICAgICAgfQorICAgICAgICAgICAgICAgICAgICAgICAgaWYgKHRva2VuKCkgJiYg
 KmFwYXNzID09IE5VTEwpIHsKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAqYXBhc3MgPSBt
 YWxsb2Moc3RybGVuKHRva3ZhbCkrMSk7CisgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYg
 KCphcGFzcyA9PSBOVUxMKSB7CisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdhcm54
 KCJtYWxsb2MgZm9yIGFwYXNzIGZhaWxlZFxuIik7CisgICAgICAgICAgICAgICAgICAgICAgICAg
 ICAgICAgIGdvdG8gYmFkOworICAgICAgICAgICAgICAgICAgICAgICAgICAgIH0KKyAgICAgICAg
 ICAgICAgICAgICAgICAgICAgICBzdHJjcHkoKmFwYXNzLCB0b2t2YWwpOworICAgICAgICAgICAg
 ICAgICAgICAgICAgfQorICAgICAgICAgICAgICAgICAgICAgICAgYnJlYWs7CisgICAgICAgICAg
 ICAgICAgICAgIGNhc2UgQUNDT1VOVDoKKyAgICAgICAgICAgICAgICAgICAgICAgIGlmIChmc3Rh
 dChmaWxlbm8oY2ZpbGUpLCAmc3RiKSA+PSAwCisgICAgICAgICAgICAgICAgICAgICAgICAgICAg
 JiYgKHN0Yi5zdF9tb2RlICYgMDc3KSAhPSAwKSB7CisgICAgICAgICAgICAgICAgICAgICAgICAg
 ICAgd2FybngoIkVycm9yOiAubmV0cmMgZmlsZSBpcyByZWFkYWJsZSIKKyAgICAgICAgICAgICAg
 ICAgICAgICAgICAgICAgICAgIiBieSBvdGhlcnMuXG5SZW1vdmUgYWNjb3VudCIKKyAgICAgICAg
 ICAgICAgICAgICAgICAgICAgICAgICAgIiBvciBtYWtlIGZpbGUgdW5yZWFkYWJsZSBieSIKKyAg
 ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIiBvdGhlcnMuXG4iKTsKKyAgICAgICAgICAg
 ICAgICAgICAgICAgICAgICBnb3RvIGJhZDsKKyAgICAgICAgICAgICAgICAgICAgICAgIH0KKyAg
 ICAgICAgICAgICAgICAgICAgICAgIGlmICh0b2tlbigpICYmICphYWNjdCA9PSBOVUxMKSB7Cisg
 ICAgICAgICAgICAgICAgICAgICAgICAgICAgKmFhY2N0ID0gbWFsbG9jKHN0cmxlbih0b2t2YWwp
 KzEpOworICAgICAgICAgICAgICAgICAgICAgICAgICAgIGlmICgqYWFjY3QgPT0gTlVMTCkgewor
 ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB3YXJueCgibWFsbG9jIGZvciBhYWNjdCBm
 YWlsZWRcbiIpOworICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBnb3RvIGJhZDsKKyAg
 ICAgICAgICAgICAgICAgICAgICAgICAgICB9CisgICAgICAgICAgICAgICAgICAgICAgICAgICAg
 c3RyY3B5KCphYWNjdCwgdG9rdmFsKTsKKyAgICAgICAgICAgICAgICAgICAgICAgIH0KKyAgICAg
 ICAgICAgICAgICAgICAgICAgIGJyZWFrOworICAgICAgICAgICAgICAgICAgICBjYXNlIE1BQ0RF
 RjoKKyAgICAgICAgICAgICAgICAgICAgICAgIHdoaWxlICgoYz1nZXRjKGNmaWxlKSkgIT0gRU9G
 ICYmCisgICAgICAgICAgICAgICAgICAgICAgICAgICAgKGMgPT0gJyAnIHx8IGMgPT0gJ1x0Jykp
 IHsKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAvKiBOdWxsIGxvb3AgYm9keSAqLworICAg
 ICAgICAgICAgICAgICAgICAgICAgfQorICAgICAgICAgICAgICAgICAgICAgICAgaWYgKGMgPT0g
 RU9GIHx8IGMgPT0gJ1xuJykgeworICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdhcm54KCJN
 aXNzaW5nIG1hY2RlZiBuYW1lIGFyZ3VtZW50LlxuIik7CisgICAgICAgICAgICAgICAgICAgICAg
 ICAgICAgZ290byBiYWQ7CisgICAgICAgICAgICAgICAgICAgICAgICB9CisgICAgICAgICAgICAg
 ICAgICAgICAgICBpZiAobWFjbnVtID09IDE2KSB7CisgICAgICAgICAgICAgICAgICAgICAgICAg
 ICAgd2FybngoIkxpbWl0IG9mIDE2IG1hY3JvcyBoYXZlIGFscmVhZHkgYmVlbiBkZWZpbmVkXG4i
 KTsKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICBnb3RvIGJhZDsKKyAgICAgICAgICAgICAg
 ICAgICAgICAgIH0KKyAgICAgICAgICAgICAgICAgICAgICAgIHRtcCA9IG1hY3Jvc1ttYWNudW1d
 Lm1hY19uYW1lOworICAgICAgICAgICAgICAgICAgICAgICAgKnRtcCsrID0gYzsKKyAgICAgICAg
 ICAgICAgICAgICAgICAgIGZvciAoaT0wOyBpIDwgOCAmJiAoYz1nZXRjKGNmaWxlKSkgIT0gRU9G
 ICYmICFpc3NwYWNlKGMpOyArK2kpIHsKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAqdG1w
 KysgPSBjOworICAgICAgICAgICAgICAgICAgICAgICAgfQorICAgICAgICAgICAgICAgICAgICAg
 ICAgaWYgKGMgPT0gRU9GKSB7CisgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2FybngoIk1h
 Y3JvIGRlZmluaXRpb24gbWlzc2luZyBudWxsIgorICAgICAgICAgICAgICAgICAgICAgICAgICAg
 ICAgICAiIGxpbmUgdGVybWluYXRvci5cbiIpOworICAgICAgICAgICAgICAgICAgICAgICAgICAg
 IGdvdG8gYmFkOworICAgICAgICAgICAgICAgICAgICAgICAgfQorICAgICAgICAgICAgICAgICAg
 ICAgICAgKnRtcCA9ICdcMCc7CisgICAgICAgICAgICAgICAgICAgICAgICBpZiAoYyAhPSAnXG4n
 KSB7CisgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2hpbGUgKChjPWdldGMoY2ZpbGUpKSAh
 PSBFT0YgJiYgYyAhPSAnXG4nKSA7CisgICAgICAgICAgICAgICAgICAgICAgICB9CisgICAgICAg
 ICAgICAgICAgICAgICAgICBpZiAoYyA9PSBFT0YpIHsKKyAgICAgICAgICAgICAgICAgICAgICAg
 ICAgICB3YXJueCgiTWFjcm8gZGVmaW5pdGlvbiBtaXNzaW5nIG51bGwiCisgICAgICAgICAgICAg
 ICAgICAgICAgICAgICAgICAgICIgbGluZSB0ZXJtaW5hdG9yLlxuIik7CisgICAgICAgICAgICAg
 ICAgICAgICAgICAgICAgZ290byBiYWQ7CisgICAgICAgICAgICAgICAgICAgICAgICB9CisgICAg
 ICAgICAgICAgICAgICAgICAgICBpZiAobWFjbnVtID09IDApIHsKKyAgICAgICAgICAgICAgICAg
 ICAgICAgICAgICBtYWNyb3NbbWFjbnVtXS5tYWNfc3RhcnQgPSBtYWNidWY7CisgICAgICAgICAg
 ICAgICAgICAgICAgICB9CisgICAgICAgICAgICAgICAgICAgICAgICBlbHNlIHsKKyAgICAgICAg
 ICAgICAgICAgICAgICAgICAgICBtYWNyb3NbbWFjbnVtXS5tYWNfc3RhcnQgPQorICAgICAgICAg
 ICAgICAgICAgICAgICAgICAgICAgICBtYWNyb3NbbWFjbnVtLTFdLm1hY19lbmQgKyAxOworICAg
 ICAgICAgICAgICAgICAgICAgICAgfQorICAgICAgICAgICAgICAgICAgICAgICAgdG1wID0gbWFj
 cm9zW21hY251bV0ubWFjX3N0YXJ0OworICAgICAgICAgICAgICAgICAgICAgICAgd2hpbGUgKHRt
 cCAhPSBtYWNidWYgKyA0MDk2KSB7CisgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgKChj
 PWdldGMoY2ZpbGUpKSA9PSBFT0YpIHsKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
 d2FybngoIk1hY3JvIGRlZmluaXRpb24gbWlzc2luZyIKKyAgICAgICAgICAgICAgICAgICAgICAg
 ICAgICAgICAgICAgICIgbnVsbCBsaW5lIgorICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
 ICAgICAgIiB0ZXJtaW5hdG9yLlxuIik7CisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
 IGdvdG8gYmFkOworICAgICAgICAgICAgICAgICAgICAgICAgICAgIH0KKyAgICAgICAgICAgICAg
 ICAgICAgICAgICAgICAqdG1wID0gYzsKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICBpZiAo
 KnRtcCA9PSAnXG4nKSB7CisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGlmICgqKHRt
 cC0xKSA9PSAnXDAnKSB7CisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIG1hY3Jv
 c1ttYWNudW0rK10ubWFjX2VuZCA9IHRtcC0xOworICAgICAgICAgICAgICAgICAgICAgICAgICAg
 ICAgICAgICBicmVhazsKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgfQorICAgICAg
 ICAgICAgICAgICAgICAgICAgICAgICAgICAqdG1wID0gJ1wwJzsKKyAgICAgICAgICAgICAgICAg
 ICAgICAgICAgICB9CisgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG1wKys7CisgICAgICAg
 ICAgICAgICAgICAgICAgICB9CisgICAgICAgICAgICAgICAgICAgICAgICBpZiAodG1wID09IG1h
 Y2J1ZiArIDQwOTYpIHsKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICB3YXJueCgiNEsgbWFj
 cm8gYnVmZmVyIGV4Y2VlZGVkXG4iKTsKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICBnb3Rv
 IGJhZDsKKyAgICAgICAgICAgICAgICAgICAgICAgIH0KKyAgICAgICAgICAgICAgICAgICAgICAg
 IGJyZWFrOworICAgICAgICAgICAgICAgICAgICBkZWZhdWx0OgorICAgICAgICAgICAgICAgICAg
 ICAgICAgd2FybngoIlVua25vd24gLm5ldHJjIGtleXdvcmQgJXMiLCB0b2t2YWwpOworICAgICAg
 ICAgICAgICAgICAgICAgICAgYnJlYWs7CisKKyAgICAgICAgICAgICAgICAgICAgfQorCisgICAg
 ICAgICAgICAgICAgfQorCisgICAgICAgICAgICB9CisKKyAgICAgICAgICAgIGdvdG8gZG9uZTsK
 KworICAgICAgICB9CisKKyAgICAgICAgZ290byBkb25lOwogCi0JY2FzZSBERUZBVUxUOgotCQl1
 c2VkZWZhdWx0ID0gMTsKLQkJLyogRkFMTCBUSFJPVUdIICovCi0KLQljYXNlIE1BQ0g6Ci0JCWlm
 ICghdXNlZGVmYXVsdCkgewotCQkJaWYgKHRva2VuKCkgIT0gSUQpCi0JCQkJY29udGludWU7Ci0J
 CQkvKgotCQkJICogQWxsb3cgbWF0Y2ggZWl0aGVyIGZvciB1c2VyJ3MgaW5wdXQgaG9zdCBuYW1l
 Ci0JCQkgKiBvciBvZmZpY2lhbCBob3N0bmFtZS4gIEFsc28gYWxsb3cgbWF0Y2ggb2YKLQkJCSAq
 IGluY29tcGxldGVseS1zcGVjaWZpZWQgaG9zdCBpbiBsb2NhbCBkb21haW4uCi0JCQkgKi8KLQkJ
 CWlmIChzdHJjYXNlY21wKGhvc3QsIHRva3ZhbCkgPT0gMCkKLQkJCQlnb3RvIG1hdGNoOwotCQkJ
 aWYgKCh0bXAgPSBzdHJjaHIoaG9zdCwgJy4nKSkgIT0gTlVMTCAmJgotCQkJICAgIHN0cmNhc2Vj
 bXAodG1wLCBteWRvbWFpbikgPT0gMCAmJgotCQkJICAgIHN0cm5jYXNlY21wKGhvc3QsIHRva3Zh
 bCwgdG1wIC0gaG9zdCkgPT0gMCAmJgotCQkJICAgIHRva3ZhbFt0bXAgLSBob3N0XSA9PSAnXDAn
 KQotCQkJCWdvdG8gbWF0Y2g7Ci0JCQljb250aW51ZTsKLQkJfQotCW1hdGNoOgotCQl3aGlsZSAo
 KHQgPSB0b2tlbigpKSAmJiB0ICE9IE1BQ0ggJiYgdCAhPSBERUZBVUxUKSBzd2l0Y2godCkgewot
 Ci0JCWNhc2UgTE9HSU46Ci0JCQlpZiAodG9rZW4oKSkKLQkJCQlpZiAoKmFuYW1lID09IDApIHsK
 LQkJCQkJKmFuYW1lID0gbWFsbG9jKCh1bnNpZ25lZCkgc3RybGVuKHRva3ZhbCkgKyAxKTsKLQkJ
 CQkJKHZvaWQpIHN0cmNweSgqYW5hbWUsIHRva3ZhbCk7Ci0JCQkJfSBlbHNlIHsKLQkJCQkJaWYg
 KHN0cmNtcCgqYW5hbWUsIHRva3ZhbCkpCi0JCQkJCQlnb3RvIG5leHQ7Ci0JCQkJfQotCQkJYnJl
 YWs7Ci0JCWNhc2UgUEFTU1dEOgotCQkJaWYgKCgqYW5hbWUgPT0gMCB8fCBzdHJjbXAoKmFuYW1l
 LCAiYW5vbnltb3VzIikpICYmCi0JCQkgICAgZnN0YXQoZmlsZW5vKGNmaWxlKSwgJnN0YikgPj0g
 MCAmJgotCQkJICAgIChzdGIuc3RfbW9kZSAmIDA3NykgIT0gMCkgewotCXdhcm54KCJFcnJvcjog
 Lm5ldHJjIGZpbGUgaXMgcmVhZGFibGUgYnkgb3RoZXJzLiIpOwotCXdhcm54KCJSZW1vdmUgcGFz
 c3dvcmQgb3IgbWFrZSBmaWxlIHVucmVhZGFibGUgYnkgb3RoZXJzLiIpOwotCQkJCWdvdG8gYmFk
 OwotCQkJfQotCQkJaWYgKHRva2VuKCkgJiYgKmFwYXNzID09IDApIHsKLQkJCQkqYXBhc3MgPSBt
 YWxsb2MoKHVuc2lnbmVkKSBzdHJsZW4odG9rdmFsKSArIDEpOwotCQkJCSh2b2lkKSBzdHJjcHko
 KmFwYXNzLCB0b2t2YWwpOwotCQkJfQotCQkJYnJlYWs7Ci0JCWNhc2UgQUNDT1VOVDoKLQkJCWlm
 IChmc3RhdChmaWxlbm8oY2ZpbGUpLCAmc3RiKSA+PSAwCi0JCQkgICAgJiYgKHN0Yi5zdF9tb2Rl
 ICYgMDc3KSAhPSAwKSB7Ci0Jd2FybngoIkVycm9yOiAubmV0cmMgZmlsZSBpcyByZWFkYWJsZSBi
 eSBvdGhlcnMuIik7Ci0Jd2FybngoIlJlbW92ZSBhY2NvdW50IG9yIG1ha2UgZmlsZSB1bnJlYWRh
 YmxlIGJ5IG90aGVycy4iKTsKLQkJCQlnb3RvIGJhZDsKLQkJCX0KLQkJCWlmICh0b2tlbigpICYm
 ICphYWNjdCA9PSAwKSB7Ci0JCQkJKmFhY2N0ID0gbWFsbG9jKCh1bnNpZ25lZCkgc3RybGVuKHRv
 a3ZhbCkgKyAxKTsKLQkJCQkodm9pZCkgc3RyY3B5KCphYWNjdCwgdG9rdmFsKTsKLQkJCX0KLQkJ
 CWJyZWFrOwotCQljYXNlIE1BQ0RFRjoKLQkJCXdoaWxlICgoYz1nZXRjKGNmaWxlKSkgIT0gRU9G
 ICYmCi0JCQkJCQkoYyA9PSAnICcgfHwgYyA9PSAnXHQnKSkKLQkJCQk7Ci0JCQlpZiAoYyA9PSBF
 T0YgfHwgYyA9PSAnXG4nKSB7Ci0JCQkJcHJpbnRmKCJNaXNzaW5nIG1hY2RlZiBuYW1lIGFyZ3Vt
 ZW50LlxuIik7Ci0JCQkJZ290byBiYWQ7Ci0JCQl9Ci0JCQlpZiAobWFjbnVtID09IDE2KSB7Ci0J
 CQkJcHJpbnRmKCJMaW1pdCBvZiAxNiBtYWNyb3MgaGF2ZSBhbHJlYWR5IGJlZW4gZGVmaW5lZFxu
 Iik7Ci0JCQkJZ290byBiYWQ7Ci0JCQl9Ci0JCQl0bXAgPSBtYWNyb3NbbWFjbnVtXS5tYWNfbmFt
 ZTsKLQkJCSp0bXArKyA9IGM7Ci0JCQlmb3IgKGk9MDsgaSA8IDggJiYgKGM9Z2V0YyhjZmlsZSkp
 ICE9IEVPRiAmJgotCQkJICAgICFpc3NwYWNlKGMpOyArK2kpIHsKLQkJCQkqdG1wKysgPSBjOwot
 CQkJfQotCQkJaWYgKGMgPT0gRU9GKSB7Ci0JCQkJcHJpbnRmKCJNYWNybyBkZWZpbml0aW9uIG1p
 c3NpbmcgbnVsbCBsaW5lIHRlcm1pbmF0b3IuXG4iKTsKLQkJCQlnb3RvIGJhZDsKLQkJCX0KLQkJ
 CSp0bXAgPSAnXDAnOwotCQkJaWYgKGMgIT0gJ1xuJykgewotCQkJCXdoaWxlICgoYz1nZXRjKGNm
 aWxlKSkgIT0gRU9GICYmIGMgIT0gJ1xuJyk7Ci0JCQl9Ci0JCQlpZiAoYyA9PSBFT0YpIHsKLQkJ
 CQlwcmludGYoIk1hY3JvIGRlZmluaXRpb24gbWlzc2luZyBudWxsIGxpbmUgdGVybWluYXRvci5c
 biIpOwotCQkJCWdvdG8gYmFkOwotCQkJfQotCQkJaWYgKG1hY251bSA9PSAwKSB7Ci0JCQkJbWFj
 cm9zW21hY251bV0ubWFjX3N0YXJ0ID0gbWFjYnVmOwotCQkJfQotCQkJZWxzZSB7Ci0JCQkJbWFj
 cm9zW21hY251bV0ubWFjX3N0YXJ0ID0gbWFjcm9zW21hY251bS0xXS5tYWNfZW5kICsgMTsKLQkJ
 CX0KLQkJCXRtcCA9IG1hY3Jvc1ttYWNudW1dLm1hY19zdGFydDsKLQkJCXdoaWxlICh0bXAgIT0g
 bWFjYnVmICsgNDA5NikgewotCQkJCWlmICgoYz1nZXRjKGNmaWxlKSkgPT0gRU9GKSB7Ci0JCQkJ
 cHJpbnRmKCJNYWNybyBkZWZpbml0aW9uIG1pc3NpbmcgbnVsbCBsaW5lIHRlcm1pbmF0b3IuXG4i
 KTsKLQkJCQkJZ290byBiYWQ7Ci0JCQkJfQotCQkJCSp0bXAgPSBjOwotCQkJCWlmICgqdG1wID09
 ICdcbicpIHsKLQkJCQkJaWYgKCoodG1wLTEpID09ICdcMCcpIHsKLQkJCQkJICAgbWFjcm9zW21h
 Y251bSsrXS5tYWNfZW5kID0gdG1wIC0gMTsKLQkJCQkJICAgYnJlYWs7Ci0JCQkJCX0KLQkJCQkJ
 KnRtcCA9ICdcMCc7Ci0JCQkJfQotCQkJCXRtcCsrOwotCQkJfQotCQkJaWYgKHRtcCA9PSBtYWNi
 dWYgKyA0MDk2KSB7Ci0JCQkJcHJpbnRmKCI0SyBtYWNybyBidWZmZXIgZXhjZWVkZWRcbiIpOwot
 CQkJCWdvdG8gYmFkOwotCQkJfQotCQkJYnJlYWs7Ci0JCWRlZmF1bHQ6Ci0JCQl3YXJueCgiVW5r
 bm93biAubmV0cmMga2V5d29yZCAlcyIsIHRva3ZhbCk7Ci0JCQlicmVhazsKLQkJfQotCQlnb3Rv
 IGRvbmU7Ci0JfQotZG9uZToKLQkodm9pZCkgZmNsb3NlKGNmaWxlKTsKLQlyZXR1cm4gKDApOwog
 YmFkOgotCSh2b2lkKSBmY2xvc2UoY2ZpbGUpOwotCXJldHVybiAoLTEpOworICAgICAgICByZXRf
 Y29kZSA9IC0xOworZG9uZToKKyAgICAgICAgZmNsb3NlKGNmaWxlKTsKKyAgICAgICAgcmV0dXJu
 IHJldF9jb2RlOwogfQogCiBpbnQKLXJleGVjKGFob3N0LCBycG9ydCwgbmFtZSwgcGFzcywgY21k
 LCBmZDJwKQotCWNoYXIgKiphaG9zdDsKLQlpbnQgcnBvcnQ7Ci0JY2hhciAqbmFtZSwgKnBhc3Ms
 ICpjbWQ7Ci0JaW50ICpmZDJwOworcmV4ZWMoY2hhciAqKmFob3N0LCBpbnQgcnBvcnQsIGNoYXIg
 Km5hbWUsIGNoYXIgKnBhc3MsIGNoYXIgKmNtZCwgaW50ICpmZDJwKQogewotCXN0cnVjdCBzb2Nr
 YWRkcl9pbiBzaW4sIHNpbjIsIGZyb207Ci0Jc3RydWN0IGhvc3RlbnQgKmhwOwotCXVfc2hvcnQg
 cG9ydDsKLQlpbnQgcywgdGltbyA9IDEsIHMzOwotCWNoYXIgYzsKLQotCWhwID0gZ2V0aG9zdGJ5
 bmFtZSgqYWhvc3QpOwotCWlmIChocCA9PSAwKSB7Ci0JCWhlcnJvcigqYWhvc3QpOwotCQlyZXR1
 cm4gKC0xKTsKLQl9Ci0JKmFob3N0ID0gaHAtPmhfbmFtZTsKLQlydXNlcnBhc3MoaHAtPmhfbmFt
 ZSwgJm5hbWUsICZwYXNzKTsKKyAgICAgICAgc3RydWN0IHNvY2thZGRyX2luIHNpbiwgc2luMiwg
 ZnJvbTsKKyAgICAgICAgc3RydWN0IGhvc3RlbnQgKmhwOworICAgICAgICB1X3Nob3J0IHBvcnQ7
 CisgICAgICAgIGludCBzLCB0aW1vID0gMSwgczM7CisgICAgICAgIGNoYXIgYzsKKworICAgICAg
 ICBocCA9IGdldGhvc3RieW5hbWUoKmFob3N0KTsKKyAgICAgICAgaWYgKGhwID09IE5VTEwpIHsK
 KyAgICAgICAgICAgIGhlcnJvcigqYWhvc3QpOworICAgICAgICAgICAgcmV0dXJuIC0xOworICAg
 ICAgICB9CisgICAgICAgICphaG9zdCA9IGhwLT5oX25hbWU7CisgICAgICAgIHJ1c2VycGFzcyho
 cC0+aF9uYW1lLCAmbmFtZSwgJnBhc3MpOwogcmV0cnk6Ci0JcyA9IHNvY2tldChBRl9JTkVULCBT
 T0NLX1NUUkVBTSwgMCk7Ci0JaWYgKHMgPCAwKSB7Ci0JCXBlcnJvcigicmV4ZWM6IHNvY2tldCIp
 OwotCQlyZXR1cm4gKC0xKTsKLQl9Ci0Jc2luLnNpbl9mYW1pbHkgPSBocC0+aF9hZGRydHlwZTsK
 LQlzaW4uc2luX3BvcnQgPSBycG9ydDsKLQliY29weShocC0+aF9hZGRyLCAoY2FkZHJfdCkmc2lu
 LnNpbl9hZGRyLCBocC0+aF9sZW5ndGgpOwotCWlmIChjb25uZWN0KHMsIChzdHJ1Y3Qgc29ja2Fk
 ZHIgKikmc2luLCBzaXplb2Yoc2luKSkgPCAwKSB7Ci0JCWlmIChlcnJubyA9PSBFQ09OTlJFRlVT
 RUQgJiYgdGltbyA8PSAxNikgewotCQkJKHZvaWQpIGNsb3NlKHMpOwotCQkJc2xlZXAodGltbyk7
 Ci0JCQl0aW1vICo9IDI7Ci0JCQlnb3RvIHJldHJ5OwotCQl9Ci0JCXBlcnJvcihocC0+aF9uYW1l
 KTsKLQkJcmV0dXJuICgtMSk7Ci0JfQotCWlmIChmZDJwID09IDApIHsKLQkJKHZvaWQpIHdyaXRl
 KHMsICIiLCAxKTsKLQkJcG9ydCA9IDA7Ci0JfSBlbHNlIHsKLQkJY2hhciBudW1bOF07Ci0JCWlu
 dCBzMiwgc2luMmxlbjsKLQotCQlzMiA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgMCk7
 Ci0JCWlmIChzMiA8IDApIHsKLQkJCSh2b2lkKSBjbG9zZShzKTsKLQkJCXJldHVybiAoLTEpOwot
 CQl9Ci0JCWxpc3RlbihzMiwgMSk7Ci0JCXNpbjJsZW4gPSBzaXplb2YgKHNpbjIpOwotCQlpZiAo
 Z2V0c29ja25hbWUoczIsIChzdHJ1Y3Qgc29ja2FkZHIgKikmc2luMiwgJnNpbjJsZW4pIDwgMCB8
 fAotCQkgIHNpbjJsZW4gIT0gc2l6ZW9mIChzaW4yKSkgewotCQkJcGVycm9yKCJnZXRzb2NrbmFt
 ZSIpOwotCQkJKHZvaWQpIGNsb3NlKHMyKTsKLQkJCWdvdG8gYmFkOwotCQl9Ci0JCXBvcnQgPSBu
 dG9ocygodV9zaG9ydClzaW4yLnNpbl9wb3J0KTsKLQkJKHZvaWQpIHNwcmludGYobnVtLCAiJXUi
 LCBwb3J0KTsKLQkJKHZvaWQpIHdyaXRlKHMsIG51bSwgc3RybGVuKG51bSkrMSk7Ci0JCXsgaW50
 IGxlbiA9IHNpemVvZiAoZnJvbSk7Ci0JCSAgczMgPSBhY2NlcHQoczIsIChzdHJ1Y3Qgc29ja2Fk
 ZHIgKikmZnJvbSwgJmxlbik7Ci0JCSAgY2xvc2UoczIpOwotCQkgIGlmIChzMyA8IDApIHsKLQkJ
 CXBlcnJvcigiYWNjZXB0Iik7Ci0JCQlwb3J0ID0gMDsKLQkJCWdvdG8gYmFkOwotCQkgIH0KLQkJ
 fQotCQkqZmQycCA9IHMzOwotCX0KLQkodm9pZCkgd3JpdGUocywgbmFtZSwgc3RybGVuKG5hbWUp
 ICsgMSk7Ci0JLyogc2hvdWxkIHB1YmxpYyBrZXkgZW5jeXB0IHRoZSBwYXNzd29yZCBoZXJlICov
 Ci0JKHZvaWQpIHdyaXRlKHMsIHBhc3MsIHN0cmxlbihwYXNzKSArIDEpOwotCSh2b2lkKSB3cml0
 ZShzLCBjbWQsIHN0cmxlbihjbWQpICsgMSk7Ci0JaWYgKHJlYWQocywgJmMsIDEpICE9IDEpIHsK
 LQkJcGVycm9yKCphaG9zdCk7Ci0JCWdvdG8gYmFkOwotCX0KLQlpZiAoYyAhPSAwKSB7Ci0JCXdo
 aWxlIChyZWFkKHMsICZjLCAxKSA9PSAxKSB7Ci0JCQkodm9pZCkgd3JpdGUoMiwgJmMsIDEpOwot
 CQkJaWYgKGMgPT0gJ1xuJykKLQkJCQlicmVhazsKLQkJfQotCQlnb3RvIGJhZDsKLQl9Ci0JcmV0
 dXJuIChzKTsKKyAgICAgICAgcyA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgMCk7Cisg
 ICAgICAgIGlmIChzIDwgMCkgeworICAgICAgICAgICAgcGVycm9yKCJyZXhlYzogc29ja2V0Iik7
 CisgICAgICAgICAgICByZXR1cm4gLTE7CisgICAgICAgIH0KKyAgICAgICAgc2luLnNpbl9mYW1p
 bHkgPSBocC0+aF9hZGRydHlwZTsKKyAgICAgICAgc2luLnNpbl9wb3J0ID0gcnBvcnQ7CisgICAg
 ICAgIGJjb3B5KGhwLT5oX2FkZHIsIChjYWRkcl90KSZzaW4uc2luX2FkZHIsIGhwLT5oX2xlbmd0
 aCk7CisgICAgICAgIGlmIChjb25uZWN0KHMsIChzdHJ1Y3Qgc29ja2FkZHIgKikmc2luLCBzaXpl
 b2Yoc2luKSkgPCAwKSB7CisgICAgICAgICAgICBpZiAoZXJybm8gPT0gRUNPTk5SRUZVU0VEICYm
 IHRpbW8gPD0gMTYpIHsKKyAgICAgICAgICAgICAgICBjbG9zZShzKTsKKyAgICAgICAgICAgICAg
 ICBzbGVlcCh0aW1vKTsKKyAgICAgICAgICAgICAgICB0aW1vICo9IDI7CisgICAgICAgICAgICAg
 ICAgZ290byByZXRyeTsKKyAgICAgICAgICAgIH0KKyAgICAgICAgICAgIHBlcnJvcihocC0+aF9u
 YW1lKTsKKyAgICAgICAgICAgIHJldHVybiAtMTsKKyAgICAgICAgfQorICAgICAgICBpZiAoZmQy
 cCA9PSBOVUxMKSB7CisgICAgICAgICAgICB3cml0ZShzLCAiIiwgMSk7CisgICAgICAgICAgICBw
 b3J0ID0gMDsKKyAgICAgICAgfSBlbHNlIHsKKyAgICAgICAgICAgIGNoYXIgbnVtWzhdOworICAg
 ICAgICAgICAgaW50IHMyLCBzaW4ybGVuOworCisgICAgICAgICAgICBzMiA9IHNvY2tldChBRl9J
 TkVULCBTT0NLX1NUUkVBTSwgMCk7CisgICAgICAgICAgICBpZiAoczIgPCAwKSB7CisgICAgICAg
 ICAgICAgICAgY2xvc2Uocyk7CisgICAgICAgICAgICAgICAgcmV0dXJuIC0xOworICAgICAgICAg
 ICAgfQorICAgICAgICAgICAgbGlzdGVuKHMyLCAxKTsKKyAgICAgICAgICAgIHNpbjJsZW4gPSBz
 aXplb2YgKHNpbjIpOworICAgICAgICAgICAgaWYgKGdldHNvY2tuYW1lKHMyLCAoc3RydWN0IHNv
 Y2thZGRyICopJnNpbjIsICZzaW4ybGVuKSA8IDAgfHwKKyAgICAgICAgICAgICAgc2luMmxlbiAh
 PSBzaXplb2YgKHNpbjIpKSB7CisgICAgICAgICAgICAgICAgcGVycm9yKCJnZXRzb2NrbmFtZSIp
 OworICAgICAgICAgICAgICAgIGNsb3NlKHMyKTsKKyAgICAgICAgICAgICAgICBnb3RvIGJhZDsK
 KyAgICAgICAgICAgIH0KKyAgICAgICAgICAgIHBvcnQgPSBudG9ocygodV9zaG9ydClzaW4yLnNp
 bl9wb3J0KTsKKyAgICAgICAgICAgIHNwcmludGYobnVtLCAiJXUiLCBwb3J0KTsKKyAgICAgICAg
 ICAgIHdyaXRlKHMsIG51bSwgc3RybGVuKG51bSkrMSk7CisgICAgICAgICAgICB7IGludCBsZW4g
 PSBzaXplb2YgKGZyb20pOworICAgICAgICAgICAgICBzMyA9IGFjY2VwdChzMiwgKHN0cnVjdCBz
 b2NrYWRkciAqKSZmcm9tLCAmbGVuKTsKKyAgICAgICAgICAgICAgY2xvc2UoczIpOworICAgICAg
 ICAgICAgICBpZiAoczMgPCAwKSB7CisgICAgICAgICAgICAgICAgcGVycm9yKCJhY2NlcHQiKTsK
 KyAgICAgICAgICAgICAgICBwb3J0ID0gMDsKKyAgICAgICAgICAgICAgICBnb3RvIGJhZDsKKyAg
 ICAgICAgICAgICAgfQorICAgICAgICAgICAgfQorICAgICAgICAgICAgKmZkMnAgPSBzMzsKKyAg
 ICAgICAgfQorICAgICAgICB3cml0ZShzLCBuYW1lLCBzdHJsZW4obmFtZSkgKyAxKTsKKyAgICAg
 ICAgLyogc2hvdWxkIHB1YmxpYyBrZXkgZW5jeXB0IHRoZSBwYXNzd29yZCBoZXJlICovCisgICAg
 ICAgIHdyaXRlKHMsIHBhc3MsIHN0cmxlbihwYXNzKSArIDEpOworICAgICAgICB3cml0ZShzLCBj
 bWQsIHN0cmxlbihjbWQpICsgMSk7CisgICAgICAgIGlmIChyZWFkKHMsICZjLCAxKSAhPSAxKSB7
 CisgICAgICAgICAgICBwZXJyb3IoKmFob3N0KTsKKyAgICAgICAgICAgIGdvdG8gYmFkOworICAg
 ICAgICB9CisgICAgICAgIGlmIChjICE9IDApIHsKKyAgICAgICAgICAgIHdoaWxlIChyZWFkKHMs
 ICZjLCAxKSA9PSAxKSB7CisgICAgICAgICAgICAgICAgd3JpdGUoMiwgJmMsIDEpOworICAgICAg
 ICAgICAgICAgIGlmIChjID09ICdcbicpCisgICAgICAgICAgICAgICAgICAgIGJyZWFrOworICAg
 ICAgICAgICAgfQorICAgICAgICAgICAgZ290byBiYWQ7CisgICAgICAgIH0KKyAgICAgICAgcmV0
 dXJuIHM7CiBiYWQ6Ci0JaWYgKHBvcnQpCi0JCSh2b2lkKSBjbG9zZSgqZmQycCk7Ci0JKHZvaWQp
 IGNsb3NlKHMpOwotCXJldHVybiAoLTEpOworICAgICAgICBpZiAocG9ydCkKKyAgICAgICAgICAg
 IGNsb3NlKCpmZDJwKTsKKyAgICAgICAgY2xvc2Uocyk7CisgICAgICAgIHJldHVybiAtMTsKIH0K
 
 ------=_Part_14701_30557979.1214024836491--

From: Dan Lukes <dan@obluda.cz>
To: Garrett Cooper <yanefbsd@gmail.com>
Cc: bug-followup@FreeBSD.org
Subject: Re: bin/83358: [patch] improper handling of malloc failures within
 rexec()
Date: Sun, 22 Jun 2008 15:43:42 +0200

 Garrett Cooper wrote:
 > This patch includes the fixes provided previously (minus the port var
 > removal provided by the OP), plus some style fixes and source
 > updating.
 
 > +                            if (*aname == 0) {
 > +                                *aname = malloc(strlen(tokval)+1);
 > +                                if (*aname == NULL) {
 > +                                    warnx("malloc for aname failed\n");
 > +                                    goto bad;
 > +                                }
 > +                                strcpy(*aname, tokval);
 
 Minor:
 
 1.	Are you hate strdup() for a reason (in place of malloc+strcpy)?
 
 Very minor:
 
 2.	Are you sure the average user will be more happy with "malloc for 
 aname failed" than with "Cannot allocate memory for user name" ?
 
 >  bad:
 > -	(void) fclose(cfile);
 > -	return (-1);
 > +        ret_code = -1;
 > +done:
 > +        fclose(cfile);
 > +        return ret_code;
 >  }
 
 Major:
 
 3.	I found no exact specification of library function ruserpass().
 It seems you may got *aname, *apass, *aacct NULL or non-NULL on enter. 
 In the case you got NULL on enter, the memory may be allocated during 
 the processing and returned to the caller.
 
 Now what about proper cleanup (against memory leaks) ?
 
 If the function exit with 0, it's clear - the caller must free the 
 allocated memories. But what when the function fail ?
 
 To be on the safe side I would recommend to free() the memory if 
 allocated by the failing ruserpass()
 
 But if you are sure (e.g. you know the specification of ...) the caller 
 will free it even in the case of nonzero return code, it's not necesarry.
 
 > Which makes me wonder: is libcompat-4.3's rexec.c used for compiling
 > purposes at all?
 
 	The cpio and tar seems to use it.
 
 
 	By the way, it's very hard to analyze the patch containing both 
 functional and stylistic changes ...
 
 						Dan
>Unformatted:
