From 1eda75ac15e5a250deb106a224958a6db5efea35 Mon Sep 17 00:00:00 2001 From: Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com> Date: Thu, 28 Dec 2023 13:48:07 +0100 Subject: [PATCH] Use C99 like the Linux kernel Apply to loop variables so that they don't leak out of the loop - unless they leak on purpose. --- src/config.c | 12 +++++++----- src/hdlc.c | 12 +++++------- src/http.c | 4 ++-- src/io.c | 14 +++++--------- src/log.c | 8 ++++---- src/tunnel.c | 12 +++++------- src/xml.c | 4 +--- 7 files changed, 29 insertions(+), 37 deletions(-) diff --git a/src/config.c b/src/config.c index f207a32f..9c6d3c5d 100644 --- a/src/config.c +++ b/src/config.c @@ -94,7 +94,7 @@ const struct vpn_config invalid_cfg = { */ int add_trusted_cert(struct vpn_config *cfg, const char *digest) { - struct x509_digest *last, *new; + struct x509_digest *new; new = malloc(sizeof(struct x509_digest)); if (new == NULL) @@ -107,7 +107,10 @@ int add_trusted_cert(struct vpn_config *cfg, const char *digest) if (cfg->cert_whitelist == NULL) { cfg->cert_whitelist = new; } else { - for (last = cfg->cert_whitelist; last->next != NULL; + struct x509_digest *last; + + for (last = cfg->cert_whitelist; + last->next != NULL; last = last->next) ; last->next = new; @@ -196,7 +199,6 @@ int load_config(struct vpn_config *cfg, const char *filename) // Read line by line while ((read = getline(&line, &len, file)) != -1) { char *key, *equals, *val; - int i; // Ignore blank lines. We could argue that the string must be at least // 3 chars to be valid, eg. 'x=\n' but let the rest of the function @@ -224,13 +226,13 @@ int load_config(struct vpn_config *cfg, const char *filename) while (isspace(val[0])) val++; // Remove trailing spaces - for (i = strlen(key) - 1; i > 0; i--) { + for (int i = strlen(key) - 1; i > 0; i--) { if (isspace(key[i])) key[i] = '\0'; else break; } - for (i = strlen(val) - 1; i > 0; i--) { + for (int i = strlen(val) - 1; i > 0; i--) { if (isspace(val[i])) val[i] = '\0'; else diff --git a/src/hdlc.c b/src/hdlc.c index 49951c43..f347d42d 100644 --- a/src/hdlc.c +++ b/src/hdlc.c @@ -126,7 +126,6 @@ ssize_t hdlc_encode(uint8_t *frame, size_t frmsize, ssize_t written = 0; uint16_t checksum; const uint8_t address_control_fields[] = { 0xff, 0x03 }; - int i; uint8_t byte; if (frmsize < 7) @@ -144,7 +143,7 @@ ssize_t hdlc_encode(uint8_t *frame, size_t frmsize, checksum = address_control_checksum; // Precalculated for Address Control - for (i = 0; i < pktsize; i++) { + for (int i = 0; i < pktsize; i++) { byte = packet[i]; if (frmsize < written + 2) @@ -197,10 +196,10 @@ ssize_t hdlc_encode(uint8_t *frame, size_t frmsize, */ ssize_t hdlc_find_frame(const uint8_t *buffer, size_t bufsize, off_t *start) { - int i, s = -1, e = -1; + int s = -1, e = -1; // Look for frame start - for (i = *start; i < bufsize; i++) { + for (int i = *start; i < bufsize; i++) { if (buffer[i] == 0x7e) { // Flag Sequence s = i + 1; break; @@ -214,7 +213,7 @@ ssize_t hdlc_find_frame(const uint8_t *buffer, size_t bufsize, off_t *start) s++; // Look for frame end - for (i = s; i < bufsize; i++) { + for (int i = s; i < bufsize; i++) { if (buffer[i] == 0x7e) { // Flag Sequence e = i; break; @@ -245,7 +244,6 @@ ssize_t hdlc_decode(const uint8_t *frame, size_t frmsize, off_t start = 0; ssize_t written = 0; int has_address_control_fields = 0; - int i; int in_escape; uint16_t checksum; @@ -259,7 +257,7 @@ ssize_t hdlc_decode(const uint8_t *frame, size_t frmsize, } in_escape = 0; - for (i = start; i < frmsize; i++) { + for (int i = start; i < frmsize; i++) { uint8_t byte = frame[i]; if (byte == 0x7d) { // Control Escape diff --git a/src/http.c b/src/http.c index e796ef77..dd98769d 100644 --- a/src/http.c +++ b/src/http.c @@ -92,11 +92,11 @@ int http_send(struct tunnel *tunnel, const char *request, ...) url_encode(password, tunnel->config->password); while ((pwstart = strstr(logbuffer, password))) { - int pos, pwlen, i; + int pos, pwlen; pos = pwstart - logbuffer; pwlen = strlen(password); - for (i = pos; i < pos + pwlen; i++) + for (int i = pos; i < pos + pwlen; i++) logbuffer[i] = '*'; } } diff --git a/src/io.c b/src/io.c index d5118ae0..d38b402e 100644 --- a/src/io.c +++ b/src/io.c @@ -86,11 +86,9 @@ static unsigned long thread_id(void) static void init_ssl_locks(void) { - int i; - lockarray = (pthread_mutex_t *) OPENSSL_malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t)); - for (i = 0; i < CRYPTO_num_locks(); i++) + for (int i = 0; i < CRYPTO_num_locks(); i++) pthread_mutex_init(&lockarray[i], NULL); CRYPTO_set_id_callback((unsigned long (*)()) thread_id); CRYPTO_set_locking_callback((void (*)()) lock_callback); @@ -98,10 +96,8 @@ static void init_ssl_locks(void) static void destroy_ssl_locks(void) { - int i; - CRYPTO_set_locking_callback(NULL); - for (i = 0; i < CRYPTO_num_locks(); i++) + for (int i = 0; i < CRYPTO_num_locks(); i++) pthread_mutex_destroy(&lockarray[i]); OPENSSL_free(lockarray); lockarray = NULL; @@ -405,7 +401,7 @@ static inline void set_tunnel_ips(struct tunnel *tunnel, static void debug_bad_packet(struct tunnel *tunnel, uint8_t *header) { uint8_t buffer[256]; - int size, i; + int size; memcpy(buffer, header, 6 * sizeof(uint8_t)); @@ -418,10 +414,10 @@ static void debug_bad_packet(struct tunnel *tunnel, uint8_t *header) do_log_packet(" (hex) ", size, buffer); // then print the raw string, after escaping non-displayable chars - for (i = 0; i < size; i++) + for (int i = 0; i < size; i++) if (!printable_char((char) buffer[i])) buffer[i] = '.'; - buffer[i] = buffer[256 - 1] = '\0'; + buffer[size] = buffer[256 - 1] = '\0'; printf(" (raw) %s\n", (const char *) buffer); } diff --git a/src/log.c b/src/log.c index a76a7195..52e705e9 100644 --- a/src/log.c +++ b/src/log.c @@ -136,17 +136,17 @@ void do_log(int verbosity, const char *format, ...) void do_log_packet(const char *prefix, size_t len, const uint8_t *packet) { char *str, *pos; - size_t i; + size_t len_prefix = strlen(prefix); - str = malloc(strlen(prefix) + 3 * len + 1 + 1); + str = malloc(len_prefix + 3 * len + 1 + 1); if (str == NULL) { log_error("malloc: %s\n", strerror(errno)); return; } pos = strcpy(str, prefix); - pos += strlen(str); - for (i = 0; i < len; i++) + pos += len_prefix; + for (size_t i = 0; i < len; i++) pos += sprintf(pos, "%02x ", packet[i]); strcpy(pos - 1, "\n"); diff --git a/src/tunnel.c b/src/tunnel.c index 91b5a3a2..71d8446d 100644 --- a/src/tunnel.c +++ b/src/tunnel.c @@ -561,7 +561,7 @@ static int pppd_terminate(struct tunnel *tunnel) int ppp_interface_is_up(struct tunnel *tunnel) { - struct ifaddrs *ifap, *ifa; + struct ifaddrs *ifap; log_debug("Got Address: %s\n", inet_ntoa(tunnel->ipv4.ip_addr)); @@ -570,7 +570,7 @@ int ppp_interface_is_up(struct tunnel *tunnel) return 0; } - for (ifa = ifap; ifa != NULL; ifa = ifa->ifa_next) { + for (struct ifaddrs *ifa = ifap; ifa != NULL; ifa = ifa->ifa_next) { if ( #if HAVE_USR_SBIN_PPPD ((tunnel->config->pppd_ifname && @@ -849,8 +849,6 @@ static int ssl_verify_cert(struct tunnel *tunnel) unsigned int len; struct x509_digest *elem; char digest_str[SHA256STRLEN], *subject, *issuer; - char *line; - int i; X509_NAME *subj; char *saveptr = NULL; @@ -883,7 +881,7 @@ static int ssl_verify_cert(struct tunnel *tunnel) goto free_cert; } // Encode digest in base16 - for (i = 0; i < SHA256LEN; i++) + for (int i = 0; i < SHA256LEN; i++) sprintf(&digest_str[2 * i], "%02x", digest[i]); digest_str[SHA256STRLEN - 1] = '\0'; // Is it in whitelist? @@ -907,7 +905,7 @@ static int ssl_verify_cert(struct tunnel *tunnel) log_error(" subject:\n"); subject = X509_NAME_oneline(subj, NULL, 0); if (subject) { - for (line = strtok_r(subject, "/", &saveptr); line != NULL; + for (char *line = strtok_r(subject, "/", &saveptr); line != NULL; line = strtok_r(NULL, "/", &saveptr)) log_error(" %s\n", line); free(subject); @@ -915,7 +913,7 @@ static int ssl_verify_cert(struct tunnel *tunnel) log_error(" issuer:\n"); issuer = X509_NAME_oneline(X509_get_issuer_name(cert), NULL, 0); if (issuer) { - for (line = strtok_r(issuer, "/", &saveptr); line != NULL; + for (char *line = strtok_r(issuer, "/", &saveptr); line != NULL; line = strtok_r(NULL, "/", &saveptr)) log_error(" %s\n", line); free(issuer); diff --git a/src/xml.c b/src/xml.c index 746e47a3..6b16968f 100644 --- a/src/xml.c +++ b/src/xml.c @@ -38,11 +38,9 @@ */ const char *xml_find(char t, const char *needle, const char *buf, int nest) { - int i; - if (!buf) return NULL; - for (i = 0; buf[i]; i++) { + for (int i = 0; buf[i]; i++) { if (buf[i] == '<' && buf[i + 1] != '/') nest++; if (buf[i] == '/')