diff --git a/lib/airplay_video.c b/lib/airplay_video.c index 55fb34a..b9f8534 100644 --- a/lib/airplay_video.c +++ b/lib/airplay_video.c @@ -129,6 +129,10 @@ airplay_video_destroy(airplay_video_t *airplay_video) { void set_apple_session_id(airplay_video_t *airplay_video, const char * apple_session_id, size_t len) { assert(apple_session_id && len == 36); char *str = (char *) calloc(len + 1, sizeof(char)); + if (!str) { + printf("Memory allocation failed (str)\n"); + exit(1); + } strncpy(str, apple_session_id, len); if (airplay_video->apple_session_id) { free(airplay_video->apple_session_id); @@ -140,6 +144,10 @@ void set_apple_session_id(airplay_video_t *airplay_video, const char * apple_ses void set_playback_uuid(airplay_video_t *airplay_video, const char *playback_uuid, size_t len) { assert(playback_uuid && len == 36); char *str = (char *) calloc(len + 1, sizeof(char)); + if (!str) { + printf("Memory allocation failed (str)\n"); + exit(1); + } strncpy(str, playback_uuid, len); if (airplay_video->playback_uuid) { free(airplay_video->playback_uuid); @@ -151,6 +159,10 @@ void set_playback_uuid(airplay_video_t *airplay_video, const char *playback_uuid void set_uri_prefix(airplay_video_t *airplay_video, const char *uri_prefix, size_t len) { assert(uri_prefix && len ); char *str = (char *) calloc(len + 1, sizeof(char)); + if (!str) { + printf("Memory allocation failed (str)\n"); + exit(1); + } strncpy(str, uri_prefix, len); if (airplay_video->uri_prefix) { free(airplay_video->uri_prefix); @@ -162,6 +174,10 @@ void set_uri_prefix(airplay_video_t *airplay_video, const char *uri_prefix, size void set_playback_location(airplay_video_t *airplay_video, const char *location, size_t len) { assert(location && len ); char *str = (char *) calloc(len + 1, sizeof(char)); + if (!str) { + printf("Memory allocation failed (str)\n"); + exit(1); + } strncpy(str, location, len); if (airplay_video->playback_location) { free(airplay_video->playback_location); @@ -173,6 +189,10 @@ void set_playback_location(airplay_video_t *airplay_video, const char *location, void set_language_name(airplay_video_t *airplay_video, const char *language_name, size_t len) { assert(language_name && len ); char *str = (char *) calloc(len + 1, sizeof(char)); + if (!str) { + printf("Memory allocation failed (str)\n"); + exit(1); + } strncpy(str, language_name, len); if (airplay_video->language_name) { free(airplay_video->language_name); @@ -184,6 +204,10 @@ void set_language_name(airplay_video_t *airplay_video, const char *language_name void set_language_code(airplay_video_t *airplay_video, const char *language_code, size_t len) { assert(language_code && len ); char *str = (char *) calloc(len + 1, sizeof(char)); + if (!str) { + printf("Memory allocation failed (str)\n"); + exit(1); + } strncpy(str, language_code, len); if (airplay_video->language_code) { free(airplay_video->language_code); @@ -452,10 +476,14 @@ char * select_master_playlist_language(airplay_video_t *airplay_video, char *mas if (name != language_name) { /* compare addresses */ size_t len = strlen(name); char *new_language_name = (char *) calloc(len + 1, sizeof(char)); + char *new_language_code = (char *) calloc(len + 1, sizeof(char)); + if (!new_language_name || !new_language_code) { + printf("Memory allocation failure (new_language_name/code\n"); + exit (1); + } memcpy(new_language_name, name, len); set_language_name(airplay_video, new_language_name, len); len = strlen(code); - char *new_language_code = (char *) calloc(len + 1, sizeof(char)); memcpy(new_language_code, code, len); set_language_code(airplay_video, new_language_code, len); } @@ -514,6 +542,10 @@ void destroy_media_data_store(airplay_video_t *airplay_video) { void create_media_data_store(airplay_video_t * airplay_video, char ** uri_list, int num_uri) { destroy_media_data_store(airplay_video); media_item_t *media_data_store = calloc(num_uri, sizeof(media_item_t)); + if (!media_data_store) { + printf("Memory allocation failure (media_data_store)\n"); + exit(1); + } for (int i = 0; i < num_uri; i++) { media_data_store[i].uri = uri_list[i]; media_data_store[i].playlist = NULL; @@ -620,6 +652,10 @@ int create_media_uri_table(const char *url_prefix, const char *master_playlist_d end += sizeof("m3u8"); size_t len = end - ptr - 1; uri = (char *) calloc(len + 1, sizeof(char)); + if (!uri) { + printf("Memory allocation failure (uri)\n"); + exit(1); + } memcpy(uri , ptr, len); table[count] = uri; uri = NULL; @@ -651,6 +687,10 @@ char *adjust_master_playlist (char *fcup_response_data, int fcup_response_datale int byte_count = 0; int new_len = (int) len; char *new_master = (char *) malloc(new_len + 1); + if (!new_master) { + printf("Memory allocation failure (new_master)\n"); + exit(1); + } new_master[new_len] = '\0'; char *first = fcup_response_data; char *new = new_master; @@ -697,6 +737,10 @@ char *adjust_yt_condensed_playlist(const char *media_playlist) { if (strncmp(ptr, "#YT-EXT-CONDENSED-URL", strlen("#YT-EXT-CONDENSED-URL"))) { size_t len = strlen(media_playlist); char * playlist_copy = (char *) malloc(len + 1); + if (!playlist_copy) { + printf("Memory allocation failure (playlist_copy)\n"); + exit(1); + } memcpy(playlist_copy, media_playlist, len); playlist_copy[len] = '\0'; return playlist_copy; @@ -742,6 +786,10 @@ char *adjust_yt_condensed_playlist(const char *media_playlist) { } params_start = (const char **) calloc(nparams, sizeof(char *)); //must free params_size = (int *) calloc(nparams, sizeof(int)); //must free + if (!params_start || !params_size) { + printf("Memory allocation failure (params_start/size)\n"); + exit(1); + } ptr = params; for (int i = 0; i < nparams; i++) { comma = strchr(ptr, ','); @@ -770,6 +818,10 @@ char *adjust_yt_condensed_playlist(const char *media_playlist) { int byte_count = 0; char * new_playlist = (char *) malloc(new_len + 1); + if (!new_playlist) { + printf("Memory allocation failure (new_playlist)\n"); + exit(1); + } new_playlist[new_len] = '\0'; const char *old_pos = media_playlist; char *new_pos = new_playlist; diff --git a/lib/http_handlers.h b/lib/http_handlers.h index 4b1e49c..516ed30 100644 --- a/lib/http_handlers.h +++ b/lib/http_handlers.h @@ -216,6 +216,10 @@ http_handler_set_property(raop_conn_t *conn, plist_get_string_val(req_value_options_name_node, &name); if (name) { language_name = (char *) calloc(strlen(name) + 1, sizeof(char)); + if (!language_name) { + printf("Memory allocation failed\n"); + exit(1); + } memcpy(language_name, name, strlen(name)); plist_mem_free(name); } @@ -227,6 +231,10 @@ http_handler_set_property(raop_conn_t *conn, plist_get_string_val(req_value_options_code_node, &code); if (code) { language_code = (char *) calloc(strlen(code) + 1, sizeof(char)); + if (!language_code) { + printf("Memory allocation failed\n"); + exit(1); + } memcpy(language_code, code, strlen(code)); plist_mem_free(code); } @@ -623,6 +631,10 @@ http_handler_action(raop_conn_t *conn, http_request_t *request, http_response_t goto post_action_error; } else { playlist = (char *) malloc(fcup_response_datalen + 1); + if (!playlist) { + printf("Memory allocation failed (playlist)\n"); + exit(1); + } playlist[fcup_response_datalen] = '\0'; memcpy(playlist, fcup_response_data, fcup_response_datalen); plist_mem_free(fcup_response_data); @@ -874,11 +886,19 @@ http_handler_play(raop_conn_t *conn, http_request_t *request, http_response_t *r } else { size_t len = strlen(get_uri_local_prefix(airplay_video)) + strlen(uri_suffix); char *location = (char *) calloc(len + 1, sizeof(char)); + if (!location) { + printf("Memory allocation failed (location)\n"); + exit(1); + } strcat(location, get_uri_local_prefix(airplay_video)); strcat(location, uri_suffix); set_playback_location(airplay_video, location, strlen(location)); free(location); char *uri_prefix = (char *) calloc(strlen(playback_location) + 1, sizeof(char)); + if (!playback_location) { + printf("Memeory allocation failed (playback_location)\n"); + exit(1); + } strcat(uri_prefix, playback_location); char *end = strstr(uri_prefix, "/master.m3u8"); *end = '\0'; @@ -942,6 +962,10 @@ http_handler_hls(raop_conn_t *conn, http_request_t *request, http_response_t *r if (master_playlist) { size_t len = strlen(master_playlist); char * data = (char *) malloc(len + 1); + if (!data) { + printf("Memory allocation failed (data)\n"); + exit(1); + } memcpy(data, master_playlist, len); data[len] = '\0'; *response_data = data; diff --git a/lib/pairing.c b/lib/pairing.c index a4dc6a1..f737ef2 100644 --- a/lib/pairing.c +++ b/lib/pairing.c @@ -245,6 +245,10 @@ pairing_digest_verify(const char *method, const char * authorization, const char /* RFC 2617 HTTP md5 Digest password authentication */ size_t authlen = strlen(authorization); char *sentence = (char *) malloc(authlen + 1); + if (!sentence) { + printf("Memory allocation failure (sentence)\n"); + exit(1); + } memcpy(sentence, authorization, authlen); *(sentence + authlen) = '\0'; char *username = NULL; @@ -307,11 +311,15 @@ pairing_digest_verify(const char *method, const char * authorization, const char /* H1 = H(username : realm : password ) */ len = strlen(username) + strlen(realm) + strlen(pwd) + 3; raw = (char *) calloc(len, sizeof(char)); - strncat(raw, username, len - strlen(raw) - 1); - strncat(raw, ":", len - strlen(raw) - 1); - strncat(raw, realm, len - strlen(raw) - 1); - strncat(raw, ":", len - strlen(raw) - 1); - strncat(raw, pwd, len - strlen(raw) - 1); + if (!raw) { + printf("Memory allocation failure (raw)\n"); + exit(1); + } + strcat(raw, username); + strcat(raw, ":"); + strcat(raw, realm); + strcat(raw, ":"); + strcat(raw, pwd); char *hash1 = get_md5(raw); free (raw); @@ -322,9 +330,13 @@ pairing_digest_verify(const char *method, const char * authorization, const char /* H2 = H(method : uri) */ len = strlen(mthd) + strlen(uri) + 2; raw = (char *) calloc(len, sizeof(char)); - strncat(raw, mthd, len - strlen(raw) - 1); - strncat(raw, ":", len - strlen(raw) - 1); - strncat(raw, uri, len - strlen(raw) - 1); + if (!raw) { + printf("Memory allocation failure (raw)\n"); + exit(1); + } + strcat(raw, mthd); + strcat(raw, ":"); + strcat(raw, uri); char *hash2 = get_md5(raw); free (raw); @@ -338,6 +350,10 @@ pairing_digest_verify(const char *method, const char * authorization, const char len += strlen(nc) + strlen(cnonce) + strlen(qop) + 3; } raw = (char *) calloc(len, sizeof(char)); + if (!raw) { + printf("Memory allocation failure (raw)\n"); + exit(1); + } strncat(raw, hash1, len - strlen(raw) - 1); strncat(raw, ":", len - strlen(raw) - 1); strncat(raw, nonce, len - strlen(raw) - 1); @@ -405,10 +421,10 @@ pairing_session_get_signature(pairing_session_t *session, unsigned char signatur int pairing_session_finish(pairing_session_t *session, const unsigned char signature[PAIRING_SIG_SIZE]) { - unsigned char sig_buffer[PAIRING_SIG_SIZE]; - unsigned char sig_msg[PAIRING_SIG_SIZE]; - unsigned char key[AES_128_BLOCK_SIZE]; - unsigned char iv[AES_128_BLOCK_SIZE]; + unsigned char sig_buffer[PAIRING_SIG_SIZE] = {0}; + unsigned char sig_msg[PAIRING_SIG_SIZE] = {0}; + unsigned char key[AES_128_BLOCK_SIZE] = {0}; + unsigned char iv[AES_128_BLOCK_SIZE] = {0}; aes_ctx_t *aes_ctx; assert(session); diff --git a/lib/raop_handlers.h b/lib/raop_handlers.h index 74f6633..1d9ccdb 100644 --- a/lib/raop_handlers.h +++ b/lib/raop_handlers.h @@ -509,7 +509,7 @@ raop_handler_pairverify(raop_conn_t *conn, bool registered_client = true; if (raop->callbacks.check_register) { const unsigned char *pk = data + 4 + X25519_KEY_SIZE; - char *pk64; + char *pk64 = NULL; ed25519_pk_to_base64(pk, &pk64); registered_client = raop->callbacks.check_register(raop->callbacks.cls, pk64); free (pk64); @@ -671,11 +671,14 @@ raop_handler_setup(raop_conn_t *conn, logger_log(raop->logger, LOGGER_ERR, "Failed to generate random pin"); pin_4 = 1234; } - raop->random_pw = (char *) calloc(pin_len + 1 + 18, sizeof(char)); - char *pin = raop->random_pw; - snprintf(pin, pin_len + 1, "%04u", pin_4 % 10000); - pin[pin_len] = '\0'; - snprintf(pin + pin_len + 1, 18, "%s", deviceID); + if ((raop->random_pw = (char *) calloc(pin_len + 1 + 18, sizeof(char)))) { + char *pin = raop->random_pw; + snprintf(pin, pin_len + 1, "%04u", pin_4 % 10000); + pin[pin_len] = '\0'; + snprintf(pin + pin_len + 1, 18, "%s", deviceID); + } else { + logger_log(raop->logger, LOGGER_ERR, "Failed to allocate raop->random_pw"); + } raop->auth_fail_count = 0; } if (len == -1 && !authorization && raop->random_pw) { @@ -1131,7 +1134,7 @@ raop_handler_set_parameter(raop_conn_t *conn, } data = http_request_get_data(request, &datalen); if (!strcmp(content_type, "text/parameters")) { - char *datastr; + char *datastr = NULL; datastr = calloc(1, datalen + 1); if (data && datastr && conn->raop_rtp) { memcpy(datastr, data, datalen); diff --git a/lib/raop_rtp_mirror.c b/lib/raop_rtp_mirror.c index bfa82b7..9f23ade 100644 --- a/lib/raop_rtp_mirror.c +++ b/lib/raop_rtp_mirror.c @@ -438,7 +438,11 @@ raop_rtp_mirror_thread(void *arg) if (prepend_sps_pps) { assert(sps_pps); - payload_out = (unsigned char*) malloc(payload_size + sps_pps_len); + payload_out = (unsigned char*) malloc(payload_size + sps_pps_len); + if (!payload_out) { + printf("Memory allocation failed (payload_out)\n"); + exit(1); + } payload_decrypted = payload_out + sps_pps_len; memcpy(payload_out, sps_pps, sps_pps_len); free (sps_pps); diff --git a/lib/srp.c b/lib/srp.c index d909cbf..26a278c 100644 --- a/lib/srp.c +++ b/lib/srp.c @@ -209,6 +209,10 @@ static struct NGHex global_Ng_constants[] = { static NGConstant * new_ng( SRP_NGType ng_type, const char * n_hex, const char * g_hex ) { NGConstant * ng = (NGConstant *) malloc( sizeof(NGConstant) ); + if (!ng) { + printf("Memory allocation failure (ng)\n"); + exit(1); + } ng->N = BN_new(); ng->g = BN_new(); @@ -418,9 +422,11 @@ static BIGNUM * H_nn_rfc5054( SRP_HashAlgorithm alg, const BIGNUM * N, const BIG if (!bin) return 0; - if (len_n1 > len_N || len_n2 > len_N) + if (len_n1 > len_N || len_n2 > len_N) { + free (bin); return 0; - + } + memset(bin, 0, nbytes); BN_bn2bin(n1, bin + (len_N - len_n1)); BN_bn2bin(n2, bin + (len_N + len_N - len_n2)); @@ -520,10 +526,10 @@ static int hash_session_key( SRP_HashAlgorithm alg, const BIGNUM * n, unsigned c static void calculate_M( SRP_HashAlgorithm alg, NGConstant *ng, unsigned char * dest, const char * I, const BIGNUM * s, const BIGNUM * A, const BIGNUM * B, const unsigned char * K ) { - unsigned char H_N[ SHA512_DIGEST_LENGTH ]; - unsigned char H_g[ SHA512_DIGEST_LENGTH ]; - unsigned char H_I[ SHA512_DIGEST_LENGTH ]; - unsigned char H_xor[ SHA512_DIGEST_LENGTH ]; + unsigned char H_N[ SHA512_DIGEST_LENGTH ] = {0}; + unsigned char H_g[ SHA512_DIGEST_LENGTH ] = {0}; + unsigned char H_I[ SHA512_DIGEST_LENGTH ] = {0}; + unsigned char H_xor[ SHA512_DIGEST_LENGTH ] = {0}; unsigned int dest_len; HashCTX_t *ctx; int i = 0; diff --git a/lib/utils.c b/lib/utils.c index f3894c1..061557c 100644 --- a/lib/utils.c +++ b/lib/utils.c @@ -288,6 +288,10 @@ char *utils_strip_data_from_plist_xml(char *plist_xml) { return NULL; } else { xml = (char *) calloc((len + 1), sizeof(char)); + if (!xml) { + printf("memory allocation failed (xml)\n"); + exit(1); + } } char *ptr1 = plist_xml; char *ptr2 = xml; diff --git a/renderers/x_display_fix.h b/renderers/x_display_fix.h index 94ffa0d..2e2ddb3 100644 --- a/renderers/x_display_fix.h +++ b/renderers/x_display_fix.h @@ -48,13 +48,13 @@ static void get_X11_Display(X11_Window_t * X11, char *display_name) { X11->window = (Window) NULL; } -static int free_X11_Display(X11_Window_t *X11) { - if (X11->display) { - XCloseDisplay(X11->display); - X11->display = NULL; - X11->window = (Window) NULL; - } -} +//static void free_X11_Display(X11_Window_t *X11) { +// if (X11->display) { +// XCloseDisplay(X11->display); +// X11->display = NULL; +// X11->window = (Window) NULL; +// } +//} static Window enum_windows(const char * str, Display * display, Window window, int depth) { char* name = NULL; diff --git a/uxplay.cpp b/uxplay.cpp index 73c45dc..de93622 100644 --- a/uxplay.cpp +++ b/uxplay.cpp @@ -348,6 +348,10 @@ static const unsigned char empty_image[] = { static size_t write_coverart(const char *filename, const void *image, size_t len) { FILE *fp = fopen(filename, "wb"); + if (!fp) { + printf("Failed to open file %s\n", filename); + return 0; + } size_t count = fwrite(image, 1, len, fp); fclose(fp); return count; @@ -355,6 +359,10 @@ static size_t write_coverart(const char *filename, const void *image, size_t len static size_t write_metadata(const char *filename, const char *text) { FILE *fp = fopen(filename, "wb"); + if (!fp) { + printf("Failed to open file %s\n", filename); + return 0; + } size_t count = fwrite(text, sizeof(char), strlen(text) + 1, fp); fclose(fp); return count; @@ -364,6 +372,10 @@ static int write_bledata( const uint32_t *pid, const char *process_name, const c char name[16] { 0 }; size_t len = strlen(process_name); FILE *fp = fopen(filename, "wb"); + if (!fp) { + printf("Failed to open file %s\n", filename); + return 0; + } printf("port %u\n", raop_port); size_t count = sizeof(uint16_t) * fwrite(&raop_port, sizeof(uint16_t), 1, fp); count += sizeof(uint32_t) * fwrite(pid, sizeof(uint32_t), 1, fp); @@ -1811,6 +1823,10 @@ static void process_metadata(int count, const char *dmap_tag, const unsigned cha if (dmap_type == 9) { char *str = (char *) calloc(datalen + 1, sizeof(char)); + if (!str) { + printf("Memeory allocation failure (str)\n"); + exit(1); + } memcpy(str, metadata, datalen); metadata_text->append(str); metadata_text->append("\n"); @@ -2737,6 +2753,10 @@ static void read_config_file(const char * filename, const char * uxplay_name) { int argc = options.size(); char **argv = (char **) malloc(sizeof(char*) * argc); + if (argv == NULL) { + printf("Memory allocation failure (argV)\n"); + exit(1); + } for (int i = 0; i < argc; i++) { argv[i] = (char *) options[i].c_str(); }