misc/55794: syslogd unchecked malloc(3)

[jschauma%netmeister.org@localhost]

>Number:         55794
>Category:       misc
>Synopsis:       syslogd.c has an unchecked call to malloc(3)
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    misc-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Nov 07 16:05:00 +0000 2020
>Originator:     Jan Schaumann
>Release:        NetBSD 9.0
>Organization:
	
>Environment:
	
	
System: NetBSD apue 9.0 NetBSD 9.0 (GENERIC) #0: Fri Feb 14 00:06:28 UTC 2020  mkrepro%mkrepro.NetBSD.org@localhost:/usr/src/sys/arch/amd64/compile/GENERIC amd64
Architecture: x86_64
Machine: amd64
>Description:
	usr.sbin/syslogd/syslogd.c contains an unchecked call to
	malloc(3):

		include_pid = malloc(MAX_PID_LEN+1);
		snprintf(include_pid, MAX_PID_LEN+1, "%d", getpid());

>How-To-Repeat:
	cd /usr/src
	vi usr.sbin/syslogd/syslogd.c
>Fix:

--- syslogd.c   3 Feb 2019 03:19:31 -0000       1.131
+++ syslogd.c   7 Nov 2020 15:58:16 -0000
@@ -558,6 +558,13 @@
                logerror("Failed to set uid to `%d'", uid);
                die(0, 0, NULL);
        }
+
+#define MAX_PID_LEN 5
+       include_pid = malloc(MAX_PID_LEN+1);
+       if (include_pid == NULL) {
+               logerror("Couldn't allocate include_pid");
+               die(0, 0, NULL);
+       }
        /*
         * We cannot detach from the terminal before  we are sure we won't
         * have a fatal error, because error message would not go to the
@@ -573,8 +580,6 @@
 #endif /* __NetBSD_Version__ */
        }

-#define MAX_PID_LEN 5
-       include_pid = malloc(MAX_PID_LEN+1);
        snprintf(include_pid, MAX_PID_LEN+1, "%d", getpid());

        /*

>Unformatted: