apps: Check string allocation failures#3497
Merged
linguini1 merged 2 commits intoMay 23, 2026
Merged
Conversation
Add missing failure handling for direct strdup() and asprintf() calls where the allocated result is consumed locally before any NULL/error check. This keeps the scope to the functions named in apache#1727 and avoids changing pass-through return sites where callers already receive NULL on allocation failure. Signed-off-by: Nightt <87569709+nightt5879@users.noreply.github.com>
Extend the allocation-failure check to httpd_strdup(), the thttpd-local wrapper that has the same failure contract as strdup(). This is logically separable from the direct strdup()/asprintf() fixes: it prevents using hs->hostname before checking whether the wrapped string allocation succeeded, and releases the partially allocated server state on failure. The scope intentionally does not extend to malloc(), calloc(), or other raw allocators because apache#1727 specifically calls out strdup()/asprintf(), and covering all allocation APIs would make this PR much broader. Signed-off-by: Nightt <87569709+nightt5879@users.noreply.github.com>
xiaoxiang781216
approved these changes
May 23, 2026
linguini1
approved these changes
May 23, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Refs #1727.
This PR adds missing allocation-failure handling for selected
strdup()andasprintf()call sites.Commit structure:
apps: Fix unchecked strdup()/asprintf() as requested in #1727) fixes the directstrdup()/asprintf()cases requested in Strings allocations checks #1727 where the allocated result is used locally before a failure check.netutils/thttpd: Apply the same check to related allocation sites) applies the same check tohttpd_strdup(), the thttpd-local wrapper aroundstrdup().The second commit is logically separable, happy to drop if out of scope.
Scope notes:
httpd_strdup()because it has the same NULL-on-allocation-failure contract asstrdup()and the caller used the result before checking it.malloc(),calloc(),realloc(), or other raw allocation APIs because Strings allocations checks #1727 specifically asks aboutstrdup()/asprintf(), and covering all allocation APIs would broaden the review substantially.Impact
No user-facing behavior change is intended except that low-memory paths now fail cleanly instead of using NULL allocation results.
Testing
Host:
Target:
sim:nshChecks run:
git diff --check upstream/master..HEADcheckpatch.sh -c -u -m -g HEAD~2..HEADfrom a WSL temp clone withcodespell/cvt2utfin a temporary venv./tools/configure.sh -a ../nuttx-apps-check-1727 sim:nshmake -j$(nproc)Results:
git diff --check: passcheckpatch.sh: passsim:nshbuild: pass; build completed and generatednuttx.tgzNote: the WSL temp build printed clock-skew warnings on
.config; compilation and link completed successfully.