strdup: check potential null pointer

SafeCoding233 commented 1 month ago

strdup may return null pointer on memory allocation failures. I added checks to the unchecked calls to strdup.

Neustradamus commented 3 weeks ago

@madler: Have you seen this PR?

madler commented 3 weeks ago

The code in contrib is supported by the respective authors.

Neustradamus commented 2 weeks ago

@madler: The untgz code is done by you (except one by @bgermann):

https://github.com/madler/zlib/commits/develop/contrib/untgz

But here, it is specified: https://github.com/madler/zlib/blob/develop/contrib/untgz/untgz.c

written by Pedro A. Aranda Gutierrez paag@tid.es
adaptation to Unix by Jean-loup Gailly jloup@gzip.org
various fixes by Cosmin Truta cosmint@cs.ubbcluj.ro

Pedro A. Aranda Gutierrez is @paaguti on GitHub. Jean-loup Gailly is not on GitHub. Cosmin Truta is @ctruta on GitHub.

Can you reopen the @SafeCoding233 PR?

madler commented 2 weeks ago

No, it was not "done" by me. zlib existed long before git or github did. In 2011, I loaded the preceding 16 years of zlib history into git, contribs and all.

Neustradamus commented 2 weeks ago

@madler: I understand! But maybe it is time to remove some codes from contrib, if it is not managed.

madler / zlib

strdup: check potential null pointer #996