Set argv[argc] to NULL when calling main (#755)

floppym · web-flow · commit a915f06c7845 · 2024-10-14T17:43:35.000-04:00
* Set argv[argc] to NULL when calling main

ISO C states that argv[argc] shall be a null pointer.

The OpenSSH codebase does not appear to rely on this currently, but
better to be safe in case something changes.

* Check for malloc failure in sshd wmain
diff --git a/contrib/win32/win32compat/wmain_common.c b/contrib/win32/win32compat/wmain_common.c
@@ -43,13 +43,12 @@ wmain(int argc, wchar_t **wargv) {
 	char** argv = NULL;
 	int i, r;
 	_set_invalid_parameter_handler(invalid_parameter_handler);
-	if (argc) {
-		if ((argv = malloc(argc * sizeof(char*))) == NULL)
+	if ((argv = malloc((argc + 1) * sizeof(char*))) == NULL)
+		fatal("out of memory");
+	for (i = 0; i < argc; i++)
+		if ((argv[i] = utf16_to_utf8(wargv[i])) == NULL)
 			fatal("out of memory");
-		for (i = 0; i < argc; i++)
-			if ((argv[i] = utf16_to_utf8(wargv[i])) == NULL)
-				fatal("out of memory");
-        }
+	argv[argc] = NULL;
 
 	if (getenv("SSH_AUTH_SOCK") == NULL)
 		_putenv("SSH_AUTH_SOCK=\\\\.\\pipe\\openssh-ssh-agent");
diff --git a/contrib/win32/win32compat/wmain_sshd-session.c b/contrib/win32/win32compat/wmain_sshd-session.c
@@ -50,15 +50,13 @@ int sshd_session_main(int argc, wchar_t **wargv) {
 	int i, r;
 	_set_invalid_parameter_handler(invalid_parameter_handler);
 
-	if (argc) {
-		if ((argv = malloc(argc * sizeof(char*))) == NULL) {
-			printf("out of memory");
-			exit(255);
-		}
+	if ((argv = malloc((argc + 1) * sizeof(char*))) == NULL)
+		fatal("out of memory");
 
-		for (i = 0; i < argc; i++)
-			argv[i] = utf16_to_utf8(wargv[i]);
-	}
+	for (i = 0; i < argc; i++)
+		if ((argv[i] = utf16_to_utf8(wargv[i])) == NULL)
+			fatal("out of memory");
+	argv[argc] = NULL;
 
 	w32posix_initialize();
 
diff --git a/contrib/win32/win32compat/wmain_sshd.c b/contrib/win32/win32compat/wmain_sshd.c
@@ -202,15 +202,14 @@ int sshd_main(int argc, wchar_t **wargv) {
 	int i, r;
 	_set_invalid_parameter_handler(invalid_parameter_handler);
 
-	if (argc) {
-		if ((argv = malloc(argc * sizeof(char*))) == NULL) {
-			printf("out of memory");
-			exit(255);
-		}
+	if ((argv = malloc((argc + 1) * sizeof(char*))) == NULL)
+		fatal("out of memory");
 
-		for (i = 0; i < argc; i++)
-			argv[i] = utf16_to_utf8(wargv[i]);
-	}
+	for (i = 0; i < argc; i++)
+		if ((argv[i] = utf16_to_utf8(wargv[i])) == NULL)
+			fatal("out of memory");
+
+	argv[argc] = NULL;
 
 	w32posix_initialize();
 
