libreboot-utils: more flexible string usage

i previously used error status and set return values
indirectly. i still do that, but where possible, i
also now return the real value.

this is because these string functions can no longer
return with error status; on error, they all abort.
this forces the program maintainer to keep their code
reliable, and removes the need to check the error status
after using syscalls, because these libc wrappers mitigate
that and make use of libc for you, including errors.

this is part of a general effort to promote safe use
of the C programming language, especially in libreboot!

Signed-off-by: Leah Rowe <leah@libreboot.org>

1 files changed, 8 insertions, 5 deletions

diff --git a/util/libreboot-utils/lib/state.c b/util/libreboot-utils/lib/state.c
index bcf2ccbc..f0be5656 100644
--- a/util/libreboot-utils/lib/state.c
+++ b/util/libreboot-utils/lib/state.c
@@ -22,6 +22,12 @@
 struct xstate *
 xstart(int argc, char *argv[])
 {
+#if defined(PATH_LEN) && \
+    ((PATH_LEN) >= 256)
+	static size_t maxlen = PATH_LEN;
+#else
+	static size_t maxlen = 4096;
+#endif
 	static int first_run = 1;
 	static char *dir = NULL;
 	static char *base = NULL;
@@ -113,8 +119,7 @@ xstart(int argc, char *argv[])
 		err_exit(errno, "xstart: don't know CWD of %s",
 		    us.f.fname);
 
-	if ((us.f.base = strdup(base)) == NULL)
-		err_exit(errno, "strdup base");
+	sdup(base, maxlen, &us.f.base);
 
 	us.f.dirfd = fs_open(dir,
 	    O_RDONLY | O_DIRECTORY);
@@ -128,9 +133,7 @@ xstart(int argc, char *argv[])
 	    &tmpdir, &tmpbase_local, 0) < 0)
 		err_exit(errno, "tmp basename");
 
-	us.f.tmpbase = strdup(tmpbase_local);
-	if (us.f.tmpbase == NULL)
-		err_exit(errno, "strdup tmpbase");
+	sdup(tmpbase_local, maxlen, &us.f.tmpbase);
 
 	free_and_set_null(&tmpdir);