network-ndisc: avoid VLAs (#3725)

Do not allocate objects of dynamic and potentially large size on the stack
to avoid both clang compilation errors and unpredictable runtime behavior
on exotic platforms. Use the heap for that instead.

While at it, refactor the code a bit. Access 's->domain' via
NDISC_DNSSL_DOMAIN(), and refrain from allocating 'x' independently, but
rather reuse 's' if we're dealing with a new entry to the set.

Fixes #3717

diff --git a/src/network/networkd-ndisc.c b/src/network/networkd-ndisc.c
index 2a1ba2b..d9c18b3 100644 (file)
--- a/src/network/networkd-ndisc.c
+++ b/src/network/networkd-ndisc.c
@@ -449,22 +449,24 @@ static void ndisc_router_process_dnssl(Link *link, sd_ndisc_router *rt) {
         }
 
         STRV_FOREACH(i, l) {
-                struct {
-                        NDiscDNSSL header;
-                        char domain[strlen(*i)];
-                } s;
+                _cleanup_free_ NDiscDNSSL *s;
                 NDiscDNSSL *x;
 
-                zero(s.header);
-                strcpy(s.domain, *i);
+                s = malloc0(ALIGN(sizeof(NDiscDNSSL)) + strlen(*i) + 1);
+                if (!s) {
+                        log_oom();
+                        return;
+                }
+
+                strcpy(NDISC_DNSSL_DOMAIN(s), *i);
 
                 if (lifetime == 0) {
-                        (void) set_remove(link->ndisc_dnssl, &s);
+                        (void) set_remove(link->ndisc_dnssl, s);
                         link_dirty(link);
                         continue;
                 }
 
-                x = set_get(link->ndisc_dnssl, &s);
+                x = set_get(link->ndisc_dnssl, s);
                 if (x) {
                         x->valid_until = time_now + lifetime * USEC_PER_SEC;
                         continue;
@@ -483,22 +485,15 @@ static void ndisc_router_process_dnssl(Link *link, sd_ndisc_router *rt) {
                         return;
                 }
 
-                x = malloc0(ALIGN(sizeof(NDiscDNSSL)) + strlen(*i) + 1);
-                if (!x) {
-                        log_oom();
-                        return;
-                }
+                s->valid_until = time_now + lifetime * USEC_PER_SEC;
 
-                strcpy(NDISC_DNSSL_DOMAIN(x), *i);
-                x->valid_until = time_now + lifetime * USEC_PER_SEC;
-
-                r = set_put(link->ndisc_dnssl, x);
+                r = set_put(link->ndisc_dnssl, s);
                 if (r < 0) {
-                        free(x);
                         log_oom();
                         return;
                 }
 
+                s = NULL;
                 assert(r > 0);
                 link_dirty(link);
         }