Handle allocation failures in security code

Note that such errors are generally going to be fatal

sway/commands.c

@@ -575,6 +575,9 @@ struct cmd_results *config_commands_command(char *exec) {
 	}
 	if (!policy) {
 		policy = alloc_command_policy(cmd);
+		if (!policy) {
+			sway_abort("Unable to allocate security policy");
+		}
 		list_add(config->command_policies, policy);
 	}
 	policy->context = context;

sway/commands/permit.c

@@ -50,6 +50,9 @@ static struct feature_policy *get_policy(const char *name) {
 	}
 	if (!policy) {
 		policy = alloc_feature_policy(name);
+		if (!policy) {
+			sway_abort("Unable to allocate security policy");
+		}
 		list_add(config->feature_policies, policy);
 	}
 	return policy;

sway/security.c

@@ -15,14 +15,28 @@ struct feature_policy *alloc_feature_policy(const char *program) {
 	}
 
 	struct feature_policy *policy = malloc(sizeof(struct feature_policy));
+	if (!policy) {
+		return NULL;
+	}
 	policy->program = strdup(program);
+	if (!policy->program) {
+		free(policy);
+		return NULL;
+	}
 	policy->features = default_policy;
 	return policy;
 }
 
 struct command_policy *alloc_command_policy(const char *command) {
 	struct command_policy *policy = malloc(sizeof(struct command_policy));
+	if (!policy) {
+		return NULL;
+	}
 	policy->command = strdup(command);
+	if (!policy->command) {
+		free(policy);
+		return NULL;
+	}
 	policy->context = 0;
 	return policy;
 }
@@ -35,12 +49,14 @@ enum secure_feature get_feature_policy(pid_t pid) {
 #endif
 	int pathlen = snprintf(NULL, 0, fmt, pid);
 	char *path = malloc(pathlen + 1);
-	snprintf(path, pathlen + 1, fmt, pid);
+	if (path) {
+		snprintf(path, pathlen + 1, fmt, pid);
+	}
 	static char link[2048];
 
 	uint32_t default_policy = 0;
 
-	ssize_t len = readlink(path, link, sizeof(link));
+	ssize_t len = !path ? -1 : readlink(path, link, sizeof(link));
 	if (len < 0) {
 		sway_log(L_INFO,
 			"WARNING: unable to read %s for security check. Using default policy.",