teknoraver / rpms / rpm

Forked from rpms/rpm 5 months ago
Clone

Blame 0001-Fix-potential-use-of-uninitialized-pipe-array.patch

Michal Domonkos 0c6298
From bff65aad8af719542c7b0c6429e09223c014a909 Mon Sep 17 00:00:00 2001
Michal Domonkos 0c6298
From: Michal Domonkos <mdomonko@redhat.com>
Michal Domonkos 0c6298
Date: Thu, 6 Jun 2024 09:15:02 +0200
Michal Domonkos 0c6298
Subject: [PATCH] Fix potential use of uninitialized pipe array
Michal Domonkos 0c6298
Michal Domonkos 0c6298
We only call pipe(2) after the script is written to disk so if the
Michal Domonkos 0c6298
latter fails, the array will be left uninitialized and subsequently read
Michal Domonkos 0c6298
after skipping to the exit label.  Fix by initializing it.
Michal Domonkos 0c6298
Michal Domonkos 0c6298
Found by Coverity.
Michal Domonkos 0c6298
Michal Domonkos 0c6298
Fixes: RHEL-22604
Michal Domonkos 0c6298
---
Michal Domonkos 0c6298
 lib/rpmscript.c | 2 +-
Michal Domonkos 0c6298
 1 file changed, 1 insertion(+), 1 deletion(-)
Michal Domonkos 0c6298
Michal Domonkos 0c6298
diff --git a/lib/rpmscript.c b/lib/rpmscript.c
Michal Domonkos 0c6298
index 281c55c53..1de4acf8e 100644
Michal Domonkos 0c6298
--- a/lib/rpmscript.c
Michal Domonkos 0c6298
+++ b/lib/rpmscript.c
Michal Domonkos 0c6298
@@ -316,7 +316,7 @@ static rpmRC runExtScript(rpmPlugins plugins, ARGV_const_t prefixes,
Michal Domonkos 0c6298
     char * fn = NULL;
Michal Domonkos 0c6298
     pid_t pid, reaped;
Michal Domonkos 0c6298
     int status;
Michal Domonkos 0c6298
-    int inpipe[2];
Michal Domonkos 0c6298
+    int inpipe[2] = { -1, -1 };
Michal Domonkos 0c6298
     FILE *in = NULL;
Michal Domonkos 0c6298
     const char *line;
Michal Domonkos 0c6298
     char *mline = NULL;
Michal Domonkos 0c6298
-- 
Michal Domonkos 0c6298
2.46.0
Michal Domonkos 0c6298