rpms / efivar

Clone
Source Code
GIT

Blame SOURCES/0007-Try-to-convince-covscan-that-sysfs_read_file-doesn-t.patch

c7 c7-alt c7-beta c7-i686 c8 c8-beta c8s c9 c9-beta
  1.   80b73cbbc17a15c3ccd83482b2ffa39bac8c946a
  2.   SOURCES
  3.   0007-Try-to-convince-covscan-that-sysfs_read_file-doesn-t.patch
Blob History Raw
80b73c 
From 5e2174acaf1a51ead0a079776229e0df89c7fd81 Mon Sep 17 00:00:00 2001
80b73c 
From: Peter Jones <pjones@redhat.com>
80b73c 
Date: Wed, 13 Jun 2018 09:15:17 -0400
80b73c 
Subject: [PATCH 07/17] Try to convince covscan that sysfs_read_file() doesn't
80b73c 
 leak on error.
80b73c
80b73c 
Basically, covscan gets confused about some of our return paths and
80b73c 
doesn't  think the error condition correlates with not having allocated
80b73c 
(or having freed) the ram we're using to pass the file data back.
80b73c
80b73c 
Signed-off-by: Peter Jones <pjones@redhat.com>
80b73c 
---
80b73c 
 src/linux.h |  5 +++++
80b73c 
 src/util.h  | 38 ++++++++++++++++++++------------------
80b73c 
 2 files changed, 25 insertions(+), 18 deletions(-)
80b73c
80b73c 
diff --git a/src/linux.h b/src/linux.h
80b73c 
index 2f9eb0fe66f..39826224a53 100644
80b73c 
--- a/src/linux.h
80b73c 
+++ b/src/linux.h
80b73c 
@@ -173,6 +173,11 @@ extern ssize_t HIDDEN make_mac_path(uint8_t *buf, ssize_t size,
80b73c 
                         free(buf_);                                     \
80b73c 
                         *(buf) = (__typeof__(*(buf)))buf2_;             \
80b73c 
                         errno = error_;                                 \
80b73c 
+                } else if (buf_) {                                      \
80b73c 
+                        /* covscan is _sure_ we leak buf_ if bufsize_ */\
80b73c 
+                        /* is <= 0, which is wrong, but appease it.   */\
80b73c 
+                        free(buf_);                                     \
80b73c 
+                        buf_ = NULL;                                    \
80b73c 
                 }                                                       \
80b73c 
                 bufsize_;                                               \
80b73c 
         })
80b73c 
diff --git a/src/util.h b/src/util.h
80b73c 
index cc5f669e6ec..ef85a4c277e 100644
80b73c 
--- a/src/util.h
80b73c 
+++ b/src/util.h
80b73c 
@@ -149,22 +149,24 @@
80b73c 
 #endif
80b73c
80b73c 
 static inline int UNUSED
80b73c 
-read_file(int fd, uint8_t **buf, size_t *bufsize)
80b73c 
+read_file(int fd, uint8_t **result, size_t *bufsize)
80b73c 
 {
80b73c 
         uint8_t *p;
80b73c 
         size_t size = 4096;
80b73c 
         size_t filesize = 0;
80b73c 
         ssize_t s = 0;
80b73c 
+        uint8_t *buf, *newbuf;
80b73c
80b73c 
-        uint8_t *newbuf;
80b73c 
         if (!(newbuf = calloc(size, sizeof (uint8_t)))) {
80b73c 
                 efi_error("could not allocate memory");
80b73c 
+                *result = buf = NULL;
80b73c 
+                *bufsize = 0;
80b73c 
                 return -1;
80b73c 
         }
80b73c 
-        *buf = newbuf;
80b73c 
+        buf = newbuf;
80b73c
80b73c 
         do {
80b73c 
-                p = *buf + filesize;
80b73c 
+                p = buf + filesize;
80b73c 
                 /* size - filesize shouldn't exceed SSIZE_MAX because we're
80b73c 
                  * only allocating 4096 bytes at a time and we're checking that
80b73c 
                  * before doing so. */
80b73c 
@@ -179,8 +181,8 @@ read_file(int fd, uint8_t **buf, size_t *bufsize)
80b73c 
                         continue;
80b73c 
                 } else if (s < 0) {
80b73c 
                         int saved_errno = errno;
80b73c 
-                        free(*buf);
80b73c 
-                        *buf = NULL;
80b73c 
+                        free(buf);
80b73c 
+                        *result = buf = NULL;
80b73c 
                         *bufsize = 0;
80b73c 
                         errno = saved_errno;
80b73c 
                         efi_error("could not read from file");
80b73c 
@@ -194,38 +196,38 @@ read_file(int fd, uint8_t **buf, size_t *bufsize)
80b73c 
                         /* See if we're going to overrun and return an error
80b73c 
                          * instead. */
80b73c 
                         if (size > (size_t)-1 - 4096) {
80b73c 
-                                free(*buf);
80b73c 
-                                *buf = NULL;
80b73c 
+                                free(buf);
80b73c 
+                                *result = buf = NULL;
80b73c 
                                 *bufsize = 0;
80b73c 
                                 errno = ENOMEM;
80b73c 
                                 efi_error("could not read from file");
80b73c 
                                 return -1;
80b73c 
                         }
80b73c 
-                        newbuf = realloc(*buf, size + 4096);
80b73c 
+                        newbuf = realloc(buf, size + 4096);
80b73c 
                         if (newbuf == NULL) {
80b73c 
                                 int saved_errno = errno;
80b73c 
-                                free(*buf);
80b73c 
-                                *buf = NULL;
80b73c 
+                                free(buf);
80b73c 
+                                *result = buf = NULL;
80b73c 
                                 *bufsize = 0;
80b73c 
                                 errno = saved_errno;
80b73c 
                                 efi_error("could not allocate memory");
80b73c 
                                 return -1;
80b73c 
                         }
80b73c 
-                        *buf = newbuf;
80b73c 
-                        memset(*buf + size, '\0', 4096);
80b73c 
+                        buf = newbuf;
80b73c 
+                        memset(buf + size, '\0', 4096);
80b73c 
                         size += 4096;
80b73c 
                 }
80b73c 
         } while (1);
80b73c
80b73c 
-        newbuf = realloc(*buf, filesize+1);
80b73c 
+        newbuf = realloc(buf, filesize+1);
80b73c 
         if (!newbuf) {
80b73c 
-                free(*buf);
80b73c 
-                *buf = NULL;
80b73c 
+                free(buf);
80b73c 
+                *result = buf = NULL;
80b73c 
                 efi_error("could not allocate memory");
80b73c 
                 return -1;
80b73c 
         }
80b73c 
         newbuf[filesize] = '\0';
80b73c 
-        *buf = newbuf;
80b73c 
+        *result = newbuf;
80b73c 
         *bufsize = filesize+1;
80b73c 
         return 0;
80b73c 
 }
80b73c 
@@ -329,7 +331,7 @@ get_file(uint8_t **result, const char * const fmt, ...)
80b73c 
         close(fd);
80b73c 
         errno = error;
80b73c
80b73c 
-        if (rc < 0) {
80b73c 
+        if (rc < 0 || bufsize < 1) {
80b73c 
                 efi_error("could not read file \"%s\"", path);
80b73c 
                 return -1;
80b73c 
         }
80b73c 
--
80b73c 
2.17.1
80b73c

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation