|
 |
da1a85 |
From 5e2174acaf1a51ead0a079776229e0df89c7fd81 Mon Sep 17 00:00:00 2001
|
|
|
da1a85 |
From: Peter Jones <pjones@redhat.com>
|
|
|
da1a85 |
Date: Wed, 13 Jun 2018 09:15:17 -0400
|
|
|
da1a85 |
Subject: [PATCH 07/17] Try to convince covscan that sysfs_read_file() doesn't
|
|
|
da1a85 |
leak on error.
|
|
|
da1a85 |
|
|
|
da1a85 |
Basically, covscan gets confused about some of our return paths and
|
|
|
da1a85 |
doesn't think the error condition correlates with not having allocated
|
|
|
da1a85 |
(or having freed) the ram we're using to pass the file data back.
|
|
|
da1a85 |
|
|
|
da1a85 |
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
|
da1a85 |
---
|
|
|
da1a85 |
src/linux.h | 5 +++++
|
|
|
da1a85 |
src/util.h | 38 ++++++++++++++++++++------------------
|
|
|
da1a85 |
2 files changed, 25 insertions(+), 18 deletions(-)
|
|
|
da1a85 |
|
|
|
da1a85 |
diff --git a/src/linux.h b/src/linux.h
|
|
|
da1a85 |
index 2f9eb0fe66f..39826224a53 100644
|
|
|
da1a85 |
--- a/src/linux.h
|
|
|
da1a85 |
+++ b/src/linux.h
|
|
|
da1a85 |
@@ -173,6 +173,11 @@ extern ssize_t HIDDEN make_mac_path(uint8_t *buf, ssize_t size,
|
|
|
da1a85 |
free(buf_); \
|
|
|
da1a85 |
*(buf) = (__typeof__(*(buf)))buf2_; \
|
|
|
da1a85 |
errno = error_; \
|
|
|
da1a85 |
+ } else if (buf_) { \
|
|
|
da1a85 |
+ /* covscan is _sure_ we leak buf_ if bufsize_ */\
|
|
|
da1a85 |
+ /* is <= 0, which is wrong, but appease it. */\
|
|
|
da1a85 |
+ free(buf_); \
|
|
|
da1a85 |
+ buf_ = NULL; \
|
|
|
da1a85 |
} \
|
|
|
da1a85 |
bufsize_; \
|
|
|
da1a85 |
})
|
|
|
da1a85 |
diff --git a/src/util.h b/src/util.h
|
|
|
da1a85 |
index cc5f669e6ec..ef85a4c277e 100644
|
|
|
da1a85 |
--- a/src/util.h
|
|
|
da1a85 |
+++ b/src/util.h
|
|
|
da1a85 |
@@ -149,22 +149,24 @@
|
|
|
da1a85 |
#endif
|
|
|
da1a85 |
|
|
|
da1a85 |
static inline int UNUSED
|
|
|
da1a85 |
-read_file(int fd, uint8_t **buf, size_t *bufsize)
|
|
|
da1a85 |
+read_file(int fd, uint8_t **result, size_t *bufsize)
|
|
|
da1a85 |
{
|
|
|
da1a85 |
uint8_t *p;
|
|
|
da1a85 |
size_t size = 4096;
|
|
|
da1a85 |
size_t filesize = 0;
|
|
|
da1a85 |
ssize_t s = 0;
|
|
|
da1a85 |
+ uint8_t *buf, *newbuf;
|
|
|
da1a85 |
|
|
|
da1a85 |
- uint8_t *newbuf;
|
|
|
da1a85 |
if (!(newbuf = calloc(size, sizeof (uint8_t)))) {
|
|
|
da1a85 |
efi_error("could not allocate memory");
|
|
|
da1a85 |
+ *result = buf = NULL;
|
|
|
da1a85 |
+ *bufsize = 0;
|
|
|
da1a85 |
return -1;
|
|
|
da1a85 |
}
|
|
|
da1a85 |
- *buf = newbuf;
|
|
|
da1a85 |
+ buf = newbuf;
|
|
|
da1a85 |
|
|
|
da1a85 |
do {
|
|
|
da1a85 |
- p = *buf + filesize;
|
|
|
da1a85 |
+ p = buf + filesize;
|
|
|
da1a85 |
/* size - filesize shouldn't exceed SSIZE_MAX because we're
|
|
|
da1a85 |
* only allocating 4096 bytes at a time and we're checking that
|
|
|
da1a85 |
* before doing so. */
|
|
|
da1a85 |
@@ -179,8 +181,8 @@ read_file(int fd, uint8_t **buf, size_t *bufsize)
|
|
|
da1a85 |
continue;
|
|
|
da1a85 |
} else if (s < 0) {
|
|
|
da1a85 |
int saved_errno = errno;
|
|
|
da1a85 |
- free(*buf);
|
|
|
da1a85 |
- *buf = NULL;
|
|
|
da1a85 |
+ free(buf);
|
|
|
da1a85 |
+ *result = buf = NULL;
|
|
|
da1a85 |
*bufsize = 0;
|
|
|
da1a85 |
errno = saved_errno;
|
|
|
da1a85 |
efi_error("could not read from file");
|
|
|
da1a85 |
@@ -194,38 +196,38 @@ read_file(int fd, uint8_t **buf, size_t *bufsize)
|
|
|
da1a85 |
/* See if we're going to overrun and return an error
|
|
|
da1a85 |
* instead. */
|
|
|
da1a85 |
if (size > (size_t)-1 - 4096) {
|
|
|
da1a85 |
- free(*buf);
|
|
|
da1a85 |
- *buf = NULL;
|
|
|
da1a85 |
+ free(buf);
|
|
|
da1a85 |
+ *result = buf = NULL;
|
|
|
da1a85 |
*bufsize = 0;
|
|
|
da1a85 |
errno = ENOMEM;
|
|
|
da1a85 |
efi_error("could not read from file");
|
|
|
da1a85 |
return -1;
|
|
|
da1a85 |
}
|
|
|
da1a85 |
- newbuf = realloc(*buf, size + 4096);
|
|
|
da1a85 |
+ newbuf = realloc(buf, size + 4096);
|
|
|
da1a85 |
if (newbuf == NULL) {
|
|
|
da1a85 |
int saved_errno = errno;
|
|
|
da1a85 |
- free(*buf);
|
|
|
da1a85 |
- *buf = NULL;
|
|
|
da1a85 |
+ free(buf);
|
|
|
da1a85 |
+ *result = buf = NULL;
|
|
|
da1a85 |
*bufsize = 0;
|
|
|
da1a85 |
errno = saved_errno;
|
|
|
da1a85 |
efi_error("could not allocate memory");
|
|
|
da1a85 |
return -1;
|
|
|
da1a85 |
}
|
|
|
da1a85 |
- *buf = newbuf;
|
|
|
da1a85 |
- memset(*buf + size, '\0', 4096);
|
|
|
da1a85 |
+ buf = newbuf;
|
|
|
da1a85 |
+ memset(buf + size, '\0', 4096);
|
|
|
da1a85 |
size += 4096;
|
|
|
da1a85 |
}
|
|
|
da1a85 |
} while (1);
|
|
|
da1a85 |
|
|
|
da1a85 |
- newbuf = realloc(*buf, filesize+1);
|
|
|
da1a85 |
+ newbuf = realloc(buf, filesize+1);
|
|
|
da1a85 |
if (!newbuf) {
|
|
|
da1a85 |
- free(*buf);
|
|
|
da1a85 |
- *buf = NULL;
|
|
|
da1a85 |
+ free(buf);
|
|
|
da1a85 |
+ *result = buf = NULL;
|
|
|
da1a85 |
efi_error("could not allocate memory");
|
|
|
da1a85 |
return -1;
|
|
|
da1a85 |
}
|
|
|
da1a85 |
newbuf[filesize] = '\0';
|
|
|
da1a85 |
- *buf = newbuf;
|
|
|
da1a85 |
+ *result = newbuf;
|
|
|
da1a85 |
*bufsize = filesize+1;
|
|
|
da1a85 |
return 0;
|
|
|
da1a85 |
}
|
|
|
da1a85 |
@@ -329,7 +331,7 @@ get_file(uint8_t **result, const char * const fmt, ...)
|
|
|
da1a85 |
close(fd);
|
|
|
da1a85 |
errno = error;
|
|
|
da1a85 |
|
|
|
da1a85 |
- if (rc < 0) {
|
|
|
da1a85 |
+ if (rc < 0 || bufsize < 1) {
|
|
|
da1a85 |
efi_error("could not read file \"%s\"", path);
|
|
|
da1a85 |
return -1;
|
|
|
da1a85 |
}
|
|
|
da1a85 |
--
|
|
|
da1a85 |
2.17.1
|
|
|
da1a85 |
|