rpms / iproute

Clone
Source Code
GIT

Blame SOURCES/0100-lib-bpf-Don-t-leak-fp-in-bpf_find_mntpt.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta c9s-sig-hyperscale
  1.   99be8fbcce3c2415d08028a4716229389aca3e3d
  2.   SOURCES
  3.   0100-lib-bpf-Don-t-leak-fp-in-bpf_find_mntpt.patch
Blob History Raw
99be8f 
From bafabe7a067e647f97ae0df277bded8b9349db50 Mon Sep 17 00:00:00 2001
99be8f 
From: Andrea Claudi <aclaudi@redhat.com>
99be8f 
Date: Mon, 29 Apr 2019 20:08:07 +0200
99be8f 
Subject: [PATCH] lib/bpf: Don't leak fp in bpf_find_mntpt()
99be8f
99be8f 
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1465646
99be8f 
Upstream Status: iproute2.git commit c3724e4bc3a6c
99be8f
99be8f 
commit c3724e4bc3a6c40dc846f0c3b02934d711bf81fb
99be8f 
Author: Phil Sutter <phil@nwl.cc>
99be8f 
Date:   Mon Aug 21 16:46:51 2017 +0200
99be8f
99be8f 
    lib/bpf: Don't leak fp in bpf_find_mntpt()
99be8f
99be8f 
    If fopen() succeeded but len != PATH_MAX, the function leaks the open
99be8f 
    FILE pointer. Fix this by checking len value before calling fopen().
99be8f
99be8f 
    Signed-off-by: Phil Sutter <phil@nwl.cc>
99be8f 
    Acked-by: Daniel Borkmann <daniel@iogearbox.net>
99be8f 
---
99be8f 
 lib/bpf.c | 5 ++++-
99be8f 
 1 file changed, 4 insertions(+), 1 deletion(-)
99be8f
99be8f 
diff --git a/lib/bpf.c b/lib/bpf.c
99be8f 
index 3aabf44d1abf8..33c5288e82187 100644
99be8f 
--- a/lib/bpf.c
99be8f 
+++ b/lib/bpf.c
99be8f 
@@ -432,8 +432,11 @@ static const char *bpf_find_mntpt(const char *fstype, unsigned long magic,
99be8f 
 		}
99be8f 
 	}
99be8f
99be8f 
+	if (len != PATH_MAX)
99be8f 
+		return NULL;
99be8f 
+
99be8f 
 	fp = fopen("/proc/mounts", "r");
99be8f 
-	if (fp == NULL || len != PATH_MAX)
99be8f 
+	if (fp == NULL)
99be8f 
 		return NULL;
99be8f
99be8f 
 	while (fscanf(fp, "%*s %" textify(PATH_MAX) "s %99s %*s %*d %*d\n",
99be8f 
--
99be8f 
2.20.1
99be8f

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation