|
|
8bbbd5 |
From 9d178fe573818764a2d15e0a39691f5eb4e300f6 Mon Sep 17 00:00:00 2001
|
|
|
8bbbd5 |
From: Ondrej Dubaj <odubaj@redhat.com>
|
|
|
8bbbd5 |
Date: Mon, 27 May 2019 10:52:51 +0200
|
|
|
8bbbd5 |
Subject: [PATCH] Fix a few obvious resource leaks and strcpy() misuses
|
|
|
8bbbd5 |
|
|
|
8bbbd5 |
Per Coverity report.
|
|
|
8bbbd5 |
---
|
|
|
8bbbd5 |
cpio/cpio.c | 4 +++-
|
|
|
8bbbd5 |
libarchive/archive_acl.c | 8 ++++++--
|
|
|
8bbbd5 |
libarchive/archive_write_set_format_iso9660.c | 4 ++--
|
|
|
8bbbd5 |
libarchive/archive_write_set_format_mtree.c | 4 ++--
|
|
|
8bbbd5 |
libarchive/archive_write_set_format_pax.c | 6 ++++--
|
|
|
8bbbd5 |
libarchive/archive_write_set_format_xar.c | 10 ++++++----
|
|
|
8bbbd5 |
6 files changed, 23 insertions(+), 13 deletions(-)
|
|
|
8bbbd5 |
|
|
|
8bbbd5 |
diff --git a/cpio/cpio.c b/cpio/cpio.c
|
|
|
8bbbd5 |
index 5beedd0..6696bb5 100644
|
|
|
8bbbd5 |
--- a/cpio/cpio.c
|
|
|
8bbbd5 |
+++ b/cpio/cpio.c
|
|
|
8bbbd5 |
@@ -744,8 +744,10 @@ file_to_archive(struct cpio *cpio, const char *srcpath)
|
|
|
8bbbd5 |
}
|
|
|
8bbbd5 |
if (cpio->option_rename)
|
|
|
8bbbd5 |
destpath = cpio_rename(destpath);
|
|
|
8bbbd5 |
- if (destpath == NULL)
|
|
|
8bbbd5 |
+ if (destpath == NULL) {
|
|
|
8bbbd5 |
+ archive_entry_free(entry);
|
|
|
8bbbd5 |
return (0);
|
|
|
8bbbd5 |
+ }
|
|
|
8bbbd5 |
archive_entry_copy_pathname(entry, destpath);
|
|
|
8bbbd5 |
|
|
|
8bbbd5 |
/*
|
|
|
8bbbd5 |
diff --git a/libarchive/archive_acl.c b/libarchive/archive_acl.c
|
|
|
8bbbd5 |
index b8b6b63..503f379 100644
|
|
|
8bbbd5 |
--- a/libarchive/archive_acl.c
|
|
|
8bbbd5 |
+++ b/libarchive/archive_acl.c
|
|
|
8bbbd5 |
@@ -753,8 +753,10 @@ archive_acl_to_text_w(struct archive_acl *acl, ssize_t *text_len, int flags,
|
|
|
8bbbd5 |
append_entry_w(&wp, prefix, ap->type, ap->tag, flags,
|
|
|
8bbbd5 |
wname, ap->permset, id);
|
|
|
8bbbd5 |
count++;
|
|
|
8bbbd5 |
- } else if (r < 0 && errno == ENOMEM)
|
|
|
8bbbd5 |
+ } else if (r < 0 && errno == ENOMEM) {
|
|
|
8bbbd5 |
+ free(ws);
|
|
|
8bbbd5 |
return (NULL);
|
|
|
8bbbd5 |
+ }
|
|
|
8bbbd5 |
}
|
|
|
8bbbd5 |
|
|
|
8bbbd5 |
/* Add terminating character */
|
|
|
8bbbd5 |
@@ -975,8 +977,10 @@ archive_acl_to_text_l(struct archive_acl *acl, ssize_t *text_len, int flags,
|
|
|
8bbbd5 |
prefix = NULL;
|
|
|
8bbbd5 |
r = archive_mstring_get_mbs_l(
|
|
|
8bbbd5 |
&ap->name, &name, &len, sc);
|
|
|
8bbbd5 |
- if (r != 0)
|
|
|
8bbbd5 |
+ if (r != 0) {
|
|
|
8bbbd5 |
+ free(s);
|
|
|
8bbbd5 |
return (NULL);
|
|
|
8bbbd5 |
+ }
|
|
|
8bbbd5 |
if (count > 0)
|
|
|
8bbbd5 |
*p++ = separator;
|
|
|
8bbbd5 |
if (name == NULL ||
|
|
|
8bbbd5 |
diff --git a/libarchive/archive_write_set_format_iso9660.c b/libarchive/archive_write_set_format_iso9660.c
|
|
|
8bbbd5 |
index c0ca435..badc88b 100644
|
|
|
8bbbd5 |
--- a/libarchive/archive_write_set_format_iso9660.c
|
|
|
8bbbd5 |
+++ b/libarchive/archive_write_set_format_iso9660.c
|
|
|
8bbbd5 |
@@ -4899,10 +4899,10 @@ isofile_gen_utility_names(struct archive_write *a, struct isofile *file)
|
|
|
8bbbd5 |
if (p[0] == '/') {
|
|
|
8bbbd5 |
if (p[1] == '/')
|
|
|
8bbbd5 |
/* Convert '//' --> '/' */
|
|
|
8bbbd5 |
- strcpy(p, p+1);
|
|
|
8bbbd5 |
+ memmove(p, p+1, strlen(p+1) + 1);
|
|
|
8bbbd5 |
else if (p[1] == '.' && p[2] == '/')
|
|
|
8bbbd5 |
/* Convert '/./' --> '/' */
|
|
|
8bbbd5 |
- strcpy(p, p+2);
|
|
|
8bbbd5 |
+ memmove(p, p+2, strlen(p+2) + 1);
|
|
|
8bbbd5 |
else if (p[1] == '.' && p[2] == '.' && p[3] == '/') {
|
|
|
8bbbd5 |
/* Convert 'dir/dir1/../dir2/'
|
|
|
8bbbd5 |
* --> 'dir/dir2/'
|
|
|
8bbbd5 |
diff --git a/libarchive/archive_write_set_format_mtree.c b/libarchive/archive_write_set_format_mtree.c
|
|
|
8bbbd5 |
index 493d473..0f2431e 100644
|
|
|
8bbbd5 |
--- a/libarchive/archive_write_set_format_mtree.c
|
|
|
8bbbd5 |
+++ b/libarchive/archive_write_set_format_mtree.c
|
|
|
8bbbd5 |
@@ -1810,10 +1810,10 @@ mtree_entry_setup_filenames(struct archive_write *a, struct mtree_entry *file,
|
|
|
8bbbd5 |
if (p[0] == '/') {
|
|
|
8bbbd5 |
if (p[1] == '/')
|
|
|
8bbbd5 |
/* Convert '//' --> '/' */
|
|
|
8bbbd5 |
- strcpy(p, p+1);
|
|
|
8bbbd5 |
+ memmove(p, p+1, strlen(p+1) + 1);
|
|
|
8bbbd5 |
else if (p[1] == '.' && p[2] == '/')
|
|
|
8bbbd5 |
/* Convert '/./' --> '/' */
|
|
|
8bbbd5 |
- strcpy(p, p+2);
|
|
|
8bbbd5 |
+ memmove(p, p+2, strlen(p+2) + 1);
|
|
|
8bbbd5 |
else if (p[1] == '.' && p[2] == '.' && p[3] == '/') {
|
|
|
8bbbd5 |
/* Convert 'dir/dir1/../dir2/'
|
|
|
8bbbd5 |
* --> 'dir/dir2/'
|
|
|
8bbbd5 |
diff --git a/libarchive/archive_write_set_format_pax.c b/libarchive/archive_write_set_format_pax.c
|
|
|
8bbbd5 |
index 0eaf733..4863e46 100644
|
|
|
8bbbd5 |
--- a/libarchive/archive_write_set_format_pax.c
|
|
|
8bbbd5 |
+++ b/libarchive/archive_write_set_format_pax.c
|
|
|
8bbbd5 |
@@ -522,11 +522,13 @@ add_pax_acl(struct archive_write *a,
|
|
|
8bbbd5 |
ARCHIVE_ERRNO_FILE_FORMAT, "%s %s %s",
|
|
|
8bbbd5 |
"Can't translate ", attr, " to UTF-8");
|
|
|
8bbbd5 |
return(ARCHIVE_WARN);
|
|
|
8bbbd5 |
- } else if (*p != '\0') {
|
|
|
8bbbd5 |
+ }
|
|
|
8bbbd5 |
+
|
|
|
8bbbd5 |
+ if (*p != '\0') {
|
|
|
8bbbd5 |
add_pax_attr(&(pax->pax_header),
|
|
|
8bbbd5 |
attr, p);
|
|
|
8bbbd5 |
- free(p);
|
|
|
8bbbd5 |
}
|
|
|
8bbbd5 |
+ free(p);
|
|
|
8bbbd5 |
return(ARCHIVE_OK);
|
|
|
8bbbd5 |
}
|
|
|
8bbbd5 |
|
|
|
8bbbd5 |
diff --git a/libarchive/archive_write_set_format_xar.c b/libarchive/archive_write_set_format_xar.c
|
|
|
8bbbd5 |
index 495f0d4..56cd33c 100644
|
|
|
8bbbd5 |
--- a/libarchive/archive_write_set_format_xar.c
|
|
|
8bbbd5 |
+++ b/libarchive/archive_write_set_format_xar.c
|
|
|
8bbbd5 |
@@ -2120,10 +2120,10 @@ file_gen_utility_names(struct archive_write *a, struct file *file)
|
|
|
8bbbd5 |
if (p[0] == '/') {
|
|
|
8bbbd5 |
if (p[1] == '/')
|
|
|
8bbbd5 |
/* Convert '//' --> '/' */
|
|
|
8bbbd5 |
- strcpy(p, p+1);
|
|
|
8bbbd5 |
+ memmove(p, p+1, strlen(p+1) + 1);
|
|
|
8bbbd5 |
else if (p[1] == '.' && p[2] == '/')
|
|
|
8bbbd5 |
/* Convert '/./' --> '/' */
|
|
|
8bbbd5 |
- strcpy(p, p+2);
|
|
|
8bbbd5 |
+ memmove(p, p+2, strlen(p+2) + 1);
|
|
|
8bbbd5 |
else if (p[1] == '.' && p[2] == '.' && p[3] == '/') {
|
|
|
8bbbd5 |
/* Convert 'dir/dir1/../dir2/'
|
|
|
8bbbd5 |
* --> 'dir/dir2/'
|
|
|
8bbbd5 |
@@ -3169,8 +3169,10 @@ save_xattrs(struct archive_write *a, struct file *file)
|
|
|
8bbbd5 |
checksum_update(&(xar->a_sumwrk),
|
|
|
8bbbd5 |
xar->wbuff, size);
|
|
|
8bbbd5 |
if (write_to_temp(a, xar->wbuff, size)
|
|
|
8bbbd5 |
- != ARCHIVE_OK)
|
|
|
8bbbd5 |
- return (ARCHIVE_FATAL);
|
|
|
8bbbd5 |
+ != ARCHIVE_OK) {
|
|
|
8bbbd5 |
+ free(heap);
|
|
|
8bbbd5 |
+ return (ARCHIVE_FATAL);
|
|
|
8bbbd5 |
+ }
|
|
|
8bbbd5 |
if (r == ARCHIVE_OK) {
|
|
|
8bbbd5 |
xar->stream.next_out = xar->wbuff;
|
|
|
8bbbd5 |
xar->stream.avail_out = sizeof(xar->wbuff);
|
|
|
8bbbd5 |
--
|
|
|
8bbbd5 |
2.17.1
|
|
|
8bbbd5 |
|