lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <200702100211.l1A2BgSO007505@igsi.llnl.gov> Date: Fri, 9 Feb 2007 18:11:42 -0800 From: "Brian D. Behlendorf" <behlendorf1@...l.gov> To: tytso@....edu Cc: linux-ext4@...r.kernel.org, adilger@...sterfs.com, behlendorf1@...l.gov, wartens2@...l.gov Subject: e2fsprogs coverity patch <cid-51.diff> Lawrence Livermore National Labs recently ran the source code analysis tool Coverity over the e2fsprogs-1.39 source to see if it would identify any significant bugs. The analysis turned up 38 mostly minor issues which are enumerated here with patches. We went through and resolved these issues but would love to see these mostly minor changes reviewed and commited upstream. Thanks, Brian Behlendorf <behlendorf1@...l.gov>, and Herb Wartens <wartens2@...l.gov> ----------------------------------------------------------------------------- Coverity ID: 51: Use After Free ext2fs_get_pathname() can return without having allocated memory for pathname. Probably also should be more careful about using printf with NULL value as well (even though GNU probably handles this well). Index: e2fsprogs+chaos/debugfs/debugfs.c =================================================================== --- e2fsprogs+chaos.orig/debugfs/debugfs.c +++ e2fsprogs+chaos/debugfs/debugfs.c @@ -950,15 +950,23 @@ void do_print_working_directory(int argc com_err(argv[0], retval, "while trying to get pathname of cwd"); } - printf("[pwd] INODE: %6u PATH: %s\n", cwd, pathname); - free(pathname); + printf("[pwd] INODE: %6u PATH: %s\n", + cwd, pathname ? pathname : "NULL"); + if(pathname) { + free(pathname); + pathname = NULL; + } retval = ext2fs_get_pathname(current_fs, root, 0, &pathname); if (retval) { com_err(argv[0], retval, "while trying to get pathname of root"); } - printf("[root] INODE: %6u PATH: %s\n", root, pathname); - free(pathname); + printf("[root] INODE: %6u PATH: %s\n", + root, pathname ? pathname : "NULL"); + if(pathname) { + free(pathname); + pathname = NULL; + } return; } - To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists