lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <200702100211.l1A2BCGB007040@igsi.llnl.gov> Date: Fri, 9 Feb 2007 18:11:12 -0800 From: "Brian D. Behlendorf" <behlendorf1@...l.gov> To: tytso@....edu Cc: linux-ext4@...r.kernel.org, adilger@...sterfs.com, behlendorf1@...l.gov, wartens2@...l.gov Subject: e2fsprogs coverity patch <cid-14.diff> Lawrence Livermore National Labs recently ran the source code analysis tool Coverity over the e2fsprogs-1.39 source to see if it would identify any significant bugs. The analysis turned up 38 mostly minor issues which are enumerated here with patches. We went through and resolved these issues but would love to see these mostly minor changes reviewed and commited upstream. Thanks, Brian Behlendorf <behlendorf1@...l.gov>, and Herb Wartens <wartens2@...l.gov> ----------------------------------------------------------------------------- Coverity ID: 14: Resource Leak The profile must be freed early if subsequent memory allocations fail for 'expanded_filename'. Index: e2fsprogs+chaos/e2fsck/profile.c =================================================================== --- e2fsprogs+chaos.orig/e2fsck/profile.c +++ e2fsprogs+chaos/e2fsck/profile.c @@ -414,13 +414,16 @@ errcode_t profile_open_file(const char * len += strlen(home_env); } expanded_filename = malloc(len); - if (expanded_filename == 0) + if (!expanded_filename) { + profile_free_file(prf); return errno; + } if (home_env) { strcpy(expanded_filename, home_env); strcat(expanded_filename, filespec+1); - } else + } else { memcpy(expanded_filename, filespec, len); + } prf->filespec = expanded_filename; - To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists