| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20140314133931.GM8282@thunk.org> Date: Fri, 14 Mar 2014 09:39:31 -0400 From: Theodore Ts'o <tytso@....edu> To: "Darrick J. Wong" <darrick.wong@...cle.com> Cc: linux-ext4@...r.kernel.org Subject: Re: [PATCH 18/49] misc: fix header complaints and resource leaks in e2fsprogs On Mon, Mar 10, 2014 at 11:55:53PM -0700, Darrick J. Wong wrote: > diff --git a/e2fsck/unix.c b/e2fsck/unix.c > index b39383d..11c2693 100644 > --- a/e2fsck/unix.c > +++ b/e2fsck/unix.c > @@ -1016,6 +1016,7 @@ static errcode_t PRS(int argc, char *argv[], e2fsck_t *ret_ctx) > strcat(newpath, oldpath); > } > putenv(newpath); > + free(newpath); > } This introduces a bug. An attempt to reference the PATH environment variable will result in garbage or a crash. Quoting from the putenv() manpage: The putenv() function adds or changes the value of environment variables. The argument string is of the form name=value. If name does not already exist in the environment, then string is added to the environment. If name does exist, then the value of name in the environment is changed to value. The string pointed to by string becomes part of the environment, so altering the string changes the environment. It's a common false positive with things like cppcheck, valgrind --leak-check, etc. Cheers, - Ted -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists