lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 20 Dec 2017 21:27:02 +0100
From:   Lukas Bulwahn <lukas.bulwahn@...il.com>
To:     linux-kbuild@...r.kernel.org
Cc:     lukas.bulwahn@...il.com, Nicholas Mc Guire <der.herr@...r.at>,
        sil2review@...ts.osadl.org,
        Masahiro Yamada <yamada.masahiro@...ionext.com>,
        Michal Marek <michal.lkml@...kovi.net>,
        linux-kernel@...r.kernel.org
Subject: [PATCH] fixdep: exit with error code in error branches of do_config_file()

do_config_file() should exit with an error code, and not return if it fails
as then the error in do_config_file() would go unnoticed in the current
code and allow the build to continue. The exit with error code will make
the build fail in those very exceptional cases. If this occurs, this
actually indicates a deeper problem in the execution of the kernel build
process.

Now, that the function exists, we do not explicitly free memory and close
the file handlers in do_config_file(), as this is covered by exit().

This issue in the fixdep script was present already before its initial
import into the git repository in 2005 (Linux-2.6.12-rc2). Hence, the Fixes
tag would be imprecise and we do not include a Fixes tag to this commit.

This issue was identified during the review of a previous patch that
intended to address a memory leak detected by a static analysis tool.

Link: https://lkml.org/lkml/2017/12/14/736

Suggested-by: Nicholas Mc Guire <der.herr@...r.at>
Suggested-by: Masahiro Yamada <yamada.masahiro@...ionext.com>
Signed-off-by: Lukas Bulwahn <lukas.bulwahn@...il.com>
---
compile tested on top of next-20171220 with clang and gcc

 scripts/basic/fixdep.c | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/scripts/basic/fixdep.c b/scripts/basic/fixdep.c
index bbf62cb..4274610 100644
--- a/scripts/basic/fixdep.c
+++ b/scripts/basic/fixdep.c
@@ -284,19 +284,18 @@ static void do_config_file(const char *filename)
 		exit(2);
 	}
 	if (st.st_size == 0) {
-		close(fd);
-		return;
+		fprintf(stderr, "fixdep: error empty file config file: ");
+		perror(filename);
+		exit(2);
 	}
 	map = malloc(st.st_size + 1);
 	if (!map) {
 		perror("fixdep: malloc");
-		close(fd);
-		return;
+		exit(2);
 	}
 	if (read(fd, map, st.st_size) != st.st_size) {
 		perror("fixdep: read");
-		close(fd);
-		return;
+		exit(2);
 	}
 	map[st.st_size] = '\0';
 	close(fd);
-- 
2.7.4

Powered by blists - more mailing lists