popt/popt-1.18-imp-covscan-fixes.patch

65 lines
1.9 KiB
Diff
Raw Permalink Normal View History

commit 7e60d11c1b046e54378cf79280f4a856741c8749
Author: Tobias Stoeckmann <tobias@stoeckmann.org>
Date: Sat Aug 22 14:09:58 2020 +0200
Close iconv in case of allocation error
If memory allocation in strdup_locale_from_utf8 fails after calling
iconv_open, the returned conversion descriptor is not closed.
diff --git a/src/poptint.c b/src/poptint.c
index 0cec176..3a0919a 100644
--- a/src/poptint.c
+++ b/src/poptint.c
@@ -91,8 +91,10 @@ strdup_locale_from_utf8 (char * istr)
size_t ob = db;
size_t err;
- if (dstr == NULL)
+ if (dstr == NULL) {
+ (void) iconv_close(cd);
return NULL;
+ }
err = iconv(cd, NULL, NULL, NULL, NULL);
while (1) {
*pout = '\0';
commit 70011cc5763dca9a9b57e9539b465e00c9769996
Author: Michal Domonkos <mdomonko@redhat.com>
Date: Mon Jul 19 14:41:03 2021 +0200
Fix potential mem leak in poptReadConfigFile()
While it seems that the actual implementation of poptReadFile()
shouldn't allocate the passed buffer (b) if the number of bytes (nb) is
zero (see the read(2) call in that function), it's still up to the
caller to take care of this resource, so let's just do that by bailing
out via "exit" where the freeing happens.
Also initialize t to NULL to avoid freeing an undefined pointer.
Found by Coverity.
diff --git a/src/poptconfig.c b/src/poptconfig.c
index 8623ba2..7c52315 100644
--- a/src/poptconfig.c
+++ b/src/poptconfig.c
@@ -344,13 +344,15 @@ int poptReadConfigFile(poptContext con, const char * fn)
char * b = NULL, *be;
size_t nb = 0;
const char *se;
- char *t, *te;
+ char *t = NULL, *te;
int rc;
if ((rc = poptReadFile(fn, &b, &nb, POPT_READFILE_TRIMNEWLINES)) != 0)
return (errno == ENOENT ? 0 : rc);
- if (b == NULL || nb == 0)
- return POPT_ERROR_BADCONFIG;
+ if (b == NULL || nb == 0) {
+ rc = POPT_ERROR_BADCONFIG;
+ goto exit;
+ }
if ((t = malloc(nb + 1)) == NULL)
goto exit;