[PATCH] lib: fwts_pipeio: fix memory leak on zero sized text allocation
Colin King
colin.king at canonical.com
Wed Feb 1 07:39:16 UTC 2017
From: Colin Ian King <colin.king at canonical.com>
This fixes a corner case where a zero sized allocation could
leak memory. Detected by CoverityScan.
Signed-off-by: Colin Ian King <colin.king at canonical.com>
---
src/lib/src/fwts_pipeio.c | 35 ++++++++++++++++++-----------------
1 file changed, 18 insertions(+), 17 deletions(-)
diff --git a/src/lib/src/fwts_pipeio.c b/src/lib/src/fwts_pipeio.c
index eeafa7d..a2c941f 100644
--- a/src/lib/src/fwts_pipeio.c
+++ b/src/lib/src/fwts_pipeio.c
@@ -191,17 +191,13 @@ int fwts_pipe_readwrite(
if (n == 0)
break;
if (n < 0) {
- if (errno != EINTR && errno != EAGAIN) {
- free(ptr);
- return -1;
- }
+ if (errno != EINTR && errno != EAGAIN)
+ goto fail;
continue;
}
- if ((tmp = realloc(ptr, out_size + n + 1)) == NULL) {
- free(ptr);
- return -1;
- }
+ if ((tmp = realloc(ptr, out_size + n + 1)) == NULL)
+ goto fail;
ptr = tmp;
memcpy(ptr + out_size, buffer, n);
out_size += n;
@@ -212,10 +208,8 @@ int fwts_pipe_readwrite(
n = write(in_fd, in_buf, in_size);
if (n < 0) {
- if (errno != EINTR && errno != EAGAIN) {
- free(ptr);
- return -1;
- }
+ if (errno != EINTR && errno != EAGAIN)
+ goto fail;
continue;
}
@@ -225,9 +219,16 @@ int fwts_pipe_readwrite(
}
- *out_len = out_size;
- *out_buf = ptr;
- return 0;
+ if (out_size) {
+ *out_len = out_size;
+ *out_buf = ptr;
+ return 0;
+ }
+fail:
+ free(ptr);
+ *out_len = 0;
+ *out_buf = NULL;
+ return -1;
}
/*
@@ -279,7 +280,7 @@ int fwts_pipe_exec(const char *command, fwts_list **list, int *status)
pid_t pid;
int rc, fd;
ssize_t len;
- char *text;
+ char *text = NULL;
if (fwts_pipe_open_ro(command, &pid, &fd) < 0)
return FWTS_ERROR;
@@ -287,10 +288,10 @@ int fwts_pipe_exec(const char *command, fwts_list **list, int *status)
rc = fwts_pipe_read(fd, &text, &len);
if (!rc && len > 0) {
*list = fwts_list_from_text(text);
- free(text);
} else {
*list = NULL;
}
+ free(text);
*status = fwts_pipe_close(fd, pid);
if (rc || *status) {
--
2.10.2
More information about the fwts-devel
mailing list