ACK: [PATCH] lib: fwts_args: ensure a null short_option is never passed to getopt_long
Alex Hung
alex.hung at canonical.com
Mon Nov 13 03:05:30 UTC 2017
On 2017-11-09 08:30 PM, Colin King wrote:
> From: Colin Ian King <colin.king at canonical.com>
>
> Although very unlikely, ensure a null getopt_long is never passed to a call
> to getopt_long as this would lead to a null pointer derference. Also add
> a fix to a leak on short_options if an allocation fails.
>
> Detected by CoverityScan, CID#1381432 ("Explicit Null dereference")
>
> Signed-off-by: Colin Ian King <colin.king at canonical.com>
> ---
> src/lib/src/fwts_args.c | 17 +++++++++++++++++
> 1 file changed, 17 insertions(+)
>
> diff --git a/src/lib/src/fwts_args.c b/src/lib/src/fwts_args.c
> index 23eb0c83..d4b1a3c1 100644
> --- a/src/lib/src/fwts_args.c
> +++ b/src/lib/src/fwts_args.c
> @@ -154,6 +154,7 @@ int fwts_args_parse(fwts_framework *fw, const int argc, char * const argv[])
> } else {
> short_options = calloc(1, len + 1);
> if (short_options == NULL) {
> + free(short_options);
> free(long_options);
> fwts_log_error(fw,
> "Out of memory "
> @@ -167,6 +168,22 @@ int fwts_args_parse(fwts_framework *fw, const int argc, char * const argv[])
> }
> }
>
> + /*
> + * Although unlikely, short_options must not be null otherwise
> + * it could potentially break getopt_long() so to be totally
> + * safe, allocate a empty string.
> + * Cleans up CoverityScan CID#1381432 ("Explicit Null dereference")
> + */
> + if (!short_options) {
> + short_options = strdup("");
> + if (!short_options) {
> + free(short_options);
> + free(long_options);
> + fwts_log_error(fw, "Out of memory allocating options.");
> + return FWTS_ERROR;
> + }
> + }
> +
> for (;;) {
> master_option_index = total_options;
> translated_long_option_index = 0;
>
Acked-by: Alex Hung <alex.hung at canonical.com>
More information about the fwts-devel
mailing list