Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
[bug #36276] Potential problem in parse_config() which may leak file descriptor
2 views
Skip to first unread message
anonymous
Apr 23, 2012, 4:26:36 PM4/23/12
to bug...@nongnu.org
URL:
<http://savannah.nongnu.org/bugs/?36276>
Summary: Potential problem in parse_config() which may leak
file descriptor
Project: Concurrent Versions System
Submitted by: None
Submitted on: Mon Apr 23 20:26:36 2012
Category: Bug Report
Severity: 3 - Normal
Item Group: None
Status: None
Privacy: Public
Assigned to: None
Open/Closed: Open
Release:
Discussion Lock: Any
Fixed Release: None
Fixed Feature Release: None
_______________________________________________________
Details:
We are developing a tool to find bugs, and it flagged a potential error in
CVS.
We are checking CVS version 1.11.23.
In parse_config() in src/parseinfo.c, the config file is opened at line 274:
274: fp_info = CVS_FOPEN (infopath, "r");
The file is closed if everything goes well:
461: if (fclose (fp_info) < 0)
But if there is a syntax error, the file is not closed:
321: p = strchr (line, '=');
322: if (p == NULL)
323: {
323: /* Probably should be printing line number. */
324: error (0, 0, "syntax error in %s: line '%s' is missing '='",
325: infopath, line);
326: goto error_return;
327: }
...
474: error_return:
475: if (!logHistory)
476: logHistory = xstrdup (ALL_HISTORY_REC_TYPES);
477: if (infopath != NULL)
478: free (infopath);
479: if (line != NULL)
480: free (line);
// Shall we have something like
// if (fp_info) fclose(fp_info);
// here?
481: return -1;
482:}
Since the problem is due to a syntax error, shall we still close the file?
We may just move the call to fclose() into the error_return block.
Else the file would be left opened after the function returns.
Is this a real problem? Any confirmation or clarification is
appreciated. Thanks.
_______________________________________________________
Reply to this item at:
<http://savannah.nongnu.org/bugs/?36276>
_______________________________________________
Message sent via/by Savannah
http://savannah.nongnu.org/
<http://savannah.nongnu.org/bugs/?36276>
Summary: Potential problem in parse_config() which may leak
file descriptor
Project: Concurrent Versions System
Submitted by: None
Submitted on: Mon Apr 23 20:26:36 2012
Category: Bug Report
Severity: 3 - Normal
Item Group: None
Status: None
Privacy: Public
Assigned to: None
Open/Closed: Open
Release:
Discussion Lock: Any
Fixed Release: None
Fixed Feature Release: None
_______________________________________________________
Details:
We are developing a tool to find bugs, and it flagged a potential error in
CVS.
We are checking CVS version 1.11.23.
In parse_config() in src/parseinfo.c, the config file is opened at line 274:
274: fp_info = CVS_FOPEN (infopath, "r");
The file is closed if everything goes well:
461: if (fclose (fp_info) < 0)
But if there is a syntax error, the file is not closed:
321: p = strchr (line, '=');
322: if (p == NULL)
323: {
323: /* Probably should be printing line number. */
324: error (0, 0, "syntax error in %s: line '%s' is missing '='",
325: infopath, line);
326: goto error_return;
327: }
...
474: error_return:
475: if (!logHistory)
476: logHistory = xstrdup (ALL_HISTORY_REC_TYPES);
477: if (infopath != NULL)
478: free (infopath);
479: if (line != NULL)
480: free (line);
// Shall we have something like
// if (fp_info) fclose(fp_info);
// here?
481: return -1;
482:}
Since the problem is due to a syntax error, shall we still close the file?
We may just move the call to fclose() into the error_return block.
Else the file would be left opened after the function returns.
Is this a real problem? Any confirmation or clarification is
appreciated. Thanks.
_______________________________________________________
Reply to this item at:
<http://savannah.nongnu.org/bugs/?36276>
_______________________________________________
Message sent via/by Savannah
http://savannah.nongnu.org/
Petr Pisar
Apr 25, 2012, 2:26:46 AM4/25/12
to Petr Pisar, bug...@nongnu.org
Follow-up Comment #1, bug #36276 (project cvs):
All parse_config() calls do not check return value, run_exec() does not close
unneeded descriptors and CVS_FOPEN does not set O_CLOEXEC, so there is
possibility external command gets access to CVS configuration file.
I think copying final fclose() after set_defaults_and_return label is the
best
solution. Move is not enough because the non-error path would return without
closing the file.
All parse_config() calls do not check return value, run_exec() does not close
unneeded descriptors and CVS_FOPEN does not set O_CLOEXEC, so there is
possibility external command gets access to CVS configuration file.
I think copying final fclose() after set_defaults_and_return label is the
best
solution. Move is not enough because the non-error path would return without
closing the file.
Petr Pisar
May 3, 2018, 8:29:45 AM5/3/18
to Petr Pisar, bug...@nongnu.org
Additional Item Attachment, bug #36276 (project cvs):
File name: cvs-1.11.23-Close-a-configuration-file-on-a-syntax-error.patch
Size:0 KB
_______________________________________________________
Reply to this item at:
<http://savannah.nongnu.org/bugs/?36276>
_______________________________________________
Message sent via Savannah
https://savannah.nongnu.org/
File name: cvs-1.11.23-Close-a-configuration-file-on-a-syntax-error.patch
Size:0 KB
_______________________________________________________
Reply to this item at:
<http://savannah.nongnu.org/bugs/?36276>
_______________________________________________
https://savannah.nongnu.org/
0 new messages