Mercurial > gnulib
changeset 17634:23530dae897f
modechange: avoid memory leaks for invalid octal modes
* lib/modechange.c (mode_compile): During the parsing of
notations like +40, free the 'mc' buffer for invalid mode
strings like +17777 (greater than the maximum octal mode),
=18 (bad octal mode characters) or u=1 ('affected' with
octal modes).
Reproducer, e.g.:
$ valgrind --leak-check=full chmod +17777 file
Introduced via the 2012-03-09 commit, 4730c3e3, "modechange:
add notations +40, 00440, etc.".
Spotted by coverity (RESOURCE_LEAK).
author | Bernhard Voelker <mail@bernhard-voelker.de> |
---|---|
date | Wed, 26 Mar 2014 01:42:11 +0100 |
parents | 8b21b798e6d7 |
children | 0a7fbe4650ff |
files | ChangeLog lib/modechange.c |
diffstat | 2 files changed, 16 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog Tue Mar 25 06:08:30 2014 -0700 +++ b/ChangeLog Wed Mar 26 01:42:11 2014 +0100 @@ -1,3 +1,17 @@ +2014-03-26 Bernhard Voelker <mail@bernhard-voelker.de> + + modechange: avoid memory leaks for invalid octal modes + * lib/modechange.c (mode_compile): During the parsing of + notations like +40, free the 'mc' buffer for invalid mode + strings like +17777 (greater than the maximum octal mode), + =18 (bad octal mode characters) or u=1 ('affected' with + octal modes). + Reproducer, e.g.: + $ valgrind --leak-check=full chmod +17777 file + Introduced via the 2012-03-09 commit, 4730c3e3, "modechange: + add notations +40, 00440, etc.". + Spotted by coverity (RESOURCE_LEAK). + 2014-03-24 Paul Eggert <eggert@cs.ucla.edu> gitlog-to-changelog: include a dummy git-log-fix file
--- a/lib/modechange.c Tue Mar 25 06:08:30 2014 -0700 +++ b/lib/modechange.c Wed Mar 26 01:42:11 2014 +0100 @@ -220,12 +220,12 @@ { octal_mode = 8 * octal_mode + *p++ - '0'; if (ALLM < octal_mode) - return NULL; + goto invalid; } while ('0' <= *p && *p < '8'); if (affected || (*p && *p != ',')) - return NULL; + goto invalid; affected = mentioned = CHMOD_MODE_BITS; value = octal_to_mode (octal_mode); flag = MODE_ORDINARY_CHANGE;