Date: Thu, 22 Jun 2017 17:13:02 -0700 From: Conrad Meyer <cem@freebsd.org> To: Maxim Sobolev <sobomax@freebsd.org> Cc: src-committers <src-committers@freebsd.org>, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r320048 - head/usr.bin/mkuzip Message-ID: <CAG6CVpVrWA0J6LyRFvXc3LKmLH5O0HekkrgGmMtCBoM2Vg4cjA@mail.gmail.com> In-Reply-To: <201706170258.v5H2wWCT006080@repo.freebsd.org> References: <201706170258.v5H2wWCT006080@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
ffd is leaked in return paths. Coverity CID 1376420. On Fri, Jun 16, 2017 at 7:58 PM, Maxim Sobolev <sobomax@freebsd.org> wrote: > Author: sobomax > Date: Sat Jun 17 02:58:31 2017 > New Revision: 320048 > URL: https://svnweb.freebsd.org/changeset/base/320048 > > Log: > o Move logic that determines size of the input image into its own > file. That logic has grown quite significantly now; > > o add a special handling for the snapshot images. Those have some > extra headers at the end of the image and we don't need those > in the output image really. > > MFC after: 6 weeks > > ... > Added: head/usr.bin/mkuzip/mkuz_insize.c > ... > +off_t > +mkuz_get_insize(struct mkuz_cfg *cfp) > +{ > + int ffd; > + off_t ms; > + struct stat sb; > + struct statfs statfsbuf; > + > + if (fstat(cfp->fdr, &sb) != 0) { > + warn("fstat(%s)", cfp->iname); > + return (-1); > + } > + if ((sb.st_flags & SF_SNAPSHOT) != 0) { > + if (fstatfs(cfp->fdr, &statfsbuf) != 0) { > + warn("fstatfs(%s)", cfp->iname); > + return (-1); > + } > + ffd = open(statfsbuf.f_mntfromname, O_RDONLY); > + if (ffd < 0) { > + warn("open(%s, O_RDONLY)", statfsbuf.f_mntfromname); > + return (-1); > + } > + if (ioctl(ffd, DIOCGMEDIASIZE, &ms) < 0) { > + warn("ioctl(DIOCGMEDIASIZE)"); > + return (-1); ffd leaked here. > + } ffd also leaked here via fallthrough return. > + sb.st_size = ms; > + } else if (S_ISCHR(sb.st_mode)) { > + if (ioctl(cfp->fdr, DIOCGMEDIASIZE, &ms) < 0) { > + warn("ioctl(DIOCGMEDIASIZE)"); > + return (-1); > + } > + sb.st_size = ms; > + } else if (!S_ISREG(sb.st_mode)) { > + warnx("%s: not a character device or regular file\n", > + cfp->iname); > + return (-1); > + } > + return (sb.st_size); > +}
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAG6CVpVrWA0J6LyRFvXc3LKmLH5O0HekkrgGmMtCBoM2Vg4cjA>