From patchwork Thu Jul 27 15:31:08 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "REIX, Tony" X-Patchwork-Id: 794474 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=gcc.gnu.org (client-ip=209.132.180.131; helo=sourceware.org; envelope-from=gcc-patches-return-459181-incoming=patchwork.ozlabs.org@gcc.gnu.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=gcc.gnu.org header.i=@gcc.gnu.org header.b="nURNI2Sx"; dkim-atps=neutral Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3xJGCx13s5z9s74 for ; Fri, 28 Jul 2017 01:31:23 +1000 (AEST) DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:from :to:cc:subject:date:message-id:references:in-reply-to :content-type:mime-version; q=dns; s=default; b=YQLSK6d8evseaMHk 5hDNJgFFdMuuJY6hY9iPY8f6VyOJBwde/2+gfKj4JblETfsyCMkCGaa+/4Li/zFK W3tzPQjCz4+0lefCQSerfEcB+qRxuLnfH3qo3WRCPRPr1CwstT59102bkgOur/0y LwNJB8goSgjs0MddDX+8rXVZzL4= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:from :to:cc:subject:date:message-id:references:in-reply-to :content-type:mime-version; s=default; bh=yPKuwNP0WN1KjppOQF2OgK TXugo=; b=nURNI2Sx/Qj5NRFX8I4ukm7hlpHT0HMNzXcf1eHtWzhNAaEWZpc7HO 5Cy2P0Q/GaWTP2udqZ12nV1ECCzRD5tqQ2d66QNONYLdMwp3narY0bVA5fYOEQz2 iFMT/fu7Wev+aawiYzzxlbWk7LBcDKLGuW5lXLHX4QMdhETAJsaKk= Received: (qmail 117389 invoked by alias); 27 Jul 2017 15:31:15 -0000 Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Archive: List-Post: List-Help: Sender: gcc-patches-owner@gcc.gnu.org Delivered-To: mailing list gcc-patches@gcc.gnu.org Received: (qmail 116330 invoked by uid 89); 27 Jul 2017 15:31:14 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-10.6 required=5.0 tests=AWL, BAYES_00, GIT_PATCH_2, GIT_PATCH_3, KAM_ASCII_DIVIDERS, RP_MATCHES_RCVD, SPF_PASS, UNPARSEABLE_RELAY autolearn=ham version=3.3.2 spammy=H*c:HHH X-HELO: smtppost.atos.net Received: from smtppost.atos.net (HELO smtppost.atos.net) (193.56.114.165) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Thu, 27 Jul 2017 15:31:13 +0000 Received: from mail1-ext.my-it-solutions.net (mail1-ext.my-it-solutions.net) by smarthost3.atos.net with smtp (TLS: TLSv1/SSLv3,256bits,ECDHE-RSA-AES256-GCM-SHA384) id 6c2e_b215_6fdef949_7ff8_461a_89eb_e18f97b5417c; Thu, 27 Jul 2017 17:31:10 +0200 Received: from mail1-int.my-it-solutions.net ([10.92.32.11]) by mail1-ext.my-it-solutions.net (8.15.2/8.15.2) with ESMTPS id v6RFV9Rs023499 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 27 Jul 2017 17:31:09 +0200 Received: from FRCRPVV9ET1MSX.ww931.my-it-solutions.net ([172.23.231.41]) by mail1-int.my-it-solutions.net (8.15.2/8.15.2) with ESMTPS id v6RFV9Xt016198 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Thu, 27 Jul 2017 17:31:09 +0200 Received: from FRCRPVV9EX3MSX.ww931.my-it-solutions.net ([169.254.6.169]) by FRCRPVV9ET1MSX.ww931.my-it-solutions.net ([172.23.231.41]) with mapi id 14.03.0352.000; Thu, 27 Jul 2017 17:31:09 +0200 From: "REIX, Tony" To: "gcc-patches@gcc.gnu.org" CC: Ian Lance Taylor , "dje.gcc@gmail.com" Subject: RE:[PATCH, AIX] Don't leak a file descriptor if an archive is malformed. Date: Thu, 27 Jul 2017 15:31:08 +0000 Message-ID: References: In-Reply-To: MIME-Version: 1.0 Better with the patch file... Sorry. The Resend did not add the joint file I added with first message (in HTML format, refused). Hope it's OK now. Tony Index: libbacktrace/ChangeLog =================================================================== --- libbacktrace/ChangeLog (revision 250609) +++ libbacktrace/ChangeLog (working copy) @@ -1,3 +1,7 @@ +2017-07-27 Tony Reix + + * xcoff.c: Don't leak a file descriptor if an archive is malformed. + 2017-07-26 Tony Reix * configure.ac: Check for XCOFF32/XCOFF64. Check for loadquery. Index: libbacktrace/xcoff.c =================================================================== --- libbacktrace/xcoff.c (revision 250609) +++ libbacktrace/xcoff.c (working copy) @@ -1288,7 +1288,7 @@ xcoff_armem_add (struct backtrace_state *state, in if (!backtrace_get_view (state, descriptor, 0, sizeof (b_ar_fl_hdr), error_callback, data, &view)) - return 0; + goto fail; memcpy (&fl_hdr, view.data, sizeof (b_ar_fl_hdr)); @@ -1295,13 +1295,13 @@ xcoff_armem_add (struct backtrace_state *state, in backtrace_release_view (state, &view, error_callback, data); if (memcmp (fl_hdr.fl_magic, AIAMAGBIG, 8) != 0) - return 0; + goto fail; memlen = strlen (member); /* Read offset of first archive member. */ if (!xcoff_parse_decimal (fl_hdr.fl_fstmoff, sizeof fl_hdr.fl_fstmoff, &off)) - return 0; + goto fail; while (off != 0) { /* Map archive member header and member name. */ @@ -1309,7 +1309,7 @@ xcoff_armem_add (struct backtrace_state *state, in if (!backtrace_get_view (state, descriptor, off, sizeof (b_ar_hdr) + memlen, error_callback, data, &view)) - return 0; + break; ar_hdr = (const b_ar_hdr *) view.data; @@ -1345,6 +1345,7 @@ xcoff_armem_add (struct backtrace_state *state, in backtrace_release_view (state, &view, error_callback, data); } + fail: /* No matching member found. */ backtrace_close (descriptor, error_callback, data); return 0;