From patchwork Tue Dec 20 11:01:45 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ladislav Michl X-Patchwork-Id: 707404 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from theia.denx.de (theia.denx.de [85.214.87.163]) by ozlabs.org (Postfix) with ESMTP id 3tjZck5VDrz9t6g for ; Tue, 20 Dec 2016 22:02:30 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id 12DBBA7638; Tue, 20 Dec 2016 12:02:28 +0100 (CET) Received: from theia.denx.de ([127.0.0.1]) by localhost (theia.denx.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JBK3f-6YgGPo; Tue, 20 Dec 2016 12:02:27 +0100 (CET) Received: from theia.denx.de (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id 455C8A75C9; Tue, 20 Dec 2016 12:02:27 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id 412A3A75C9 for ; Tue, 20 Dec 2016 12:02:24 +0100 (CET) Received: from theia.denx.de ([127.0.0.1]) by localhost (theia.denx.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uAxaTDUpbxZL for ; Tue, 20 Dec 2016 12:02:24 +0100 (CET) X-policyd-weight: NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 NOT_IN_BL_NJABL=-1.5 (only DNSBL check requested) Received: from cvs.linux-mips.org (eddie.linux-mips.org [148.251.95.138]) by theia.denx.de (Postfix) with ESMTP id 08A36A75C3 for ; Tue, 20 Dec 2016 12:02:20 +0100 (CET) Received: (from localhost user: 'ladis' uid#1021 fake: STDIN (ladis@eddie.linux-mips.org)) by eddie.linux-mips.org id S23993265AbcLTLCUgdjHW (ORCPT ); Tue, 20 Dec 2016 12:02:20 +0100 Date: Tue, 20 Dec 2016 12:01:45 +0100 From: Ladislav Michl To: Michal Simek Message-ID: <20161220110145.f3f3io7r4sg5tvtf@lenoch> References: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: User-Agent: NeoMutt/20161126 (1.7.1) Cc: u-boot@lists.denx.de Subject: Re: [U-Boot] [PATCH] tools: mkimage: Call fclose in error path X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.15 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Hi Michal, On Tue, Dec 20, 2016 at 09:58:31AM +0100, Michal Simek wrote: > This patch is fixing missing fclose() calls > in error patch introduced by: > "tools: mkimage: Use fstat instead of stat to avoid malicious hacks" > (sha1: ebe0f53f48e8f9ecc823e533a85b05c13638c350) > > Reported-by: Coverity (CID: 155064, 155065) > Signed-off-by: Michal Simek > --- > > tools/zynqimage.c | 8 ++++++-- > tools/zynqmpimage.c | 8 ++++++-- > 2 files changed, 12 insertions(+), 4 deletions(-) > > diff --git a/tools/zynqimage.c b/tools/zynqimage.c > index b47132b02a60..021d2d3fc91f 100644 > --- a/tools/zynqimage.c > +++ b/tools/zynqimage.c > @@ -239,11 +239,15 @@ static void zynqimage_parse_initparams(struct zynq_header *zynqhdr, > } > > err = fstat(fileno(fp), &path_stat); > - if (err) > + if (err) { > + fclose(fp); > return; > + } > > - if (!S_ISREG(path_stat.st_mode)) > + if (!S_ISREG(path_stat.st_mode)) { > + fclose(fp); > return; > + } > > do { > r = fscanf(fp, "%x %x", ®init.address, ®init.data); > diff --git a/tools/zynqmpimage.c b/tools/zynqmpimage.c > index 60d8ed23b4a1..0c9a3daddd6a 100644 > --- a/tools/zynqmpimage.c > +++ b/tools/zynqmpimage.c > @@ -251,11 +251,15 @@ static void zynqmpimage_parse_initparams(struct zynqmp_header *zynqhdr, > } > > err = fstat(fileno(fp), &path_stat); > - if (err) > + if (err) { > + fclose(fp); > return; > + } > > - if (!S_ISREG(path_stat.st_mode)) > + if (!S_ISREG(path_stat.st_mode)) { > + fclose(fp); > return; > + } > > do { > r = fscanf(fp, "%x %x", ®init.address, ®init.data); what about something like this? Best regards, ladis (bored waiting for the lunch ;-)) Signed-off-by: Ladislav Michl diff --git a/tools/zynqimage.c b/tools/zynqimage.c index b47132b02a..026e99c00b 100644 --- a/tools/zynqimage.c +++ b/tools/zynqimage.c @@ -228,7 +228,7 @@ static void zynqimage_parse_initparams(struct zynq_header *zynqhdr, FILE *fp; struct zynq_reginit reginit; unsigned int reg_count = 0; - int r, err; + int r; struct stat path_stat; /* Expect a table of register-value pairs, e.g. "0x12345678 0x4321" */ @@ -238,12 +238,10 @@ static void zynqimage_parse_initparams(struct zynq_header *zynqhdr, exit(1); } - err = fstat(fileno(fp), &path_stat); - if (err) - return; - - if (!S_ISREG(path_stat.st_mode)) + if (fstat(fileno(fp), &path_stat) || !S_ISREG(path_stat.st_mode)) { + fclose(fp); return; + } do { r = fscanf(fp, "%x %x", ®init.address, ®init.data); diff --git a/tools/zynqmpimage.c b/tools/zynqmpimage.c index 60d8ed23b4..767e93a2ab 100644 --- a/tools/zynqmpimage.c +++ b/tools/zynqmpimage.c @@ -240,7 +240,7 @@ static void zynqmpimage_parse_initparams(struct zynqmp_header *zynqhdr, FILE *fp; struct zynqmp_reginit reginit; unsigned int reg_count = 0; - int r, err; + int r; struct stat path_stat; /* Expect a table of register-value pairs, e.g. "0x12345678 0x4321" */ @@ -250,12 +250,10 @@ static void zynqmpimage_parse_initparams(struct zynqmp_header *zynqhdr, exit(1); } - err = fstat(fileno(fp), &path_stat); - if (err) - return; - - if (!S_ISREG(path_stat.st_mode)) + if (fstat(fileno(fp), &path_stat) || !S_ISREG(path_stat.st_mode)) { + fclose(fp); return; + } do { r = fscanf(fp, "%x %x", ®init.address, ®init.data);