Re: [Bug-wget] Missing sanity checks for malloc()/calloc()/realloc() in

bug-wget

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] Missing sanity checks for malloc()/calloc()/realloc() in

From:	Tim Ruehsen
Subject:	Re: [Bug-wget] Missing sanity checks for malloc()/calloc()/realloc() in wget-1.1x
Date:	Tue, 14 Apr 2015 15:15:08 +0200
User-agent:	KMail/4.14.2 (Linux/3.16.0-4-amd64; KDE/4.14.2; x86_64; ; )

Thanks, Bill.

I made up a patch to fix warc.c and put your name as 'Reported-by' into the 
commit message. The patch has already been sent to the list.

Regards, Tim

On Saturday 11 April 2015 12:25:35 Bill Parker wrote:
> Hello All,
> 
>    In directory 'src', file 'warc.c', I found some instances where malloc()
> is called, but with no corresponding check for NULL, indicating failure.
> 
> In directory 'lib', in file 'getopt.c', there is a call to malloc()
> at line 521, without a check for a return value of NULL, which would
> indicate failure.  The patch file which corrects this issue is below:
> 
> --- getopt.c.orig       2015-04-10 16:06:03.548095111 -0700
> +++ getopt.c    2015-04-10 16:11:04.544350187 -0700
> @@ -521,6 +521,10 @@
>                {
>                  /* Second or later nonexact match found.  */
>                  struct option_list *newp = malloc (sizeof (*newp));
> +               if (newp == NULL) { /* oops, malloc() failed, now what? */
> +                   /* FIXME - what code do we need here? */
> +                   fprintf(stderr, "Error: Unable to allocate memory for
> newp...\n");
> +               }
>                  newp->p = p;
>                  newp->next = ambig_list;
>                  ambig_list = newp;
> 
> In directory 'lib', file 'regcomp.c', at line 894, there is a call
> to calloc() without a check for a return value of NULL, indicating
> failure.  The patch file below corrects this issue:
> 
> --- regcomp.c.orig      2015-04-10 16:17:40.579684242 -0700
> +++ regcomp.c   2015-04-10 16:19:14.432612466 -0700
> @@ -894,6 +894,8 @@
>        break;
> 
>    dfa->state_table = calloc (sizeof (struct re_state_table_entry),
> table_size);
> +  if (BE (dfa->state_table == NULL, 0)) /* couldn't allocate memory, now
> what? */
> +    return REG_ESPACE;
>    dfa->state_hash_mask = table_size - 1;
> 
>    dfa->mb_cur_max = MB_CUR_MAX;
> 
> I am attaching the patch files to this bug report...
> 
> Bill Parker (wp02855 at gmail dot com)

signature.asc
Description: This is a digitally signed message part.

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug-wget] Missing sanity checks for malloc()/calloc()/realloc() in wget-1.1x, Bill Parker, 2015/04/11
- Re: [Bug-wget] Missing sanity checks for malloc()/calloc()/realloc() in wget-1.1x, Darshit Shah, 2015/04/12
- Re: [Bug-wget] Missing sanity checks for malloc()/calloc()/realloc() in wget-1.1x, Tim Ruehsen <=

Prev by Date: [Bug-wget] [PATCH] Please review
Next by Date: [Bug-wget] no_proxy env ip address range support
Previous by thread: Re: [Bug-wget] Missing sanity checks for malloc()/calloc()/realloc() in wget-1.1x
Next by thread: [Bug-wget] [bug #44816] http/gzip compression
Index(es):
- Date
- Thread