On Fri, Feb 02, 2018 at 03:47:43PM +0000, Bruce Richardson wrote:
> On Fri, Feb 02, 2018 at 07:44:39AM -0500, Neil Horman wrote:
> > On Fri, Feb 02, 2018 at 12:00:58PM +0000, Bruce Richardson wrote:
> > > Coverity flags an issue where the resources used by the FILE object for
> > > the temporary input file are leaked. This is a very minor issue, but is
> > > easily fixed, while also avoiding later problems where we try to close
> > > an invalid file descriptor in the failure case.
> > >
> > > The fix is to use "dup()" to get a new file descriptor number rather than
> > > using the value directly from fileno. This allows us to close the file
> > > opened with tmpfile() within in scope block, while allowing the duplicate
> > > to pass to the outer block and be closed when the function terminates.
> > >
> > > As a side-effect I/O in the function is therefore changed from using stdio
> > > fread/fwrite to read/write system calls.
> > >
> > > Coverity issue: 260399
> > > Fixes: 0d68533617e3 ("pmdinfogen: allow using stdin and stdout")
> > >
> > > Signed-off-by: Bruce Richardson <bruce.richard...@intel.com>
> > > ---
> > > buildtools/pmdinfogen/pmdinfogen.c | 16 ++++++++++------
> > > 1 file changed, 10 insertions(+), 6 deletions(-)
> > >
> > > diff --git a/buildtools/pmdinfogen/pmdinfogen.c
> > > b/buildtools/pmdinfogen/pmdinfogen.c
> > > index 45b267346..0f35ca46b 100644
> > > --- a/buildtools/pmdinfogen/pmdinfogen.c
> > > +++ b/buildtools/pmdinfogen/pmdinfogen.c
> > > @@ -50,20 +50,24 @@ static void *grab_file(const char *filename, unsigned
> > > long *size)
> > > /* from stdin, use a temporary file to mmap */
> > > FILE *infile;
> > > char buffer[1024];
> > > - size_t n;
> > > + int n;
> > >
> > > infile = tmpfile();
> > > if (infile == NULL) {
> > > perror("tmpfile");
> > > return NULL;
> > > }
> > > - while (!feof(stdin)) {
> > > - n = fread(buffer, 1, sizeof(buffer), stdin);
> > > - if (fwrite(buffer, 1, n, infile) != n)
> > > + fd = dup(fileno(infile));
> > > + fclose(infile);
> > > + if (fd < 0)
> > > + return NULL;
> > > +
> > > + n = read(STDIN_FILENO, buffer, sizeof(buffer));
> > > + while (n > 0) {
> > > + if (write(fd, buffer, n) != n)
> > > goto failed;
> > > + n = read(STDIN_FILENO, buffer, sizeof(buffer));
> > > }
> > > - fflush(infile);
> > > - fd = fileno(infile);
> > > }
> > >
> > > if (fstat(fd, &st))
> > > --
> > > 2.14.3
> > >
> > >
> >
> > Wouldn't it be just as good, and easier to check fd for == -1 as a
> > condition of
> > calling close?
> >
> > like
> > failed:
> > if (fd >= 0)
> > close(fd);
> >
> That would fix the problem of calling goto failed with fd set to -1, but
> would not fix the resource issue that coverity was complaining about. We
> were allocating a stdio FILE object, then taking just the fileno of it
> and letting the file number go out of scope. This cleans this that up,
s/file number/FILE object ptr/
> so that we just use file numbers and properly close the FILE * once it's
> outlived its usefulness.
>
> BTW: I did investigate using open and O_TMPFILE in place of tmpfile()
> call, but while it would work great on Linux, it's not available
> elsewhere, so tmpfile looks the best option.
>
> Regards,
> /Bruce
