Re: [PATCH 3/3] BUG/MINOR: compression: handle a possible strdup() failure

Fri, 27 Dec 2024 13:19:08 -0800 

here's v2

чт, 26 дек. 2024 г. в 14:04, Илья Шипицин <chipits...@gmail.com>:

> ok, I'll try to handle such leaks better
>
> чт, 26 дек. 2024 г. в 11:06, Willy Tarreau <w...@1wt.eu>:
>
>> Hi Ilya,
>>
>> On Wed, Dec 25, 2024 at 10:10:12PM +0100, Ilia Shipitsin wrote:
>> > This defect was found by the coccinelle script "unchecked-strdup.cocci".
>> > It can be backported to all supported branches.
>> > ---
>> >  src/compression.c | 2 ++
>> >  1 file changed, 2 insertions(+)
>> >
>> > diff --git a/src/compression.c b/src/compression.c
>> > index a4464e09b..edf5553c1 100644
>> > --- a/src/compression.c
>> > +++ b/src/compression.c
>> > @@ -119,6 +119,8 @@ int comp_append_type(struct comp_type **types,
>> const char *type)
>> >               return 1;
>> >       comp_type->name_len = strlen(type);
>> >       comp_type->name = strdup(type);
>> > +     if (!comp_type->name)
>> > +             return 1;
>> >       comp_type->next = *types;
>> >       *types = comp_type;
>> >       return 0;
>>
>> For this one we must free comp_type before returning, since it was
>> allocated earlier. As in the previous series it could also be done
>> using jumps:
>>
>>     comp_type = calloc();
>>     if (!comp_type)
>>         goto fail;
>>     ...
>>     comp_type->name = strdup(type);
>>     if (!comp_type->name)
>>         goto fail_free_comp_type;
>>     ...
>>     return 0;
>> fail_free_comp_type:
>>     free(comp_type);
>> fail:
>>     return 1;
>>
>> The function is short so either solutions are fine to me, that's as
>> you prefer.
>>
>> Thanks!
>> Willy
>>
>

From a927ea1c7de6684ad1e650f5d1243321c17057d6 Mon Sep 17 00:00:00 2001
From: Ilia Shipitsin <chipits...@gmail.com>
Date: Fri, 27 Dec 2024 21:55:07 +0100
Subject: [PATCH 2/3] BUG/MINOR: pool: handle a possible strdup() failure

This defect was found by the coccinelle script "unchecked-strdup.cocci".
It can be backported to all supported branches.
---
 src/pool.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/pool.c b/src/pool.c
index f4a4af100..d653ac3c9 100644
--- a/src/pool.c
+++ b/src/pool.c
@@ -1373,6 +1373,8 @@ static int cli_parse_show_pools(char **args, char 
*payload, struct appctx *appct
                }
                else if (strcmp(args[arg], "match") == 0 && *args[arg+1]) {
                        ctx->prefix = strdup(args[arg+1]); // only pools 
starting with this
+                       if (!ctx->prefix)
+                               return cli_err(appctx, "Out of memory.\n");
                        arg++;
                }
                else if (isdigit((unsigned char)*args[arg])) {
-- 
2.46.0.windows.1


From 0ae39dc82021b7f360a2c2dbd8418d64ca3a4b93 Mon Sep 17 00:00:00 2001
From: Ilia Shipitsin <chipits...@gmail.com>
Date: Fri, 27 Dec 2024 21:55:38 +0100
Subject: [PATCH 3/3] BUG/MINOR: cfgparse-tcp: handle a possible strdup()
 failure

This defect was found by the coccinelle script "unchecked-strdup.cocci".
It can be backported to all supported branches.
---
 src/cfgparse-tcp.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/cfgparse-tcp.c b/src/cfgparse-tcp.c
index 2f68daf1c..2c214f3d8 100644
--- a/src/cfgparse-tcp.c
+++ b/src/cfgparse-tcp.c
@@ -144,6 +144,10 @@ static int bind_parse_interface(char **args, int cur_arg, 
struct proxy *px, stru
 
        ha_free(&conf->settings.interface);
        conf->settings.interface = strdup(args[cur_arg + 1]);
+       if (!conf->settings.interface) {
+               memprintf(err, "'%s %s' : out of memory", args[cur_arg], 
args[cur_arg + 1]);
+               return ERR_ALERT | ERR_FATAL;
+       }
        return 0;
 }
 #endif
-- 
2.46.0.windows.1


From a984a2793697f05d3f37137d851d8377a027ed39 Mon Sep 17 00:00:00 2001
From: Ilia Shipitsin <chipits...@gmail.com>
Date: Fri, 27 Dec 2024 21:45:32 +0100
Subject: [PATCH 1/3] BUG/MINOR: compression: handle a possible strdup()
 failure

This defect was found by the coccinelle script "unchecked-strdup.cocci".
It can be backported to all supported branches.
---
 src/compression.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/compression.c b/src/compression.c
index a4464e09b..1fe5aec3b 100644
--- a/src/compression.c
+++ b/src/compression.c
@@ -116,12 +116,19 @@ int comp_append_type(struct comp_type **types, const char 
*type)
 
        comp_type = calloc(1, sizeof(*comp_type));
        if (!comp_type)
-               return 1;
+               goto fail;
        comp_type->name_len = strlen(type);
        comp_type->name = strdup(type);
+       if (!comp_type->name)
+               goto fail_free_comp_type;
        comp_type->next = *types;
        *types = comp_type;
        return 0;
+
+fail_free_comp_type:
+       free(comp_type);
+fail:
+       return 1;
 }
 
 /*
-- 
2.46.0.windows.1

Reply via email to