[4.1] 79b099d Don't leak a filename in error exits, it upsets Coverity.
Lasse Karstensen
lkarsten at varnish-software.com
Thu Feb 11 17:14:32 CET 2016
commit 79b099d8f191be15f9577627c767dbb52ce6639b
Author: Poul-Henning Kamp <phk at FreeBSD.org>
Date: Tue Feb 2 10:06:50 2016 +0000
Don't leak a filename in error exits, it upsets Coverity.
diff --git a/lib/libvcc/vcc_compile.c b/lib/libvcc/vcc_compile.c
index 87331ff..bd524c5 100644
--- a/lib/libvcc/vcc_compile.c
+++ b/lib/libvcc/vcc_compile.c
@@ -534,6 +534,7 @@ vcc_file_source(const struct vcp * const vcp, struct vsb *sb, const char *fn)
if (VFIL_searchpath(vcp->vcl_path, NULL, &f, fn, &fnp) || f == NULL) {
VSB_printf(sb, "Cannot read file '%s' (%s)\n",
fnp != NULL ? fnp : fn, strerror(errno));
+ REPLACE(fnp, NULL);
return (NULL);
}
sp = vcc_new_source(f, NULL, fnp);
diff --git a/lib/libvcc/vcc_vmod.c b/lib/libvcc/vcc_vmod.c
index 3a522a5..62f39fc 100644
--- a/lib/libvcc/vcc_vmod.c
+++ b/lib/libvcc/vcc_vmod.c
@@ -61,7 +61,7 @@ void
vcc_ParseImport(struct vcc *tl)
{
void *hdl;
- char fn[1024], *fnp;
+ char fn[1024], *fnp, *fnpx;
char buf[256];
struct token *mod, *t1;
struct inifin *ifp;
@@ -130,14 +130,19 @@ vcc_ParseImport(struct vcc *tl)
SkipToken(tl, ';');
if (VFIL_searchpath(tl->param->vmod_path,
- vcc_path_dlopen, &hdl, fn, &fnp)) {
+ vcc_path_dlopen, &hdl, fn, &fnpx)) {
VSB_printf(tl->sb, "Could not load VMOD %.*s\n", PF(mod));
- VSB_printf(tl->sb, "\tFile name: %s\n", fnp != NULL ? fnp : fn);
+ VSB_printf(tl->sb, "\tFile name: %s\n",
+ fnpx != NULL ? fnpx : fn);
VSB_printf(tl->sb, "\tdlerror: %s\n", dlerror());
vcc_ErrWhere(tl, mod);
+ REPLACE(fnpx, NULL);
return;
}
+ fnp = TlDup(tl, fnpx);
+ REPLACE(fnpx, NULL);
+
bprintf(buf, "Vmod_%.*s_Data", PF(mod));
vmd = dlsym(hdl, buf);
if (vmd == NULL) {
@@ -195,7 +200,6 @@ vcc_ParseImport(struct vcc *tl)
VSB_printf(ifp->ini, "\t \"%.*s\",\n", PF(mod));
VSB_printf(ifp->ini, "\t ");
EncString(ifp->ini, fnp, NULL, 0);
- free(fnp);
VSB_printf(ifp->ini, ",\n");
AN(vmd);
AN(vmd->file_id);
More information about the varnish-commit
mailing list