[devel] [PATCH for apt v2 16/21] Don't access uninitialized data
Aleksei Nikiforov
darktemplar на altlinux.org
Чт Дек 12 12:57:25 MSK 2019
Found via clang-static-analyzer:
Logic error: Dereference of null pointer:
Array access (from variable 'v') results in a null pointer dereference
Logic error: Called C++ object pointer is null:
Called C++ object pointer is null
---
apt/methods/http.cc | 25 ++++++++++++++-----------
apt/tools/genpkglist.cc | 12 +++++++-----
2 files changed, 21 insertions(+), 16 deletions(-)
diff --git a/apt/methods/http.cc b/apt/methods/http.cc
index 6b5c2a5..c9a37de 100644
--- a/apt/methods/http.cc
+++ b/apt/methods/http.cc
@@ -844,19 +844,22 @@ bool HttpMethod::ServerDie(ServerState *Srv)
{
unsigned int LErrno = errno;
- // Dump the buffer to the file
- if (Srv->State == ServerState::Data)
+ if (File != 0)
{
- SetNonBlock(File->Fd(),false);
- while (Srv->In.WriteSpace() == true)
+ // Dump the buffer to the file
+ if (Srv->State == ServerState::Data)
{
- auto FileFD = MethodFd::FromFd(File->Fd());
- if (Srv->In.Write(FileFD) == false)
- return _error->Errno("write",_("Error writing to the file"));
-
- // Done
- if (Srv->In.IsLimit() == true)
- return true;
+ SetNonBlock(File->Fd(),false);
+ while (Srv->In.WriteSpace() == true)
+ {
+ auto FileFD = MethodFd::FromFd(File->Fd());
+ if (Srv->In.Write(FileFD) == false)
+ return _error->Errno("write",_("Error writing to the file"));
+
+ // Done
+ if (Srv->In.IsLimit() == true)
+ return true;
+ }
}
}
diff --git a/apt/tools/genpkglist.cc b/apt/tools/genpkglist.cc
index b354a08..2350f6d 100644
--- a/apt/tools/genpkglist.cc
+++ b/apt/tools/genpkglist.cc
@@ -488,8 +488,6 @@ int scandir(const char * dir, struct dirent *** namelist,
}
}
- v[i] = NULL;
-
if (errno != 0)
{
save = errno;
@@ -504,9 +502,13 @@ int scandir(const char * dir, struct dirent *** namelist,
(void) closedir (dp);
errno = save;
- /* Sort the list if we have a comparison function to sort with. */
- if (cmp != NULL)
- qsort (v, i, sizeof (struct dirent *), cmp);
+ if (v != NULL)
+ {
+ v[i] = NULL;
+ /* Sort the list if we have a comparison function to sort with. */
+ if (cmp != NULL)
+ qsort (v, i, sizeof (struct dirent *), cmp);
+ }
*namelist = v;
return i;
--
2.24.1
Подробная информация о списке рассылки Devel