[libvirt] [PATCH] openvzGetVEID: don't leak (memory + file descriptor)
Eric Blake
eblake at redhat.com
Thu Feb 25 18:53:25 UTC 2010
According to Jim Meyering on 2/25/2010 11:30 AM:
ACK on plugging the leak. However,...
> @@ -979,18 +980,12 @@ int openvzGetVEID(const char *name) {
> return -1;
> }
>
> - if (fscanf(fp, "%d\n", &veid ) != 1) {
> + ok = fscanf(fp, "%d\n", &veid ) == 1;
You're still keeping with fscanf. Isn't that dangerous, since fscanf is
undefined in the presence of integer overflow (that is, if fp sends more
decimal digits than fit in veid)? This seems like one of the reasons that
coreutils completely prohibits *scanf (another being buffer overflow
exploits with %s, but that's not relevant to this chunk of code).
--
Eric Blake eblake at redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 320 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20100225/bc58c7a6/attachment-0001.sig>
More information about the libvir-list
mailing list