Bug 57 – Unchecked malloc in tracejob in log_path()

Bug 57 - Unchecked malloc in tracejob in log_path()

Summary:

Unchecked malloc in tracejob in log_path()

Status:	RESOLVED FIXED

Product:	TORQUE
Component:	clients
Version:	2.4.x
Platform:	Other Linux

Importance:	P5 normal
Assigned To:	Al Taufer

URL:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2010-05-02 10:50 MDT by Chris Samuel
Modified:	2010-05-03 19:21 MDT (History)
CC List:	2 users (show)

See Also:

Attachments
Patch to check and report malloc failure in log_path in tracejob (487 bytes, patch) 2010-05-02 10:50 MDT, Chris Samuel	Details \| Diff
Add an attachment (proposed patch, testcase, etc.)

Note

You need to log in before you can comment on or make changes to this bug.

Description Chris Samuel 2010-05-02 10:50:21 MDT

Created an attachment (id=31) [details]
Patch to check and report malloc failure in log_path in tracejob

At line 831 of log_path() in branches/2.4-fixes/src/tools/tracejob.c there is a
malloc() which is not checked for success leading to a potential crash when it
is used in a strcpy() immediately afterwards.

   filenames[filecount] = malloc(strlen(buf));
   strcpy(filenames[filecount],buf);

I've attached a patch to perror() a message to the user and then return(-1)
which is handled by the caller.

This bug is also present in 2.3-fixes and trunk.

Comment 1 Chris Samuel 2010-05-02 11:00:10 MDT

This bug is also on the 3.0-alpha branch

Comment 2 Al Taufer 2010-05-03 15:45:50 MDT

patch has been checked into the 2.3, 2.4, trunk and 3.0-alpha branches.

Comment 3 Chris Samuel 2010-05-03 19:21:48 MDT

Thanks Al.

Just for future reference I'm now at the University of Melbourne, not VPAC. :-)