Bug 57 - Unchecked malloc in tracejob in log_path()
: Unchecked malloc in tracejob in log_path()
Status: RESOLVED FIXED
Product: TORQUE
clients
: 2.4.x
: Other Linux
: P5 normal
Assigned To: Al Taufer
:
:
:
  Show dependency treegraph
 
Reported: 2010-05-02 10:50 MDT by Chris Samuel
Modified: 2010-05-03 19:21 MDT (History)
2 users (show)

See Also:


Attachments
Patch to check and report malloc failure in log_path in tracejob (487 bytes, patch)
2010-05-02 10:50 MDT, Chris Samuel
Details | Diff


Note

You need to log in before you can comment on or make changes to this bug.


Description Chris Samuel 2010-05-02 10:50:21 MDT
Created an attachment (id=31) [details]
Patch to check and report malloc failure in log_path in tracejob

At line 831 of log_path() in branches/2.4-fixes/src/tools/tracejob.c there is a
malloc() which is not checked for success leading to a potential crash when it
is used in a strcpy() immediately afterwards.

   filenames[filecount] = malloc(strlen(buf));
   strcpy(filenames[filecount],buf);

I've attached a patch to perror() a message to the user and then return(-1)
which is handled by the caller.

This bug is also present in 2.3-fixes and trunk.
Comment 1 Chris Samuel 2010-05-02 11:00:10 MDT
This bug is also on the 3.0-alpha branch
Comment 2 Al Taufer 2010-05-03 15:45:50 MDT
patch has been checked into the 2.3, 2.4, trunk and 3.0-alpha branches.
Comment 3 Chris Samuel 2010-05-03 19:21:48 MDT
Thanks Al.

Just for future reference I'm now at the University of Melbourne, not VPAC. :-)