[Bug-tar] [PATCH] wordsplit: avoid leak if WRDSF_NOVAR is not enabled

Sun, 29 Jul 2018 23:37:28 -0700 

Sorry, I meant WRDSF_NOVAR.  Updated patch attached.  It's not very important
issue for GNU tar, but wordsplit.c is meant to be library code - so it's worth
fixing IMO.

Pavel

On Friday, July 27, 2018 5:24:46 PM CEST Pavel Raiskup wrote:
> * lib/wordsplit.c (expvar): Don't copy string returned from
> wordsplit_find_env by strdup(), it's not needed and the value is
> never freed.
> ---
>  lib/wordsplit.c | 10 ++--------
>  1 file changed, 2 insertions(+), 8 deletions(-)
> 
> diff --git a/lib/wordsplit.c b/lib/wordsplit.c
> index f2ecada..a186f2e 100644
> --- a/lib/wordsplit.c
> +++ b/lib/wordsplit.c
> @@ -707,7 +707,6 @@ expvar (struct wordsplit *wsp, const char *str, size_t 
> len,
>    size_t i = 0;
>    const char *defstr = NULL;
>    const char *value;
> -  const char *vptr;
>    struct wordsplit_node *newnode;
>    const char *start = str - 1;
>  
> @@ -770,13 +769,8 @@ expvar (struct wordsplit *wsp, const char *str, size_t 
> len,
>       i   - its length
>       defstr - default replacement str */
>  
> -  vptr = wordsplit_find_env (wsp, str, i);
> -  if (vptr)
> -    {
> -      value = strdup (vptr);
> -      if (!value)
> -     return _wsplt_nomem (wsp);
> -    }
> +  if ((value = wordsplit_find_env (wsp, str, i)))
> +    ; /* returns pointer into wsp->ws_env */
>    else if (wsp->ws_flags & WRDSF_GETVAR)
>      value = wsp->ws_getvar (str, i, wsp->ws_closure);
>    else if (wsp->ws_flags & WRDSF_UNDEF)
> 


>From 364aeb8cdff0f966b8eab7b8abb7036155f4cdb1 Mon Sep 17 00:00:00 2001
From: Pavel Raiskup <[email protected]>
Date: Fri, 27 Jul 2018 17:21:41 +0200
Subject: [PATCH] wordsplit: avoid leak if WRDSF_NOVAR is not enabled

* lib/wordsplit.c (expvar): Don't copy string returned from
wordsplit_find_env by strdup (), it's not needed and the value is
never freed.  The only affected wordsplit () call in tar is in
src/system.c.
---
 lib/wordsplit.c | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/lib/wordsplit.c b/lib/wordsplit.c
index f2ecada..a186f2e 100644
--- a/lib/wordsplit.c
+++ b/lib/wordsplit.c
@@ -707,7 +707,6 @@ expvar (struct wordsplit *wsp, const char *str, size_t len,
   size_t i = 0;
   const char *defstr = NULL;
   const char *value;
-  const char *vptr;
   struct wordsplit_node *newnode;
   const char *start = str - 1;
 
@@ -770,13 +769,8 @@ expvar (struct wordsplit *wsp, const char *str, size_t len,
      i   - its length
      defstr - default replacement str */
 
-  vptr = wordsplit_find_env (wsp, str, i);
-  if (vptr)
-    {
-      value = strdup (vptr);
-      if (!value)
-	return _wsplt_nomem (wsp);
-    }
+  if ((value = wordsplit_find_env (wsp, str, i)))
+    ; /* returns pointer into wsp->ws_env */
   else if (wsp->ws_flags & WRDSF_GETVAR)
     value = wsp->ws_getvar (str, i, wsp->ws_closure);
   else if (wsp->ws_flags & WRDSF_UNDEF)
-- 
2.17.1

Reply via email to