On Friday, July 13, 2012 11:12:57 AM Kent Yoder wrote:
> >> The hunk above shouldn't be necessary. I'm guessing that the static
> >>
> >> analysis tool was fooled by the fact that we get here through a
> >> function pointer, but the fp arg is always checked prior to getting in
> >> here. This hunk also breaks the code where cur = list. I'll leave
> >> this hunk out.
> >
> > Well, what its doing is seeing that there is a check for fp being NULL.
> > So, it assumes that this is a possible value. And if that's the case, the
> > calloc() for list doesn't have a matching free() for list at this exit
> > point.
> >
> > Just placing a free for list in the error exit would make the analyser
> > happy. But I thought if fp was NULL and we are going to exit, why call
> > calloc() in the first place?
>
> fp should never be null, but I agree its silly to alloc before the
> check. How about this:
Sure. That should make the analyser happy next time.
Thanks,
-Steve
> diff --git a/src/tcs/tcs_evlog_imaem.c b/src/tcs/tcs_evlog_imaem.c
> index fbdd29a..0b4922c 100644
> --- a/src/tcs/tcs_evlog_imaem.c
> +++ b/src/tcs/tcs_evlog_imaem.c
> @@ -80,27 +80,27 @@ ima_get_entries_by_pcr(FILE *handle, UINT32
> pcr_index, UINT32 first,
> char page[IMA_READ_SIZE];
> int error_path = 1, ptr = 0;
> UINT32 copied_events = 0, i;
> - struct event_wrapper *list = calloc(1, sizeof(struct event_wrapper));
> - struct event_wrapper *cur = list;
> + struct event_wrapper *list, *cur;
> TSS_RESULT result = TCSERR(TSS_E_INTERNAL_ERROR);
> FILE *fp = (FILE *) handle;
> uint len;
> char name[255];
>
> + if (!fp) {
> + LogError("File handle is NULL!\n");
> + return 1;
> + }
> +
> + if (*count == 0)
> + return TSS_SUCCESS;
> +
> + list = calloc(1, sizeof(struct event_wrapper));
> if (list == NULL) {
> LogError("malloc of %zd bytes failed.", sizeof(struct
event_wrapper));
> return TCSERR(TSS_E_OUTOFMEMORY);
> }
> + cur = list;
>
> - if (*count == 0) {
> - result = TSS_SUCCESS;
> - goto free_list;
> - }
> -
> - if (!fp) {
> - perror("unable to open file\n");
> - return 1;
> - }
> rewind(fp);
>
> while (fread(page, 24, 1, fp)) {
>
> > -Steve
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
TrouSerS-tech mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-tech
