From f7e3aeaf41480a8cfd255dd198f16af9e5e99e5b Mon Sep 17 00:00:00 2001
From: "Andrew G. Morgan" <morgan@kernel.org>
Date: Wed, 21 Apr 2021 20:08:50 -0700
Subject: [PATCH 3/3] Bug fixes identified by static code analysis.
Analysis and much of this commit was contributed by Zoltan
Fridrich of Redhat.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
---
pam_cap/pam_cap.c | 9 ++++-----
progs/capsh.c | 30 ++++++++++++++++++++++--------
2 files changed, 26 insertions(+), 13 deletions(-)
diff --git a/pam_cap/pam_cap.c b/pam_cap/pam_cap.c
index 6927f7b..5b48b06 100644
--- a/pam_cap/pam_cap.c
+++ b/pam_cap/pam_cap.c
@@ -218,7 +218,7 @@ static int set_capabilities(struct pam_cap_s *cs)
if (!cap_set_proc(cap_s)) {
ok = 1;
}
- goto cleanup_cap_s;
+ goto cleanup_conf;
}
iab = cap_iab_from_text(conf_caps);
@@ -238,10 +238,9 @@ cleanup_conf:
_pam_drop(conf_caps);
cleanup_cap_s:
- if (cap_s) {
- cap_free(cap_s);
- cap_s = NULL;
- }
+ cap_free(cap_s);
+ cap_s = NULL;
+
return ok;
}
diff --git a/progs/capsh.c b/progs/capsh.c
index a39ceeb..0507ea4 100644
--- a/progs/capsh.c
+++ b/progs/capsh.c
@@ -336,8 +336,8 @@ static void arg_change_amb(const char *arg_names, cap_flag_value_t set)
*/
static char *find_self(const char *arg0)
{
- int i;
- char *parts, *dir, *scratch;
+ int i, status=1;
+ char *p = NULL, *parts, *dir, *scratch;
const char *path;
for (i = strlen(arg0)-1; i >= 0 && arg0[i] != '/'; i--);
@@ -352,21 +352,35 @@ static char *find_self(const char *arg0)
}
parts = strdup(path);
+ if (parts == NULL) {
+ fprintf(stderr, "insufficient memory for parts of path\n");
+ exit(1);
+ }
+
scratch = malloc(2+strlen(path)+strlen(arg0));
- if (parts == NULL || scratch == NULL) {
+ if (scratch == NULL) {
fprintf(stderr, "insufficient memory for path building\n");
- exit(1);
+ goto free_parts;
}
- for (i=0; (dir = strtok(parts, ":")); parts = NULL) {
+ for (i=0, p = parts; (dir = strtok(p, ":")); p = NULL) {
sprintf(scratch, "%s/%s", dir, arg0);
if (access(scratch, X_OK) == 0) {
- return scratch;
+ status = 0;
+ break;
}
}
+ if (status) {
+ fprintf(stderr, "unable to find executable '%s' in PATH\n", arg0);
+ free(scratch);
+ }
- fprintf(stderr, "unable to find executable '%s' in PATH\n", arg0);
- exit(1);
+free_parts:
+ free(parts);
+ if (status) {
+ exit(status);
+ }
+ return scratch;
}
int main(int argc, char *argv[], char *envp[])
--
2.42.0