Miroirs/slackware-current
1
0
Fork 0
mirror of git://slackware.nl/current.git synced 2024-12-28 09:59:53 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
slackware-current/source/l/v4l-utils/v4l-utils.c82608ca1595427c2bdbd4abb9aca9163e1df60a.patch
Patrick J Volkerding 96cf3289b0 Sun Apr 21 03:36:58 UTC 2019 
a/kernel-generic-4.19.36-x86_64-1.txz:  Upgraded.
a/kernel-huge-4.19.36-x86_64-1.txz:  Upgraded.
a/kernel-modules-4.19.36-x86_64-1.txz:  Upgraded.
d/kernel-headers-4.19.36-x86-1.txz:  Upgraded.
k/kernel-source-4.19.36-noarch-1.txz:  Upgraded.
l/imagemagick-6.9.10_41-x86_64-1.txz:  Upgraded.
l/pycairo-1.18.1-x86_64-1.txz:  Upgraded.
l/pygobject3-3.32.1-x86_64-1.txz:  Upgraded.
l/v4l-utils-1.16.5-x86_64-2.txz:  Rebuilt.
  Reverted commit from upstream git that broke DVB. Thanks to Andrea Peluso.
x/libdrm-2.4.98-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2019-04-21 17:59:45 +02:00

96 lines
2.9 KiB
Diff
Raw Blame History

From c82608ca1595427c2bdbd4abb9aca9163e1df60a Mon Sep 17 00:00:00 2001
From: Sean Young <sean@mess.org>
Date: Sun, 17 Mar 2019 16:13:45 +0000
Subject: libdvbv5: leaks and double free in dvb_fe_open_fname()
dvb_fe_open_fname() takes ownership of fname if the function succeeds, but
also in two of the error paths (e.g. if the ioctl FE_GET_PROPERTY fails).
Adjust dvb_fe_open_fname() so it copies fname rather than taking ownership
(and passing that to params). This makes the code cleaner.
Signed-off-by: Sean Young <sean@mess.org>
diff --git a/lib/libdvbv5/dvb-dev-local.c b/lib/libdvbv5/dvb-dev-local.c
index e98b967..2de9a61 100644
--- a/lib/libdvbv5/dvb-dev-local.c
+++ b/lib/libdvbv5/dvb-dev-local.c
@@ -467,7 +467,7 @@ static struct dvb_open_descriptor
flags &= ~O_NONBLOCK;
}
- ret = dvb_fe_open_fname(parms, strdup(dev->path), flags);
+ ret = dvb_fe_open_fname(parms, dev->path, flags);
if (ret) {
free(open_dev);
return NULL;
diff --git a/lib/libdvbv5/dvb-fe.c b/lib/libdvbv5/dvb-fe.c
index 7dcfa53..514a187 100644
--- a/lib/libdvbv5/dvb-fe.c
+++ b/lib/libdvbv5/dvb-fe.c
@@ -133,7 +133,6 @@ struct dvb_v5_fe_parms *dvb_fe_open_flags(int adapter, int frontend,
int flags)
{
int ret;
- char *fname;
struct dvb_device *dvb;
struct dvb_dev_list *dvb_dev;
struct dvb_v5_fe_parms_priv *parms = NULL;
@@ -153,7 +152,6 @@ struct dvb_v5_fe_parms *dvb_fe_open_flags(int adapter, int frontend,
dvb_dev_free(dvb);
return NULL;
}
- fname = strdup(dvb_dev->path);
if (!strcmp(dvb_dev->bus_addr, "platform:dvbloopback")) {
logfunc(LOG_WARNING, _("Detected dvbloopback"));
@@ -161,14 +159,10 @@ struct dvb_v5_fe_parms *dvb_fe_open_flags(int adapter, int frontend,
}
dvb_dev_free(dvb);
- if (!fname) {
- logfunc(LOG_ERR, _("fname calloc: %s"), strerror(errno));
- return NULL;
- }
+
parms = calloc(sizeof(*parms), 1);
if (!parms) {
logfunc(LOG_ERR, _("parms calloc: %s"), strerror(errno));
- free(fname);
return NULL;
}
parms->p.verbose = verbose;
@@ -183,7 +177,7 @@ struct dvb_v5_fe_parms *dvb_fe_open_flags(int adapter, int frontend,
if (use_legacy_call)
parms->p.legacy_fe = 1;
- ret = dvb_fe_open_fname(parms, fname, flags);
+ ret = dvb_fe_open_fname(parms, dvb_dev->path, flags);
if (ret < 0) {
free(parms);
return NULL;
@@ -203,7 +197,6 @@ int dvb_fe_open_fname(struct dvb_v5_fe_parms_priv *parms, char *fname,
fd = open(fname, flags, 0);
if (fd == -1) {
dvb_logerr(_("%s while opening %s"), strerror(errno), fname);
- free(fname);
return -errno;
}
@@ -226,7 +219,12 @@ int dvb_fe_open_fname(struct dvb_v5_fe_parms_priv *parms, char *fname,
}
}
- parms->fname = fname;
+ parms->fname = strdup(fname);
+ if (!parms->fname) {
+ dvb_logerr(_("fname calloc: %s"), strerror(errno));
+ return -errno;
+ }
+
parms->fd = fd;
parms->fe_flags = flags;
parms->dvb_prop[0].cmd = DTV_API_VERSION;
--
cgit v0.10.2
Reference in a new issue View git blame Copy permalink