Page MenuHomeFreeBSD

Fix acpidb CIDs 1011279 (Buffer not null terminated) and 978405 and 1199380 (Resource leak)

Authored by truckman on May 14 2016, 6:27 AM.



load_dsdt() calls strncpy() to copy a filename and Coverity
warns that the destination buffer may not be NUL terminated.
Fix this by using strlcpy() instead. If silent truncation
occurs, then the filename was not valid anyway.

load_dsdt() leaks an fd (CID 978405) and a memory region
allocated using mmap() (CID 1199380) when it returns. Fix
these by calling close() and munmap() as appropriate.

Don't bother fixing the minor memory leak "list", allocated
by AcGetAllTablesFromFile() (CID 1355191).

Check for truncation when creating the temp file name.

Set a flag to indicate that the temp file should be unlinked.
Relying on a strcmp() test could delete the input file in
contrived cases.

Test Plan

Compile and run

Diff Detail

rS FreeBSD src repository
Automatic diff as part of commit; lint not applicable.
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

truckman retitled this revision from to Fix acpidb CIDs 1011279 (Buffer not null terminated) and 978405 and 1199380 (Resource leak).May 14 2016, 6:27 AM
truckman updated this object.
truckman edited the test plan for this revision. (Show Details)
truckman added a reviewer: jkim.
truckman updated this revision to Diff 16328.
jkim edited edge metadata.May 24 2016, 8:34 PM
jkim accepted this revision.
This revision is now accepted and ready to land.May 24 2016, 8:34 PM
This revision was automatically updated to reflect the committed changes.