[Rpm-maint] [PATCH 2/3] rpmio: Don't de-ref lzfile which was freed in lzclose()
Panu Matilainen
pmatilai at laiskiainen.org
Tue Oct 11 10:22:19 UTC 2011
On 09/29/2011 10:09 AM, Mukund Sivaraman wrote:
> ---
> rpmio/rpmio.c | 4 +++-
> 1 files changed, 3 insertions(+), 1 deletions(-)
>
> diff --git a/rpmio/rpmio.c b/rpmio/rpmio.c
> index 683d221..2434687 100644
> --- a/rpmio/rpmio.c
> +++ b/rpmio/rpmio.c
> @@ -1176,7 +1176,9 @@ static int lzdClose(FD_t fd)
>
> if (fd) {
> if (rc == -1) {
> - fd->errcookie = strerror(ferror(lzfile->file));
> + fd->errcookie = "lzclose error";
> + fd->syserrno = errno;
> + fd->errcookie = strerror(fd->syserrno);
> }
> }
Applied (also the gitignore ones), thanks for the patches.
Looking around the thing, the whole lzclose() business looks suspicious:
it will return without closing the file or freeing the memory if
lzma_code() or fwrite() fails. While in theory it might be possible to
redeemed fwrite() failure by eg freeing up disk space, but in practise
nothing is going to try Fclose() in a loop. So in case of failures,
it'll just end up leaking memory and file descriptors as it is now...
- Panu -
More information about the Rpm-maint
mailing list