[Rpm-maint] [rpm-software-management/rpm] Fix use-after-free introduced in 0f21bdd0d7b2c45564ddb5a24bbebd530867… (#705)

Panu Matilainen notifications at github.com
Tue May 14 10:59:49 UTC 2019


…bd54

Unlike typical fooFree() functions in rpm, Fclose() doesn't set the
pointer to NULL so there's a use-after-free in checking for Ferror()
that segfaults and stuff. Delay Fclose() until the end so we actually
catch io errors too, that was another thing that went missing in
commit 0f21bdd0d7b2c45564ddb5a24bbebd530867bd54 (although it would've
probably caused an error via null digest instead)
You can view, comment on, or merge this pull request online at:

  https://github.com/rpm-software-management/rpm/pull/705

-- Commit Summary --

  * Fix use-after-free introduced in 0f21bdd0d7b2c45564ddb5a24bbebd530867bd54

-- File Changes --

    M rpmio/rpmfileutil.c (2)

-- Patch Links --

https://github.com/rpm-software-management/rpm/pull/705.patch
https://github.com/rpm-software-management/rpm/pull/705.diff

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/705
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20190514/0d86a0be/attachment.html>


More information about the Rpm-maint mailing list