diff options
author | Mike Frysinger <vapier@gentoo.org> | 2015-09-20 02:57:54 -0400 |
---|---|---|
committer | Mike Frysinger <vapier@gentoo.org> | 2015-09-20 02:57:54 -0400 |
commit | 167ded327a715f6378942f668f326ebc26f15d1a (patch) | |
tree | 2c8004050879338c17040d1f2ba8290f80bd992c | |
parent | libsbutil: undef memory redirect calls (diff) | |
download | sandbox-167ded327a715f6378942f668f326ebc26f15d1a.tar.gz sandbox-167ded327a715f6378942f668f326ebc26f15d1a.tar.bz2 sandbox-167ded327a715f6378942f668f326ebc26f15d1a.zip |
libsandbox: egetcwd: fix handling of NULL inputs
We don't want to let the C library do the memory allocation for us when
buf==NULL as it won't use our memory functions, so when we try to call
our free on it, we get corruption. Handle the automatic allocation in
the code directly.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
-rw-r--r-- | libsandbox/libsandbox.c | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c index 4f4589f..3bd3794 100644 --- a/libsandbox/libsandbox.c +++ b/libsandbox/libsandbox.c @@ -306,7 +306,16 @@ static char *resolve_path(const char *path, int follow_link) char *egetcwd(char *buf, size_t size) { struct stat st; - char *tmpbuf, *oldbuf = buf; + char *tmpbuf; + + /* We can't let the C lib allocate memory for us since we have our + * own local routines to handle things. + */ + bool allocated = (buf == NULL); + if (allocated) { + size = SB_PATH_MAX; + buf = xmalloc(size); + } /* If tracing a child, our cwd may not be the same as the child's */ if (trace_pid) { @@ -354,9 +363,9 @@ char *egetcwd(char *buf, size_t size) errno = ENAMETOOLONG; if (errno && errno != EACCES) { - /* If getcwd() allocated the buffer, free it. */ - if (NULL == oldbuf) - free(tmpbuf); + /* If getcwd() allocated the buffer, free it. */ + if (allocated) + free(buf); /* Not sure if we should quit here, but I guess if * lstat() fails, getcwd could have messed up. Not @@ -368,6 +377,9 @@ char *egetcwd(char *buf, size_t size) restore_errno(); } else if (errno != 0) { + /* If getcwd() allocated the buffer, free it. */ + if (allocated) + free(buf); /* Make sure we do not return garbage if the current libc or * kernel's getcwd() is buggy. |