diff options
| author |   Mike Frysinger <vapier@gentoo.org> | 2008-11-16 16:50:05 +0000 |
|---|---|---|
| committer | Mike Frysinger <vapier@gentoo.org> | 2008-11-16 16:50:05 +0000 |
| commit | 743ea3da313d82b7fe40d7ea340c137a63aa2689 (patch) | |
| tree | e9720655f34362aab84bdba6f6cbc23d3578e220 | |
| parent | .gitignore: ignore .gdb_history files (diff) | |
| download | sandbox-743ea3da313d82b7fe40d7ea340c137a63aa2689.tar.gz sandbox-743ea3da313d82b7fe40d7ea340c137a63aa2689.tar.bz2 sandbox-743ea3da313d82b7fe40d7ea340c137a63aa2689.zip | |
libsandbox: resolve_path(): save/restore errno in all cases and dont leak memory
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
| -rw-r--r-- | libsandbox/libsandbox.c | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c index 4c3ba0f..c695ba2 100644 --- a/libsandbox/libsandbox.c +++ b/libsandbox/libsandbox.c @@ -187,27 +187,30 @@ int canonicalize(const char *path, char *resolved_path) static char *resolve_path(const char *path, int follow_link) { - int old_errno = errno; - char tmp_str1[SB_PATH_MAX], tmp_str2[SB_PATH_MAX]; char *dname, *bname; char *filtered_path; if (NULL == path) return NULL; + save_errno(); + filtered_path = xmalloc(SB_PATH_MAX * sizeof(char)); if (NULL == filtered_path) return NULL; if (0 == follow_link) { - if (-1 == canonicalize(path, filtered_path)) - return NULL; + if (-1 == canonicalize(path, filtered_path)) { + free(filtered_path); + filtered_path = NULL; + } } else { /* Basically we get the realpath which should resolve symlinks, * etc. If that fails (might not exist), we try to get the * realpath of the parent directory, as that should hopefully * exist. If all else fails, just go with canonicalize */ if (NULL == realpath(path, filtered_path)) { + char tmp_str1[SB_PATH_MAX]; snprintf(tmp_str1, SB_PATH_MAX, "%s", path); dname = dirname(tmp_str1); @@ -216,9 +219,12 @@ static char *resolve_path(const char *path, int follow_link) * parent directory */ if (NULL == realpath(dname, filtered_path)) { /* Fall back to canonicalize */ - if (-1 == canonicalize(path, filtered_path)) - return NULL; + if (-1 == canonicalize(path, filtered_path)) { + free(filtered_path); + filtered_path = NULL; + } } else { + char tmp_str2[SB_PATH_MAX]; /* OK, now add the basename to keep our access * checking happy (don't want '/usr/lib' if we * tried to do something with non-existing @@ -234,7 +240,7 @@ static char *resolve_path(const char *path, int follow_link) } } - errno = old_errno; + restore_errno(); return filtered_path; } |