Re: [PATCH libdrm] xf86drm: fix valgrind warning in drmParsePciBusInfo

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 13 January 2017 at 11:34, Jan Vesely <jan.vesely@xxxxxxxxxxx> wrote:
> On Thu, 2017-01-12 at 18:16 -0800, Nicholas Miell wrote:
>> From 714d07f600db39498c87d7816f4dd3a7e6d9bbca Mon Sep 17 00:00:00 2001
>> From: Nicholas Miell <nmiell@xxxxxxxxx>
>> Date: Thu, 12 Jan 2017 15:43:07 -0800
>> Subject: [PATCH libdrm] xf86drm: fix valgrind warning in drmParsePciBusInfo
>>
>> The current implementation reads (up to) 513 bytes, overwrites the 513th
>> byte with '\0' and then passes the buffer off to strstr() and sscanf()
>> without ever initializing the middle bytes. This causes valgrind
>> warnings and potentially fails to parse PCI_SLOT_NAME if the uevent is
>> unexpectedly large.
>
> a simpler fix should also get rid of the valgrind warning:
>
> -      ret = read(fd, data, sizeof(data));
> -      data[sizeof(data)-1] = '\0';
> +      ret = read(fd, data, sizeof(data) - 1);
>        close(fd);
>        if (ret < 0)
>            return -errno
> +      data[ret] = '\0';
>
We had this (better imho) patch a week or so ago. In either case the
issue is virtually since (iirc) if the string is malformed we'll bail
out either way.

>
> I think that dynamic memory allocation is still a more robust approach.
>
Yes that might be the better solution, or one could even use
getline(). The latter might be pushing it's only POSIX 2008.

Thanks
Emil
_______________________________________________
dri-devel mailing list
dri-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/dri-devel




[Index of Archives]     [Linux DRI Users]     [Linux Intel Graphics]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [XFree86]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [XFree86]
  Powered by Linux