On 10/04/16 at 07:07am, Madhavan Srinivasan wrote:
> In dt_copy_old_root_param(), FILE * returned
> from fopen is not checked for NULL pointer
> before passinig to fclose(). This could trigger
> a segfault. Patch to fix the same.
>
> Signed-off-by: Madhavan Srinivasan <maddy at linux.vnet.ibm.com>
> ---
> Changelog v2
> -Removed redundant check fp
>
> Changelog v1:
> - Moved the check right after fopen
>
> kexec/fs2dt.c | 26 ++++++++++++++------------
> 1 file changed, 14 insertions(+), 12 deletions(-)
>
> diff --git a/kexec/fs2dt.c b/kexec/fs2dt.c
> index 6ed2399759cf..79aa0f320a5a 100644
> --- a/kexec/fs2dt.c
> +++ b/kexec/fs2dt.c
> @@ -524,19 +524,21 @@ static void dt_copy_old_root_param(void)
> strcpy(filename, pathname);
> strcat(filename, "bootargs");
> fp = fopen(filename, "r");
> - if (fp) {
> - if (getline(&last_cmdline, &len, fp) == -1)
> - die("unable to read %s\n", filename);
> -
> - p = strstr(last_cmdline, "root=");
> - if (p) {
> - old_param = strtok(p, " ");
> - len = strlen(local_cmdline);
> - if (len != 0)
> - strcat(local_cmdline, " ");
> - strcat(local_cmdline, old_param);
> - }
> + if (!fp)
> + return;
> +
> + if (getline(&last_cmdline, &len, fp) == -1)
> + die("unable to read %s\n", filename);
> +
> + p = strstr(last_cmdline, "root=");
> + if (p) {
> + old_param = strtok(p, " ");
> + len = strlen(local_cmdline);
> + if (len != 0)
> + strcat(local_cmdline, " ");
> + strcat(local_cmdline, old_param);
> }
> +
> if (last_cmdline)
> free(last_cmdline);
>
> --
> 2.7.4
>
>
> _______________________________________________
> kexec mailing list
> kexec at lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/kexec
Reviewed-by: Dave Young <dyoung at redhat.com>
Thanks
Dave
