This patch tries to fix CID 997009 reported by Coverity scan, as
suggested by sekharan
If getgroups() fails, gids might be malloced, and overwritten with &gid.
So the free() at the end of the function is trying to free a variable on
the stack, while the pointer to the allocated memory is lost.
Signed-off-by: Li Zhong <zhong@xxxxxxxxxxxxxxxxxx>
---
quota/quota.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/quota/quota.c b/quota/quota.c
index 7e52ad2..ae9b156 100644
--- a/quota/quota.c
+++ b/quota/quota.c
@@ -292,7 +292,8 @@ quota_group_type(
} else if ( ((ngroups = sysconf(_SC_NGROUPS_MAX)) < 0) ||
((gids = malloc(ngroups * sizeof(gid_t))) == NULL) ||
((ngroups = getgroups(ngroups, gids)) < 0)) {
- dofree = (gids != NULL);
+ if (gids)
+ free(gids);
gid = getgid();
gids = &gid;
ngroups = 1;
--
1.8.1.4
_______________________________________________
xfs mailing list
xfs@xxxxxxxxxxx
http://oss.sgi.com/mailman/listinfo/xfs
