From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from gnu.wildebeest.org (wildebeest.demon.nl [212.238.236.112]) by sourceware.org (Postfix) with ESMTPS id C23E83840C21 for ; Wed, 24 Jun 2020 15:04:21 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org C23E83840C21 Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=klomp.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=mark@klomp.org Received: from tarox.wildebeest.org (tarox.wildebeest.org [172.31.17.39]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by gnu.wildebeest.org (Postfix) with ESMTPSA id 6268730291AB; Wed, 24 Jun 2020 17:04:20 +0200 (CEST) Received: by tarox.wildebeest.org (Postfix, from userid 1000) id 047E44024123; Wed, 24 Jun 2020 17:04:19 +0200 (CEST) Message-ID: <56d15e62857a82b8afe627b9f26e4626901183d2.camel@klomp.org> Subject: Re: [PATCH 07/10] debuginfod: Handle not being able to fopen interval_path. From: Mark Wielaard To: elfutils-devel@sourceware.org Date: Wed, 24 Jun 2020 17:04:19 +0200 In-Reply-To: <20200616222539.29109-7-mark@klomp.org> References: <20200616222539.29109-1-mark@klomp.org> <20200616222539.29109-7-mark@klomp.org> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Mailer: Evolution 3.28.5 (3.28.5-8.el7) Mime-Version: 1.0 X-Spam-Status: No, score=-7.0 required=5.0 tests=BAYES_00, JMQ_SPF_NEUTRAL, KAM_DMARC_STATUS, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=no autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: elfutils-devel@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Elfutils-devel mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Jun 2020 15:04:26 -0000 Hi, On Wed, 2020-06-17 at 00:25 +0200, Mark Wielaard wrote: > Although we check for and/or create the interval_path right before, > there is still a possibility that the fopen call fails. Handle that > as if the file is unreadable. On Wed, 2020-06-17 at 00:25 +0200, Mark Wielaard wrote: > We need to make sure that we can always place a zero terminator at > the end of suffix when we are copying the filename. So add one more > char to the suffix array. And make sure that we can always add an > extra escape character when we need to escape the current character. On Wed, 2020-06-17 at 00:25 +0200, Mark Wielaard wrote: > When is debuginfod_query_server is given an hexadecimal string as > build-id build_id_len will be zero. We were checking the size of > the build_id_bytes destination string instead of the string length > of build_id input string. Make sure the input string is not too > big or strcpy might overwrite then end of the build_id_bytes array. On Wed, 2020-06-17 at 00:25 +0200, Mark Wielaard wrote: > When allocating handle_data we should check for out of memory failures. > Also when the allocation has succeeded make sure we always clean up by > going to out1 on any future errors. So move the curl_multi_init call > earlier, because that goes to out0 on failure. Aaron was nice enough to review these debuginfod related fixes (off- list). Pushed all 4 to master now. Cheers, Mark