Bug 1247587

Summary: Resource leak in ar.c:extract_file
Product: Red Hat Enterprise Linux 7 Reporter: Miloš Prchlík <mprchlik>
Component: binutilsAssignee: Nick Clifton <nickc>
Status: CLOSED WONTFIX QA Contact: qe-baseos-tools-bugs
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.2CC: ohudlick
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-08-05 09:22:24 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Miloš Prchlík 2015-07-28 11:45:19 UTC 
Description of problem:

Discovered by covscan: http://cov01.lab.eng.brq.redhat.com/covscanhub/waiving/10167/33969/#defects

1009   FILE *ostream;
1010   char *cbuf = (char *) xmalloc (BUFSIZE);
1011   bfd_size_type nread, tocopy;
1012   bfd_size_type ncopied = 0;
1013   bfd_size_type size;
1014   struct stat buf;
1015 
1016   /* PR binutils/17533: Do not allow directory traversal
1017      outside of the current directory tree.  */
1018   if (! is_valid_archive_path (bfd_get_filename (abfd)))
1019     {
1020       non_fatal (_("illegal pathname found in archive member: %s"),
1021                  bfd_get_filename (abfd));
1022       return;
1023     }

In case of !is_valid_archive_path() cbuf stays allocated, leading to a resource leak. Probably not a serious one, though...


Version-Release number of selected component (if applicable):

binutils-2.23.52.0.1-50.el7


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 1 Nick Clifton 2015-08-04 13:56:08 UTC 
Hi Milos,

  The leak is now fixed in the mainline FSF development sources:

https://www.sourceware.org/ml/binutils/2015-08/msg00026.html

  Since the problem is so minor though, I see no reason to import the patch into 7.2 or DTS 4.0.  The fix will eventually makes its way into the DTS 5 sources, which should be soon enough.  Do you agree ?

Cheers
  Nick
Comment 2 Miloš Prchlík 2015-08-05 06:04:30 UTC 
Sounds reasonable.