diff options
| author | John Beck <john.beck@oracle.com> | 2013-02-18 23:25:01 +0100 |
|---|---|---|
| committer | Matthias Andree <matthias.andree@gmx.de> | 2013-02-18 23:27:08 +0100 |
| commit | e4dd196b137223195739b9e0f50ec2a8a02b3534 (patch) | |
| tree | 3aa4c7e33b5d4a23bbb3b938b56270c6130fbd26 /NEWS | |
| parent | 52c5a71f5ecb67b7ebf6ee0e5862bab2534222eb (diff) | |
| download | fetchmail-e4dd196b137223195739b9e0f50ec2a8a02b3534.tar.gz fetchmail-e4dd196b137223195739b9e0f50ec2a8a02b3534.tar.bz2 fetchmail-e4dd196b137223195739b9e0f50ec2a8a02b3534.zip | |
Minor bug fixes for socket.c
While running a static code analysis tool (Parfait) on fetchmail, it found some
bugs:
Error: Memory leak (CWE 401)
Memory leak of pointer 'plugin_copy' allocated with malloc((plugin_copy_len + 1))
at line 137 of components/fetchmail/fetchmail-6.3.22/socket.c in function 'parse_plugin'.
'plugin_copy' allocated at line 107 with malloc((plugin_copy_len + 1)).
plugin_copy leaks when plugin_copy_offset >= plugin_copy_len at line 114.
Error: Null pointer dereference (CWE 476)
Read from null pointer 'argvec'
at line 189 of components/fetchmail/fetchmail-6.3.22/socket.c in function 'handle_plugin'.
Function 'parse_plugin' may return constant 'NULL' at line 137, called at line 188.
Null pointer introduced at line 137 in function 'parse_plugin'.
at line 190 of components/fetchmail/fetchmail-6.3.22/socket.c in function 'handle_plugin'.
Function 'parse_plugin' may return constant 'NULL' at line 137, called at line 188.
Null pointer introduced at line 137 in function 'parse_plugin'.
(I realize these are on 6.3.22; I checked and verified that this portion of
the code is the same in 6.3.24.)
The attached patch fixes each of these.
(Note by Matthias Andree:
The NULL pointer dereference fix does not require error reporting,
because parse_plugin() will already have reported the out-of-memory
error that causes the NULL to be returned.)
Diffstat (limited to 'NEWS')
0 files changed, 0 insertions, 0 deletions