From 68ae639148ca503681c1a69e977d0c952a4d2a40 Mon Sep 17 00:00:00 2001 From: Daniel Golle Date: Sat, 14 Aug 2021 18:09:43 +0100 Subject: libubi: fix several issues discovered by Coverity Coverity CID: 1329896 Out-of-bounds access Coverity CID: 1330127 Resource leak Coverity CID: 1330173 Resource leak Coverity CID: 1330472 Wrong size argument Signed-off-by: Daniel Golle --- libubi/libubi.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/libubi/libubi.c b/libubi/libubi.c index 3328ac8..b6ea1df 100644 --- a/libubi/libubi.c +++ b/libubi/libubi.c @@ -178,8 +178,8 @@ static int read_data(const char *file, void *buf, int buf_len) ((char *)buf)[rd] = '\0'; /* Make sure all data is read */ - tmp1 = read(fd, &tmp, 1); - if (tmp1 == 1) { + tmp1 = read(fd, &tmp, 4); + if (tmp1 < 0) { sys_errmsg("cannot read \"%s\"", file); goto out_error; } @@ -422,11 +422,12 @@ static int vol_node2nums(struct libubi *lib, const char *node, int *dev_num, /* Make sure this UBI volume exists */ sprintf(file, lib->ubi_vol, i, minor - 1); fd = open(file, O_RDONLY); - if (fd == -1) { + if (fd < 0) { errno = ENODEV; return -1; } + close(fd); *dev_num = i; *vol_id = minor - 1; errno = 0; @@ -927,9 +928,10 @@ int ubi_probe_node(libubi_t desc, const char *node) /* This is supposdely an UBI volume device node */ sprintf(file, lib->ubi_vol, i, minor - 1); fd = open(file, O_RDONLY); - if (fd == -1) + if (fd < 0) goto out_not_ubi; + close(fd); return 2; out_not_ubi: @@ -1320,7 +1322,7 @@ int ubi_get_vol_info1(libubi_t desc, int dev_num, int vol_id, info->rsvd_bytes = (long long)info->leb_size * info->rsvd_lebs; ret = vol_read_data(lib->vol_name, dev_num, vol_id, &info->name, - UBI_VOL_NAME_MAX + 2); + UBI_VOL_NAME_MAX + 1); if (ret < 0) return -1; -- cgit v1.2.1