diff options
author | Jarkko Hietaniemi <jhi@iki.fi> | 2014-05-29 12:36:28 -0400 |
---|---|---|
committer | Jarkko Hietaniemi <jhi@iki.fi> | 2014-05-29 12:37:38 -0400 |
commit | 375ed12a42c6092b1af1d8e395bf3dadd9a66e48 (patch) | |
tree | 2719822ab13ccf099d01e8818f6e6e36a9e67cb5 /ext/PerlIO-mmap/mmap.xs | |
parent | 316ebaf2966c5b6fd47a9d1dc6fb64fcbd262379 (diff) | |
download | perl-375ed12a42c6092b1af1d8e395bf3dadd9a66e48.tar.gz |
fcntl receiving -1 from fileno, fcntl failing.
(Also very few spots of negative numgroups for getgroups(),
and fgetc() return, but almost all checking is for fcntl.)
(merged fix for perl #121743 and perl #121745: hopefully
picked up all the fixes-to-fixes from the ticket...)
Fix for Coverity perl5 CIDs 28990..29003,29005..29011,29013,
45354,45363,49926:
Argument cannot be negative (NEGATIVE_RETURNS) fd is
passed to a parameter that cannot be negative.
and CIDs 29004, 29012:
Argument cannot be negative (NEGATIVE_RETURNS)
num_groups is passed to a parameter that cannot be negative
and because of CIDs 29005 and 29006 also CID 28924.
In the first set of issues a fd is retrieved from PerlIO_fileno, and
that is then used in places like fstat(), fchown(), dup(), etc.,
without checking whether the fd is valid (>=0).
In the second set of issues a potentially negative
number is potentially passed to getgroups().
The CIDs 29005 and 29006 were a bit messy: fixing them needed also
resolving CID 28924 where the return value of fstat() was ignored,
and for completeness adding two croak calls (with perldiag updates):
a bit of a waste since it's suidperl code.
Diffstat (limited to 'ext/PerlIO-mmap/mmap.xs')
-rw-r--r-- | ext/PerlIO-mmap/mmap.xs | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/ext/PerlIO-mmap/mmap.xs b/ext/PerlIO-mmap/mmap.xs index 4c96da84f7..6632544c76 100644 --- a/ext/PerlIO-mmap/mmap.xs +++ b/ext/PerlIO-mmap/mmap.xs @@ -40,8 +40,12 @@ PerlIOMmap_map(pTHX_ PerlIO *f) abort(); if (flags & PERLIO_F_CANREAD) { PerlIOBuf * const b = PerlIOSelf(f, PerlIOBuf); - const int fd = PerlIO_fileno(f); Stat_t st; + const int fd = PerlIO_fileno(f); + if (fd < 0) { + SETERRNO(EBADF,RMS_IFI); + return -1; + } code = Fstat(fd, &st); if (code == 0 && S_ISREG(st.st_mode)) { SSize_t len = st.st_size - b->posn; |