diff options
| author | Jarkko Hietaniemi <jhi@iki.fi> | 2014-05-29 12:36:28 -0400 |
|---|---|---|
| committer | Jarkko Hietaniemi <jhi@iki.fi> | 2014-05-29 12:37:38 -0400 |
| commit | 375ed12a42c6092b1af1d8e395bf3dadd9a66e48 (patch) | |
| tree | 2719822ab13ccf099d01e8818f6e6e36a9e67cb5 /mg.c | |
| parent | 316ebaf2966c5b6fd47a9d1dc6fb64fcbd262379 (diff) | |
| download | perl-375ed12a42c6092b1af1d8e395bf3dadd9a66e48.tar.gz | |
fcntl receiving -1 from fileno, fcntl failing.
(Also very few spots of negative numgroups for getgroups(),
and fgetc() return, but almost all checking is for fcntl.)
(merged fix for perl #121743 and perl #121745: hopefully
picked up all the fixes-to-fixes from the ticket...)
Fix for Coverity perl5 CIDs 28990..29003,29005..29011,29013,
45354,45363,49926:
Argument cannot be negative (NEGATIVE_RETURNS) fd is
passed to a parameter that cannot be negative.
and CIDs 29004, 29012:
Argument cannot be negative (NEGATIVE_RETURNS)
num_groups is passed to a parameter that cannot be negative
and because of CIDs 29005 and 29006 also CID 28924.
In the first set of issues a fd is retrieved from PerlIO_fileno, and
that is then used in places like fstat(), fchown(), dup(), etc.,
without checking whether the fd is valid (>=0).
In the second set of issues a potentially negative
number is potentially passed to getgroups().
The CIDs 29005 and 29006 were a bit messy: fixing them needed also
resolving CID 28924 where the return value of fstat() was ignored,
and for completeness adding two croak calls (with perldiag updates):
a bit of a waste since it's suidperl code.
Diffstat (limited to 'mg.c')
| -rw-r--r-- | mg.c | 15 |
1 files changed, 9 insertions, 6 deletions
@@ -1120,12 +1120,15 @@ Perl_magic_get(pTHX_ SV *sv, MAGIC *mg) #ifdef HAS_GETGROUPS { Groups_t *gary = NULL; - I32 i, num_groups = getgroups(0, gary); - Newx(gary, num_groups, Groups_t); - num_groups = getgroups(num_groups, gary); - for (i = 0; i < num_groups; i++) - Perl_sv_catpvf(aTHX_ sv, " %"IVdf, (IV)gary[i]); - Safefree(gary); + I32 i; + I32 num_groups = getgroups(0, gary); + if (num_groups > 0) { + Newx(gary, num_groups, Groups_t); + num_groups = getgroups(num_groups, gary); + for (i = 0; i < num_groups; i++) + Perl_sv_catpvf(aTHX_ sv, " %"IVdf, (IV)gary[i]); + Safefree(gary); + } } (void)SvIOK_on(sv); /* what a wonderful hack! */ #endif |