diff options
| author | Corinna Vinschen <corinna@vinschen.de> | 2014-05-20 15:20:02 +0400 |
|---|---|---|
| committer | Corinna Vinschen <corinna@vinschen.de> | 2014-05-20 15:20:02 +0400 |
| commit | 9c9f0ee802b1132cebd12679cb9398ae9d96dcc3 (patch) | |
| tree | a2757606461f3a7ff061d9d4bd83cac0ea0c0480 /winsup | |
| parent | 3ccae7b681dfa1d1fc9cdeae8cbe74e82664563f (diff) | |
* fhandler_process.cc (get_mem_values): Rearrange code slightly to
avoid resource leakage (CID 59973).
(format_process_stat): Drop temporary variable wcmd and avoid
string copy without length check (CID 60050).
(format_process_status): Ditto (CID 60051).
Diffstat (limited to 'winsup')
| -rw-r--r-- | winsup/cygwin/ChangeLog | 8 | ||||
| -rw-r--r-- | winsup/cygwin/fhandler_process.cc | 20 |
2 files changed, 17 insertions, 11 deletions
diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index b128aabfb..202a6cfb0 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,5 +1,13 @@ 2014-05-20 Corinna Vinschen <corinna@vinschen.de> + * fhandler_process.cc (get_mem_values): Rearrange code slightly to + avoid resource leakage (CID 59973). + (format_process_stat): Drop temporary variable wcmd and avoid + string copy without length check (CID 60050). + (format_process_status): Ditto (CID 60051). + +2014-05-20 Corinna Vinschen <corinna@vinschen.de> + * fhandler_proc.cc (format_proc_swaps): Use tmp_pathbuf for filename, rather than allocating and forgetting to free (CID 59982). diff --git a/winsup/cygwin/fhandler_process.cc b/winsup/cygwin/fhandler_process.cc index fa628a65e..a6e326cd3 100644 --- a/winsup/cygwin/fhandler_process.cc +++ b/winsup/cygwin/fhandler_process.cc @@ -946,7 +946,6 @@ format_process_stat (void *data, char *&destbuf) { _pinfo *p = (_pinfo *) data; char cmd[NAME_MAX + 1]; - WCHAR wcmd[NAME_MAX + 1]; int state = 'R'; unsigned long fault_count = 0UL, utime = 0UL, stime = 0UL, @@ -958,8 +957,8 @@ format_process_stat (void *data, char *&destbuf) else { PWCHAR last_slash = wcsrchr (p->progname, L'\\'); - wcscpy (wcmd, last_slash ? last_slash + 1 : p->progname); - sys_wcstombs (cmd, NAME_MAX + 1, wcmd); + sys_wcstombs (cmd, NAME_MAX + 1, + last_slash ? last_slash + 1 : p->progname); int len = strlen (cmd); if (len > 4) { @@ -1070,14 +1069,13 @@ format_process_status (void *data, char *&destbuf) { _pinfo *p = (_pinfo *) data; char cmd[NAME_MAX + 1]; - WCHAR wcmd[NAME_MAX + 1]; int state = 'R'; const char *state_str = "unknown"; - unsigned long vmsize = 0UL, vmrss = 0UL, vmdata = 0UL, vmlib = 0UL, vmtext = 0UL, - vmshare = 0UL; + unsigned long vmsize = 0UL, vmrss = 0UL, vmdata = 0UL, vmlib = 0UL, + vmtext = 0UL, vmshare = 0UL; + PWCHAR last_slash = wcsrchr (p->progname, L'\\'); - wcscpy (wcmd, last_slash ? last_slash + 1 : p->progname); - sys_wcstombs (cmd, NAME_MAX + 1, wcmd); + sys_wcstombs (cmd, NAME_MAX + 1, last_slash ? last_slash + 1 : p->progname); int len = strlen (cmd); if (len > 4) { @@ -1345,9 +1343,6 @@ get_mem_values (DWORD dwProcessId, unsigned long *vmsize, unsigned long *vmrss, PMEMORY_WORKING_SET_LIST p; SIZE_T n = 0x4000, length; - p = (PMEMORY_WORKING_SET_LIST) malloc (n); - if (!p) - return false; hProcess = OpenProcess (PROCESS_QUERY_INFORMATION, FALSE, dwProcessId); if (hProcess == NULL) { @@ -1355,6 +1350,9 @@ get_mem_values (DWORD dwProcessId, unsigned long *vmsize, unsigned long *vmrss, debug_printf ("OpenProcess, %E"); return false; } + p = (PMEMORY_WORKING_SET_LIST) malloc (n); + if (!p) + goto out; while (true) { status = NtQueryVirtualMemory (hProcess, 0, MemoryWorkingSetList, |