From 8431e478d2f74ebf0bcfd2bc4c71e3c391fc7753 Mon Sep 17 00:00:00 2001 From: Corinna Vinschen Date: Mon, 23 Jun 2014 19:05:15 +0000 Subject: * spawn.cc (find_exec): Initialize err (CID 60111). * strace.cc (strace::activate): Fix potential buffer overrun (CID 59938) * syscalls.cc (popen): Close parent pipe descriptor via fclosing fp on error to avoid resource leak (CID 59981). * thread.cc (pthread::exit): Avoid accessing cygtls member after deleting "this" (CID 60217). --- winsup/cygwin/ChangeLog | 9 +++++++++ winsup/cygwin/spawn.cc | 2 +- winsup/cygwin/strace.cc | 3 ++- winsup/cygwin/syscalls.cc | 13 +++++++++++-- winsup/cygwin/thread.cc | 3 ++- 5 files changed, 25 insertions(+), 5 deletions(-) (limited to 'winsup/cygwin') diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index aedd345be..c55b34bcc 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,3 +1,12 @@ +2014-06-23 Corinna Vinschen + + * spawn.cc (find_exec): Initialize err (CID 60111). + * strace.cc (strace::activate): Fix potential buffer overrun (CID 59938) + * syscalls.cc (popen): Close parent pipe descriptor via fclosing fp on + error to avoid resource leak (CID 59981). + * thread.cc (pthread::exit): Avoid accessing cygtls member after + deleting "this" (CID 60217). + 2014-06-23 Corinna Vinschen * select.cc (start_thread_socket): Delete si on early return in case of diff --git a/winsup/cygwin/spawn.cc b/winsup/cygwin/spawn.cc index 0482a68c8..d1b1fbad6 100644 --- a/winsup/cygwin/spawn.cc +++ b/winsup/cygwin/spawn.cc @@ -94,7 +94,7 @@ find_exec (const char *name, path_conv& buf, const char *mywinenv, char *tmp = tp.c_get (); const char *posix = (opt & FE_NATIVE) ? NULL : name; bool has_slash = !!strpbrk (name, "/\\"); - int err; + int err = 0; /* Check to see if file can be opened as is first. Win32 systems always check . first, but PATH may not be set up to diff --git a/winsup/cygwin/strace.cc b/winsup/cygwin/strace.cc index 3d54c10e9..9d1c3c27f 100644 --- a/winsup/cygwin/strace.cc +++ b/winsup/cygwin/strace.cc @@ -50,7 +50,8 @@ strace::activate (bool isfork) } else { - GetModuleFileNameW (NULL, progname_buf, sizeof (myself->progname)); + GetModuleFileNameW (NULL, progname_buf, + sizeof progname_buf / sizeof (WCHAR)); __small_sprintf (pidbuf, "(windows pid %u)", GetCurrentProcessId ()); progname = progname_buf; } diff --git a/winsup/cygwin/syscalls.cc b/winsup/cygwin/syscalls.cc index de8cf119c..9edacd520 100644 --- a/winsup/cygwin/syscalls.cc +++ b/winsup/cygwin/syscalls.cc @@ -4355,8 +4355,17 @@ popen (const char *command, const char *in_type) /* If we reach here we've seen an error but the pipe handles are open. Close them and return NULL. */ int save_errno = get_errno (); - close (fds[0]); - close (fds[1]); + if (fp) + { + /* Must fclose fp to avoid memory leak. */ + fclose (fp); + close (fds[myix ^ 1]); + } + else + { + close (fds[0]); + close (fds[1]); + } set_errno (save_errno); #undef rw diff --git a/winsup/cygwin/thread.cc b/winsup/cygwin/thread.cc index 8cec7fba2..e411301cb 100644 --- a/winsup/cygwin/thread.cc +++ b/winsup/cygwin/thread.cc @@ -511,6 +511,7 @@ void pthread::exit (void *value_ptr) { class pthread *thread = this; + bool is_main_tls = (cygtls == _main_tls); // Check cygtls before deleting this // run cleanup handlers pop_all_cleanup_handlers (); @@ -536,7 +537,7 @@ pthread::exit (void *value_ptr) ::exit (0); else { - if (cygtls == _main_tls) + if (is_main_tls) { _cygtls *dummy = (_cygtls *) malloc (sizeof (_cygtls)); *dummy = *_main_tls; -- cgit v1.2.3