Hi,
Please review proposed fixes of issues found by static analysis
of texinfo-7.1 in the attached patch and consider applying them.
During the investigation I stumbled on this chunk of code
in install-info.c (starting by line 831):
if (fclose (f) < 0)
return 0;
f2 = freopen (*opened_filename, FOPEN_RBIN, stdin);
---> if (!f)
return 0;
f = popen (command, "r");
fclose (f2);
if (!f)
{
/* Used for error message in calling code. */
*opened_filename = command;
return 0;
}
The marked line seems suspicious - I guess there's a typo and 'f2'
should be tested instead of 'f' in the condition.
But this is _not_ changed in proposed patch, just a heads-up here.
Best regards
VitaFrom e807d95e3422b1b45b6ec9d3b6b0f559c136fa5f Mon Sep 17 00:00:00 2001
From: Vitezslav Crhonek <[email protected]>
Date: Tue, 15 Oct 2024 10:51:07 +0200
Subject: [PATCH 1/7] * info/makedoc.c: fix possible integer overflow
---
info/makedoc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/info/makedoc.c b/info/makedoc.c
index 6810d4d228..9f525df110 100644
--- a/info/makedoc.c
+++ b/info/makedoc.c
@@ -296,7 +296,7 @@ process_one_file (char *filename, FILE *doc_stream, FILE *funs_stream)
char *func, *doc;
char *func_name;
- for (; offset < (file_size - decl_len); offset++)
+ for (; offset < (file_size - decl_len) && offset < (LONG_MAX - decl_len); offset++)
{
if (buffer[offset] == '\n')
{
--
2.47.0
From aae25e4335fa4127b9c3e73486095df304ae735a Mon Sep 17 00:00:00 2001
From: Vitezslav Crhonek <[email protected]>
Date: Tue, 15 Oct 2024 10:58:52 +0200
Subject: [PATCH 2/7] * info/infokey.c: add initializer
---
info/infokey.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/info/infokey.c b/info/infokey.c
index ec06cec51f..a42f896d3f 100644
--- a/info/infokey.c
+++ b/info/infokey.c
@@ -208,7 +208,7 @@ compile (FILE *fp, const char *filename, int *suppress_info, int *suppress_ea)
int oval = 0;
char comment[10];
unsigned int clen = 0;
- int seq[20];
+ int seq[20] = { 0 };
unsigned int slen = 0;
char act[80];
unsigned int alen = 0;
--
2.47.0
From f9e62115a2ae91e721021f52bdf2c76fe717a5eb Mon Sep 17 00:00:00 2001
From: Vitezslav Crhonek <[email protected]>
Date: Tue, 15 Oct 2024 11:07:06 +0200
Subject: [PATCH 3/7] * info/session.c: add initializer, allocate memory for
the terminating null of the string
---
info/session.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/info/session.c b/info/session.c
index 660e8e477a..b0cd9bac18 100644
--- a/info/session.c
+++ b/info/session.c
@@ -2342,7 +2342,7 @@ info_menu_or_ref_item (WINDOW *window, int menu_item, int xref, int ask_p)
if (defentry)
{
prompt = xmalloc (strlen (defentry->label)
- + strlen (_("Menu item (%s): ")));
+ + strlen (_("Menu item (%s): ")) + 1);
sprintf (prompt, _("Menu item (%s): "), defentry->label);
}
else
@@ -2353,7 +2353,7 @@ info_menu_or_ref_item (WINDOW *window, int menu_item, int xref, int ask_p)
if (defentry)
{
prompt = xmalloc (strlen (defentry->label)
- + strlen (_("Follow xref (%s): ")));
+ + strlen (_("Follow xref (%s): ")) + 1);
sprintf (prompt, _("Follow xref (%s): "), defentry->label);
}
else
@@ -2949,7 +2949,7 @@ DECLARE_INFO_COMMAND (info_menu_sequence,
static int
info_handle_pointer (const char *label, WINDOW *window)
{
- char *description;
+ char *description = NULL;
NODE *node;
if (!strcmp (label, "Up"))
@@ -3508,7 +3508,7 @@ info_intuit_options_node (NODE *node, char *program)
{
char *nodename;
- nodename = xmalloc (strlen (program) + strlen (*try_node));
+ nodename = xmalloc (strlen (program) + strlen (*try_node) + 1);
sprintf (nodename, *try_node, program);
/* The last resort "%s" is dangerous, so we restrict it
to exact matches here. */
@@ -3584,7 +3584,7 @@ DECLARE_INFO_COMMAND (info_goto_invocation_node,
default_program_name = program_name_from_file_name (file_name);
prompt = xmalloc (strlen (default_program_name) +
- strlen (invocation_prompt));
+ strlen (invocation_prompt) + 1);
sprintf (prompt, invocation_prompt, default_program_name);
line = info_read_in_echo_area (prompt);
free (prompt);
--
2.47.0
From d59b8843b9658e2c9835af1763ffaa9f88ede3b2 Mon Sep 17 00:00:00 2001
From: Vitezslav Crhonek <[email protected]>
Date: Tue, 15 Oct 2024 11:10:52 +0200
Subject: [PATCH 4/7] * info/util.c: add missing "va_end"
---
info/util.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/info/util.c b/info/util.c
index 7ecb90f06b..a511471b9f 100644
--- a/info/util.c
+++ b/info/util.c
@@ -34,9 +34,12 @@ xvasprintf (char **ptr, const char *template, va_list ap)
int
xasprintf (char **ptr, const char *template, ...)
{
+ int ret;
va_list v;
va_start (v, template);
- return xvasprintf (ptr, template, v);
+ ret = xvasprintf (ptr, template, v);
+ va_end (v);
+ return ret;
}
/* Return the file buffer which belongs to WINDOW's node. */
--
2.47.0
From 39f373b235d686a562620c1fed38d2efd912108a Mon Sep 17 00:00:00 2001
From: Vitezslav Crhonek <[email protected]>
Date: Tue, 15 Oct 2024 11:15:54 +0200
Subject: [PATCH 5/7] * install-info/install-info.c: add missing initializer,
fix resource leaks
---
install-info/install-info.c | 28 ++++++++++++++++++++++------
1 file changed, 22 insertions(+), 6 deletions(-)
diff --git a/install-info/install-info.c b/install-info/install-info.c
index 9cd909434f..8fa6970ee4 100644
--- a/install-info/install-info.c
+++ b/install-info/install-info.c
@@ -752,11 +752,15 @@ open_possibly_compressed_file (char *filename,
return 0;
nread = fread (data, sizeof (data), 1, f);
if (nread == 0)
- return 0;
+ {
+ fclose (f);
+ return 0;
+ }
goto determine_file_type; /* success */
}
}
errno = 0;
+ fclose (f);
return 0; /* unknown error */
}
@@ -829,10 +833,16 @@ determine_file_type:
FILE *f2;
if (fclose (f) < 0)
- return 0;
+ {
+ free (command);
+ return 0;
+ }
f2 = freopen (*opened_filename, FOPEN_RBIN, stdin);
if (!f)
- return 0;
+ {
+ fclose (f2);
+ return 0;
+ }
f = popen (command, "r");
fclose (f2);
if (!f)
@@ -854,7 +864,10 @@ determine_file_type:
#else
/* Seek back over the magic bytes. */
if (fseek (f, 0, 0) < 0)
- return 0;
+ {
+ fclose (f);
+ return 0;
+ }
#endif
}
@@ -885,7 +898,10 @@ readfile (char *filename, int *sizep,
compression_program);
if (!f)
- return 0;
+ {
+ free (data);
+ return 0;
+ }
for (;;)
{
@@ -1836,7 +1852,7 @@ munge_old_style_debian_options (int argc, char **argv,
int *new_argc, char ***new_argv)
{
char *opt = NULL;
- int i, err;
+ int i, err = 0;
char *argz = NULL;
size_t argz_len = 0;
const char *regex, *title;
--
2.47.0
From 0f3a45b5b48db00e9d1d8ab6c61a4e7502966bd1 Mon Sep 17 00:00:00 2001
From: Vitezslav Crhonek <[email protected]>
Date: Tue, 15 Oct 2024 12:17:32 +0200
Subject: [PATCH 6/7] * info/infomap.c: fix resource leak
---
info/infomap.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/info/infomap.c b/info/infomap.c
index 16e2e5ee60..fb968209f7 100644
--- a/info/infomap.c
+++ b/info/infomap.c
@@ -704,6 +704,7 @@ fetch_user_maps (char *init_file)
compile (inf, filename, &sup_info, &sup_ea);
free (filename);
+ fclose (inf);
return 1;
}
--
2.47.0
From d5a9a025099c3d3c00f06fe9ef186314fcd3725b Mon Sep 17 00:00:00 2001
From: Vitezslav Crhonek <[email protected]>
Date: Tue, 15 Oct 2024 12:19:16 +0200
Subject: [PATCH 7/7] * info/variables.c: fix memory leak
---
info/variables.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/info/variables.c b/info/variables.c
index 640188d962..c9614e0a5b 100644
--- a/info/variables.c
+++ b/info/variables.c
@@ -368,6 +368,7 @@ read_variable_name (char *prompt, WINDOW *window)
{
char *line;
REFERENCE **variables;
+ VARIABLE_ALIST *alist;
/* Get the completion array of variable names. */
variables = make_variable_completions_array ();
@@ -391,7 +392,9 @@ read_variable_name (char *prompt, WINDOW *window)
return NULL;
}
- return variable_by_name (line);
+ alist = variable_by_name (line);
+ free (line);
+ return alist;
}
/* Make an array of REFERENCE which actually contains the names of the
--
2.47.0
