[asterisk-commits] mjordan: branch 10 r362356 - in /branches/10: ./ funcs/func_env.c
SVN commits to the Asterisk project
asterisk-commits at lists.digium.com
Tue Apr 17 15:56:12 CDT 2012
Author: mjordan
Date: Tue Apr 17 15:56:05 2012
New Revision: 362356
URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=362356
Log:
Fix places where a negative return from ftello could be used as invalid input
In a variety of locations in both reading and writing a file, the result
from the C library function ftello is used as input to other functions. For
the parameters and functions in question, a negative value is invalid input.
This patch checks the return value from the ftello function to determine if
we were able to determine the current position in the file stream and, if not,
fail gracefully.
(issue ASTERISK-19655)
Reported by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/1863/
........
Merged revisions 362355 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Modified:
branches/10/ (props changed)
branches/10/funcs/func_env.c
Propchange: branches/10/
------------------------------------------------------------------------------
Binary property 'branch-1.8-merged' - no diff available.
Modified: branches/10/funcs/func_env.c
URL: http://svnview.digium.com/svn/asterisk/branches/10/funcs/func_env.c?view=diff&rev=362356&r1=362355&r2=362356
==============================================================================
--- branches/10/funcs/func_env.c (original)
+++ branches/10/funcs/func_env.c Tue Apr 17 15:56:05 2012
@@ -510,7 +510,11 @@
if (offset < 0) {
fseeko(ff, offset, SEEK_END);
- offset = ftello(ff);
+ if ((offset = ftello(ff)) < 0) {
+ ast_log(AST_LOG_ERROR, "Cannot determine offset position of '%s': %s\n", args.filename, strerror(errno));
+ fclose(ff);
+ return -1;
+ }
}
if (length < 0) {
fseeko(ff, length, SEEK_END);
@@ -779,11 +783,15 @@
if (offset < 0) {
if (fseeko(ff, offset, SEEK_END)) {
- ast_log(LOG_ERROR, "Cannot seek to offset: %s\n", strerror(errno));
+ ast_log(LOG_ERROR, "Cannot seek to offset of '%s': %s\n", args.filename, strerror(errno));
fclose(ff);
return -1;
}
- offset = ftello(ff);
+ if ((offset = ftello(ff)) < 0) {
+ ast_log(AST_LOG_ERROR, "Cannot determine offset position of '%s': %s\n", args.filename, strerror(errno));
+ fclose(ff);
+ return -1;
+ }
}
if (length < 0) {
@@ -945,10 +953,13 @@
} else if (!strchr(args.options, 'd') && fwrite(format2term(newline_format), 1, strlen(format2term(newline_format)), ff) < strlen(format2term(newline_format))) {
ast_log(LOG_ERROR, "Short write?!!\n");
}
- truncsize = ftello(ff);
+ if ((truncsize = ftello(ff)) < 0) {
+ ast_log(AST_LOG_ERROR, "Unable to determine truncate position of '%s': %s\n", args.filename, strerror(errno));
+ }
fclose(ff);
- if (truncate(args.filename, truncsize)) {
- ast_log(LOG_ERROR, "Unable to truncate file: %s\n", strerror(errno));
+ if (truncsize >= 0 && truncate(args.filename, truncsize)) {
+ ast_log(LOG_ERROR, "Unable to truncate file '%s': %s\n", args.filename, strerror(errno));
+ return -1;
}
} else {
int64_t offset_offset = (offset == 0 ? 0 : -1), length_offset = -1, flength, i, current_length = 0;
@@ -970,7 +981,11 @@
fclose(ff);
return -1;
}
- flength = ftello(ff);
+ if ((flength = ftello(ff)) < 0) {
+ ast_log(AST_LOG_ERROR, "Cannot determine end position of file '%s': %s\n", args.filename, strerror(errno));
+ fclose(ff);
+ return -1;
+ }
/* For negative offset and/or negative length */
if (offset < 0 || length < 0) {
@@ -1115,6 +1130,11 @@
return -1;
}
while ((cur = ftello(ff)) < flength) {
+ if (cur < 0) {
+ ast_log(AST_LOG_ERROR, "Unable to determine last write position for '%s': %s\n", args.filename, strerror(errno));
+ fclose(ff);
+ return -1;
+ }
fseeko(ff, length_length - vlen, SEEK_CUR);
if (fread(fbuf, 1, sizeof(fbuf), ff) < sizeof(fbuf) && !feof(ff)) {
ast_log(LOG_ERROR, "Short read?!!\n");
More information about the asterisk-commits
mailing list