[svn-commits] mjordan: branch 1.8 r362355 - /branches/1.8/funcs/func_env.c

SVN commits to the Digium repositories svn-commits at lists.digium.com
Tue Apr 17 15:54:02 CDT 2012


Author: mjordan
Date: Tue Apr 17 15:53:56 2012
New Revision: 362355

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=362355
Log:
Fix places where a negative return from ftello could be used as invalid input

In a variety of locations in both reading and writing a file, the result
from the C library function ftello is used as input to other functions.  For
the parameters and functions in question, a negative value is invalid input.
This patch checks the return value from the ftello function to determine if
we were able to determine the current position in the file stream and, if not,
fail gracefully.

(issue ASTERISK-19655)
Reported by: Matt Jordan

Review: https://reviewboard.asterisk.org/r/1863/

Modified:
    branches/1.8/funcs/func_env.c

Modified: branches/1.8/funcs/func_env.c
URL: http://svnview.digium.com/svn/asterisk/branches/1.8/funcs/func_env.c?view=diff&rev=362355&r1=362354&r2=362355
==============================================================================
--- branches/1.8/funcs/func_env.c (original)
+++ branches/1.8/funcs/func_env.c Tue Apr 17 15:53:56 2012
@@ -510,7 +510,11 @@
 
 		if (offset < 0) {
 			fseeko(ff, offset, SEEK_END);
-			offset = ftello(ff);
+			if ((offset = ftello(ff)) < 0) {
+				ast_log(AST_LOG_ERROR, "Cannot determine offset position of '%s': %s\n", args.filename, strerror(errno));
+				fclose(ff);
+				return -1;
+			}
 		}
 		if (length < 0) {
 			fseeko(ff, length, SEEK_END);
@@ -779,11 +783,15 @@
 
 		if (offset < 0) {
 			if (fseeko(ff, offset, SEEK_END)) {
-				ast_log(LOG_ERROR, "Cannot seek to offset: %s\n", strerror(errno));
+				ast_log(LOG_ERROR, "Cannot seek to offset of '%s': %s\n", args.filename, strerror(errno));
 				fclose(ff);
 				return -1;
 			}
-			offset = ftello(ff);
+			if ((offset = ftello(ff)) < 0) {
+				ast_log(AST_LOG_ERROR, "Cannot determine offset position of '%s': %s\n", args.filename, strerror(errno));
+				fclose(ff);
+				return -1;
+			}
 		}
 
 		if (length < 0) {
@@ -945,10 +953,13 @@
 			} else if (!strchr(args.options, 'd') && fwrite(format2term(newline_format), 1, strlen(format2term(newline_format)), ff) < strlen(format2term(newline_format))) {
 				ast_log(LOG_ERROR, "Short write?!!\n");
 			}
-			truncsize = ftello(ff);
+			if ((truncsize = ftello(ff)) < 0) {
+				ast_log(AST_LOG_ERROR, "Unable to determine truncate position of '%s': %s\n", args.filename, strerror(errno));
+			}
 			fclose(ff);
-			if (truncate(args.filename, truncsize)) {
-				ast_log(LOG_ERROR, "Unable to truncate file: %s\n", strerror(errno));
+			if (truncsize >= 0 && truncate(args.filename, truncsize)) {
+				ast_log(LOG_ERROR, "Unable to truncate file '%s': %s\n", args.filename, strerror(errno));
+				return -1;
 			}
 		} else {
 			int64_t offset_offset = (offset == 0 ? 0 : -1), length_offset = -1, flength, i, current_length = 0;
@@ -970,7 +981,11 @@
 				fclose(ff);
 				return -1;
 			}
-			flength = ftello(ff);
+			if ((flength = ftello(ff)) < 0) {
+				ast_log(AST_LOG_ERROR, "Cannot determine end position of file '%s': %s\n", args.filename, strerror(errno));
+				fclose(ff);
+				return -1;
+			}
 
 			/* For negative offset and/or negative length */
 			if (offset < 0 || length < 0) {
@@ -1115,6 +1130,11 @@
 					return -1;
 				}
 				while ((cur = ftello(ff)) < flength) {
+					if (cur < 0) {
+						ast_log(AST_LOG_ERROR, "Unable to determine last write position for '%s': %s\n", args.filename, strerror(errno));
+						fclose(ff);
+						return -1;
+					}
 					fseeko(ff, length_length - vlen, SEEK_CUR);
 					if (fread(fbuf, 1, sizeof(fbuf), ff) < sizeof(fbuf) && !feof(ff)) {
 						ast_log(LOG_ERROR, "Short read?!!\n");




More information about the svn-commits mailing list