mirrors/libguestfs
1
0
Fork 0
mirror of https://github.com/libguestfs/libguestfs.git synced 2026-03-21 22:53:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

daemon/link.c: Fix out of memory error when reading symlinks

Browse Source 
Commit 0f54df53d2 ("build: Remove gnulib") introduced a bug when I
rewrote existing code that used gnulib areadlink().

A missing "continue" statement on the path where fstatat(2) failed
caused fall-through to the case where it tries to use malloc(3) on the
value from the uninitialized stat buf.  This caused a huge amount of
memory to be allocated, invoking the oom-killer inside the appliance.

Reported-by: Yongkui Guo
Fixes: commit 0f54df53d2
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1960217
This commit is contained in:
Richard W.M. Jones
2021-05-13 12:04:41 +01:00
parent 51d21f7684
commit 047cf7dcd2
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
daemon/link.c
View File

@@ -59,9 +59,11 @@ do_internal_readlinklist (const char *path, char *const *names)
if (fstatat (fd_cwd, names[i], &statbuf, AT_SYMLINK_NOFOLLOW) == -1) {
add_empty_string:
if (add_string (&ret, "") == -1) {
add_string_failed:
close (fd_cwd);
return NULL;
}
continue;
}
if (!S_ISLNK (statbuf.st_mode))
goto add_empty_string;
@@ -74,10 +76,8 @@ do_internal_readlinklist (const char *path, char *const *names)
goto add_empty_string;
link[n] = '\0';
if (add_string (&ret, link) == -1) {
close (fd_cwd);
return NULL;
}
if (add_string (&ret, link) == -1)
goto add_string_failed;
}
close (fd_cwd);