Project

General

Profile

Download (2.54 KB)

Bug #857 » fread-check-error.patch

Patch for all cases in ctf.c where fread() is called without complete error checking. - craig harmer, 11/13/2014 08:56 PM

View differences:

formats/ctf/ctf.c
len = fread(&magic, sizeof(magic), 1, fp);
if (len != 1) {
fprintf(stderr, "[error] error reading packet metadata\n");
ret = -1;
goto end;
}
if (magic == TSDL_MAGIC) {
......
int ret = 0;
readlen = fread(&header, header_sizeof(header), 1, in);
if (readlen < 1)
if (readlen < 1) {
if (feof(in) ) {
return 0;
}
fprintf(stderr, "[error] error reading packet header\n");
return -EINVAL;
}
if (td->byte_order != BYTE_ORDER) {
header.magic = GUINT32_SWAP_LE_BE(header.magic);
......
toread = (header.content_size / CHAR_BIT) - header_sizeof(header);
for (;;) {
if (toread == 0) {
ret = 0; /* continue reading next packet */
goto read_padding;
}
readlen = fread(buf, sizeof(char), min(sizeof(buf) - 1, toread), in);
if (ferror(in)) {
if (readlen == 0 || ferror(in) ) {
fprintf(stderr, "[error] error reading packet\n");
ret = -EINVAL;
break;
}
......
writelen = fwrite(buf, sizeof(char), readlen, out);
if (writelen < readlen) {
fprintf(stderr, "[error] error writing packet\n");
ret = -EIO;
break;
}
......
break;
}
toread -= readlen;
if (!toread) {
ret = 0; /* continue reading next packet */
goto read_padding;
}
}
return ret;
......
len = fread(&index_hdr, sizeof(index_hdr), 1, pos->index_fp);
if (len != 1) {
perror("read index file header");
char *msg = "File is too short";
if (ferror(pos->index_fp) ) {
msg = "I/O error";
}
fprintf(stderr, "[error] error reading a '*.idx' file under %s: %s\n",
td->parent.path, msg);
ret = -1;
goto error;
}
......
/* add index to packet array */
g_array_append_val(file_stream->pos.packet_index, index);
}
if (ferror(pos->index_fp) ) {
fprintf(stderr, "[error] error reading a '*.idx' file under %s: I/O error\n",
td->parent.path);
ret = -1;
goto error;
}
/* Index containing only the header. */
if (!file_stream->parent.stream_class) {
(2-2/2)