[src/trunk]: src/lib/libc/stdio validate flags/oflags from __sflag() befere c...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/lib/libc/stdio validate flags/oflags from __sflag() befere c...
From: tnozaki <tnozaki%NetBSD.org@localhost>
Date: Mon, 06 Apr 2020 19:23:26 +0000

details:   https://anonhg.NetBSD.org/src/rev/fbc4e92c9e8b
branches:  trunk
changeset: 757848:fbc4e92c9e8b
user:      tnozaki <tnozaki%NetBSD.org@localhost>
date:      Mon Sep 27 17:08:29 2010 +0000

description:
validate flags/oflags from __sflag() befere call __sfp().
reviewed by enami-san, thanks.

diffstat:

 lib/libc/stdio/fmemopen.c |  35 ++++++++++++++++++-----------------
 1 files changed, 18 insertions(+), 17 deletions(-)

diffs (78 lines):

diff -r 72c51e4ba895 -r fbc4e92c9e8b lib/libc/stdio/fmemopen.c
--- a/lib/libc/stdio/fmemopen.c Mon Sep 27 16:50:13 2010 +0000
+++ b/lib/libc/stdio/fmemopen.c Mon Sep 27 17:08:29 2010 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: fmemopen.c,v 1.4 2010/09/27 16:50:13 tnozaki Exp $ */
+/* $NetBSD: fmemopen.c,v 1.5 2010/09/27 17:08:29 tnozaki Exp $ */
 
 /*-
  * Copyright (c)2007, 2010 Takehiko NOZAKI,
@@ -29,7 +29,7 @@
 
 #include <sys/cdefs.h>
 #if defined(LIBC_SCCS) && !defined(lint)
-__RCSID("$NetBSD: fmemopen.c,v 1.4 2010/09/27 16:50:13 tnozaki Exp $");
+__RCSID("$NetBSD: fmemopen.c,v 1.5 2010/09/27 17:08:29 tnozaki Exp $");
 #endif /* LIBC_SCCS and not lint */
 
 #include <assert.h>
@@ -154,29 +154,25 @@
 FILE *
 fmemopen(void * __restrict buf, size_t size, const char * __restrict mode)
 {
-       int oflags;
+       int flags, oflags;
        FILE *fp;
        struct fmemopen_cookie *cookie;
 
-       if (size < (size_t)1) {
-               errno = EINVAL;
+       if (size < (size_t)1)
+               goto invalid;
+
+       flags = __sflags(mode, &oflags);
+       if (flags == 0)
                return NULL;
-       }
+
+       if ((oflags & O_RDWR) == 0 && buf == NULL)
+               goto invalid;
 
        fp = __sfp();
        if (fp == NULL)
                return NULL;
        fp->_file = -1;
 
-       fp->_flags = __sflags(mode, &oflags);
-       if (fp->_flags == 0)
-               return NULL;
-
-       if ((oflags & O_RDWR) == 0 && buf == NULL) {
-               errno = EINVAL;
-               goto release;
-       }
-
        cookie = malloc(sizeof(*cookie));
        if (cookie == NULL)
                goto release;
@@ -206,13 +202,18 @@
 
        cookie->cur = (oflags & O_APPEND) ? cookie->eob : cookie->head;
 
-       fp->_write  = (fp->_flags & __SRD) ? NULL : &fmemopen_write;
-       fp->_read   = (fp->_flags & __SWR) ? NULL : &fmemopen_read;
+       fp->_flags  = flags;
+       fp->_write  = (flags & __SRD) ? NULL : &fmemopen_write;
+       fp->_read   = (flags & __SWR) ? NULL : &fmemopen_read;
        fp->_seek   = &fmemopen_seek;
        fp->_cookie = (void *)cookie;
 
        return fp;
 
+invalid:
+       errno = EINVAL;
+       return NULL;
+
 release:
        fp->_flags = 0;
        return NULL;

Prev by Date: [src/trunk]: src/lib/libc/stdio fix off-by-one, pointed out by enami-san, tha...
Next by Date: [src/trunk]: src/sys/sys move the compat code in the .c file.
Previous by Thread: [src/trunk]: src/lib/libc/stdio fix off-by-one, pointed out by enami-san, tha...
Next by Thread: [src/trunk]: src/sys/sys move the compat code in the .c file.
Indexes:

Home | Main Index | Thread Index | Old Index