52 lines
1.6 KiB
Diff
52 lines
1.6 KiB
Diff
From f2144c6c3a0d4eda5f8384b56cdeb5193a3c06ef Mon Sep 17 00:00:00 2001
|
||
From: Matthias Goergens <matthias.goergens@gmail.com>
|
||
Date: Tue, 28 Mar 2023 13:35:56 +0800
|
||
Subject: [PATCH] Fix use-after-free warning
|
||
MIME-Version: 1.0
|
||
Content-Type: text/plain; charset=UTF-8
|
||
Content-Transfer-Encoding: 8bit
|
||
|
||
When building, I get the following warning:
|
||
|
||
```bash
|
||
$ ninja
|
||
[18/71] Compiling C object lib/libfuse3.so.3.14.1.p/modules_iconv.c.o
|
||
../lib/modules/iconv.c: In function ‘iconv_convpath’:
|
||
../lib/modules/iconv.c:85:38: warning: pointer ‘newpath’ may be used after ‘realloc’ [-Wuse-after-free]
|
||
85 | p = tmp + (p - newpath);
|
||
| ~~~^~~~~~~~~~
|
||
../lib/modules/iconv.c:80:31: note: call to ‘realloc’ here
|
||
80 | tmp = realloc(newpath, newpathlen + 1);
|
||
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||
[71/71] Linking target example/passthrough_hp
|
||
```
|
||
|
||
It's a false positive, I thinks. But it's also easy to silence this
|
||
warning with a small refactor.
|
||
---
|
||
lib/modules/iconv.c | 3 ++-
|
||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||
|
||
diff --git a/lib/modules/iconv.c b/lib/modules/iconv.c
|
||
index 3d18a36..a0bf72b 100644
|
||
--- a/lib/modules/iconv.c
|
||
+++ b/lib/modules/iconv.c
|
||
@@ -77,12 +77,13 @@ static int iconv_convpath(struct iconv *ic, const char *path, char **newpathp,
|
||
|
||
inc = (pathlen + 1) * 4;
|
||
newpathlen += inc;
|
||
+ int dp = p - newpath;
|
||
tmp = realloc(newpath, newpathlen + 1);
|
||
err = -ENOMEM;
|
||
if (!tmp)
|
||
goto err;
|
||
|
||
- p = tmp + (p - newpath);
|
||
+ p = tmp + dp;
|
||
plen += inc;
|
||
newpath = tmp;
|
||
}
|
||
--
|
||
2.41.0
|
||
|