summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDan McGee <dan@archlinux.org>2011-09-28 09:56:36 +0200
committerDan McGee <dan@archlinux.org>2011-09-28 11:48:33 +0200
commitf66f9f11cd010a05efe28d0607abbf29ff8dffa5 (patch)
tree9feef88c5394fd36ca71070a71c2efcf57151165
parentea3c47825ea6a8cfd0e0d63fd7da0120fcacabc8 (diff)
downloadpacman-f66f9f11cd010a05efe28d0607abbf29ff8dffa5.tar.gz
pacman-f66f9f11cd010a05efe28d0607abbf29ff8dffa5.tar.xz
Fix memory leak in download payload->remote_name
In the sync code, we explicitly allocated a string for this field, while in the dload code itself it was filled in with a pointer to another string. This led to a memory leak in the sync download case. Make remote_name non-const and always explicitly allocate it. This patch ensures this as well as uses malloc + snprintf (rather than calloc) in several codepaths, and eliminates the only use of PATH_MAX in the download code. Signed-off-by: Dan McGee <dan@archlinux.org>
-rw-r--r--lib/libalpm/dload.c26
-rw-r--r--lib/libalpm/dload.h2
-rw-r--r--lib/libalpm/sync.c2
3 files changed, 18 insertions, 12 deletions
diff --git a/lib/libalpm/dload.c b/lib/libalpm/dload.c
index 6f0139d1..1e8db1ee 100644
--- a/lib/libalpm/dload.c
+++ b/lib/libalpm/dload.c
@@ -60,7 +60,7 @@ static char *get_fullpath(const char *path, const char *filename,
char *filepath;
/* len = localpath len + filename len + suffix len + null */
size_t len = strlen(path) + strlen(filename) + strlen(suffix) + 1;
- CALLOC(filepath, len, sizeof(char), return NULL);
+ MALLOC(filepath, len, return NULL);
snprintf(filepath, len, "%s%s%s", path, filename, suffix);
return filepath;
@@ -279,22 +279,27 @@ static FILE *create_tempfile(struct dload_payload *payload, const char *localpat
{
int fd;
FILE *fp;
- char randpath[PATH_MAX];
- alpm_handle_t *handle = payload->handle;
+ char *randpath;
+ size_t len;
/* create a random filename, which is opened with O_EXCL */
- snprintf(randpath, PATH_MAX, "%salpmtmp.XXXXXX", localpath);
+ len = strlen(localpath) + 14 + 1;
+ MALLOC(randpath, len, RET_ERR(payload->handle, ALPM_ERR_MEMORY, NULL));
+ snprintf(randpath, len, "%salpmtmp.XXXXXX", localpath);
if((fd = mkstemp(randpath)) == -1 ||
!(fp = fdopen(fd, payload->tempfile_openmode))) {
unlink(randpath);
close(fd);
- _alpm_log(handle, ALPM_LOG_ERROR,
+ _alpm_log(payload->handle, ALPM_LOG_ERROR,
_("failed to create temporary file for download\n"));
return NULL;
}
/* fp now points to our alpmtmp.XXXXXX */
- STRDUP(payload->tempfile_name, randpath, RET_ERR(handle, ALPM_ERR_MEMORY, NULL));
- payload->remote_name = strrchr(randpath, '/') + 1;
+ free(payload->tempfile_name);
+ payload->tempfile_name = randpath;
+ free(payload->remote_name);
+ STRDUP(payload->remote_name, strrchr(randpath, '/') + 1,
+ RET_ERR(payload->handle, ALPM_ERR_MEMORY, NULL));
return fp;
}
@@ -318,7 +323,7 @@ static int curl_download_internal(struct dload_payload *payload,
payload->tempfile_openmode = "wb";
if(!payload->remote_name) {
- payload->remote_name = get_filename(payload->fileurl);
+ payload->remote_name = strdup(get_filename(payload->fileurl));
}
if(!payload->remote_name || curl_gethost(payload->fileurl, hostname) != 0) {
_alpm_log(handle, ALPM_LOG_ERROR, _("url '%s' is invalid\n"), payload->fileurl);
@@ -591,10 +596,11 @@ char SYMEXPORT *alpm_fetch_pkgurl(alpm_handle_t *handle, const char *url)
void _alpm_dload_payload_free(struct dload_payload *payload) {
ASSERT(payload, return);
- FREE(payload->fileurl);
- FREE(payload->content_disp_name);
+ FREE(payload->remote_name);
FREE(payload->tempfile_name);
FREE(payload->destfile_name);
+ FREE(payload->content_disp_name);
+ FREE(payload->fileurl);
FREE(payload);
}
diff --git a/lib/libalpm/dload.h b/lib/libalpm/dload.h
index bc5eb131..765c5fdf 100644
--- a/lib/libalpm/dload.h
+++ b/lib/libalpm/dload.h
@@ -27,8 +27,8 @@
struct dload_payload {
alpm_handle_t *handle;
- const char *remote_name;
const char *tempfile_openmode;
+ char *remote_name;
char *tempfile_name;
char *destfile_name;
char *content_disp_name;
diff --git a/lib/libalpm/sync.c b/lib/libalpm/sync.c
index b1da6829..fd48ef37 100644
--- a/lib/libalpm/sync.c
+++ b/lib/libalpm/sync.c
@@ -872,7 +872,7 @@ static int download_files(alpm_handle_t *handle, alpm_list_t **deltas)
/* print server + filename into a buffer */
len = strlen(server_url) + strlen(payload->remote_name) + 2;
- CALLOC(payload->fileurl, len, sizeof(char), RET_ERR(handle, ALPM_ERR_MEMORY, -1));
+ MALLOC(payload->fileurl, len, RET_ERR(handle, ALPM_ERR_MEMORY, -1));
snprintf(payload->fileurl, len, "%s/%s", server_url, payload->remote_name);
payload->handle = handle;
payload->allow_resume = 1;