From: Oliver Kurth Date: Tue, 29 Jan 2019 22:03:18 +0000 (-0800) Subject: Fix NULL pointer dereference and remove three lines of dead code. X-Git-Tag: stable-10.3.10~21 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5f3f6ccd3ad143d64f2927bd19791a6148e1e2ba;p=thirdparty%2Fopen-vm-tools.git Fix NULL pointer dereference and remove three lines of dead code. QbitLogic has run [Code]Ai on the open-vm-tools source code and and notified VMware of a potential NULL pointer reference and four pieces of dead code. See https://github.com/vmware/open-vm-tools/pull/247 bora-vmsoft/services/vmtoolsd/pluginMgr.c The proposed fix conditionally emitted a log message. That fix has been reworked to consistently emit a log message with conditional content. bora/lib/misc/posixPosix.c bora-vmsoft/apps/toolbox-cmd/toolboxcmd-shrink.c Remove one line of dead code from each source file. bora-vmsoft/lib/procMgr/procMgrPosix.c: Suggested dead code fix actually pointed to a bug where errno was not getting updated as intended. bora-vmsoft/services/plugins/guestInfo/perfMonLinux.c: Suggested dead code is no longer dead; change not applicable. --- diff --git a/open-vm-tools/AUTHORS b/open-vm-tools/AUTHORS index 9c5783186..ff87a57b5 100644 --- a/open-vm-tools/AUTHORS +++ b/open-vm-tools/AUTHORS @@ -36,3 +36,7 @@ Ed Schouten Use standard SYSCTL_ADD_OID() macro to access the Steve Wills Fix vmmemctl.ko driver build for supported FreeBSD releases. - https://github.com/vmware/open-vm-tools/pull/140 + +[Code]Ai Highlighted a potential NULL pointer dereference and four + pieces of dead code. + - https://github.com/vmware/open-vm-tools/pull/247 diff --git a/open-vm-tools/lib/misc/posixPosix.c b/open-vm-tools/lib/misc/posixPosix.c index 562ffa4ee..2c1c278e7 100644 --- a/open-vm-tools/lib/misc/posixPosix.c +++ b/open-vm-tools/lib/misc/posixPosix.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2008-2017 VMware, Inc. All rights reserved. + * Copyright (C) 2008-2018 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -2111,7 +2111,6 @@ Posix_Getmntent_r(FILE *fp, // IN: goto exit; } m->mnt_opts = memcpy(buf + n, opts, len); - n += len; } ret = 0; diff --git a/open-vm-tools/lib/procMgr/procMgrPosix.c b/open-vm-tools/lib/procMgr/procMgrPosix.c index a52456b55..d07b5d3ff 100644 --- a/open-vm-tools/lib/procMgr/procMgrPosix.c +++ b/open-vm-tools/lib/procMgr/procMgrPosix.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 1998-2017 VMware, Inc. All rights reserved. + * Copyright (C) 1998-2018 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -2206,7 +2206,7 @@ ProcMgr_ImpersonateUserStart(const char *user, // IN: UTF-8 encoded user name * according to POSIX 1003.1-2003, so patch up the errno. */ if (error == 0) { - error = ENOENT; + errno = ENOENT; } return FALSE; } diff --git a/open-vm-tools/services/vmtoolsd/pluginMgr.c b/open-vm-tools/services/vmtoolsd/pluginMgr.c index bee05e46f..697e36991 100644 --- a/open-vm-tools/services/vmtoolsd/pluginMgr.c +++ b/open-vm-tools/services/vmtoolsd/pluginMgr.c @@ -922,7 +922,8 @@ ToolsCore_UnloadPlugins(ToolsServiceState *state) ToolsPlugin *plugin = g_ptr_array_index(state->plugins, state->plugins->len - 1); GArray *regs = (plugin->data != NULL) ? plugin->data->regs : NULL; - g_message("Unloading plugin '%s'.\n", plugin->data->name); + g_message("Unloading plugin '%s'.\n", + plugin->data != NULL ? plugin->data->name : "unknown"); if (regs != NULL) { guint i; diff --git a/open-vm-tools/toolbox/toolboxcmd-shrink.c b/open-vm-tools/toolbox/toolboxcmd-shrink.c index 8774fa437..b6896a3d9 100644 --- a/open-vm-tools/toolbox/toolboxcmd-shrink.c +++ b/open-vm-tools/toolbox/toolboxcmd-shrink.c @@ -438,8 +438,6 @@ ShrinkDoWipeAndShrink(char *mountPoint, // IN: mount point } else { ToolsCmd_PrintErr(SU_(error.message, "Error: %s\n"), err); } - - rc = EX_TEMPFAIL; break; }