From: Oliver Kurth Date: Tue, 18 Dec 2018 21:19:47 +0000 (-0800) Subject: Fix NULL pointer dereference and remove three lines of dead code. X-Git-Tag: stable-11.0.0~284 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f91f7355619ad0ed7afcbe0b7161be3680b88688;p=thirdparty%2Fopen-vm-tools.git Fix NULL pointer dereference and remove three lines of dead code. QbitLogic has run [Code]Ai on the open-vm-tools source code and and notified VMware of a potential NULL pointer reference and four pieces of dead code. See https://github.com/vmware/open-vm-tools/pull/247 bora-vmsoft/services/vmtoolsd/pluginMgr.c The proposed fix conditionally emitted a log message. That fix has been reworked to consistently emit a log message with conditional content. bora/lib/misc/posixPosix.c bora-vmsoft/apps/toolbox-cmd/toolboxcmd-shrink.c Remove one line of dead code from each source file. bora-vmsoft/lib/procMgr/procMgrPosix.c: Suggested dead code fix actually pointed to a bug where errno was not getting updated as intended. bora-vmsoft/services/plugins/guestInfo/perfMonLinux.c: Suggested dead code is no longer dead; change not applicable. --- diff --git a/open-vm-tools/AUTHORS b/open-vm-tools/AUTHORS index 6c64a5005..b5a26ddf4 100644 --- a/open-vm-tools/AUTHORS +++ b/open-vm-tools/AUTHORS @@ -42,3 +42,7 @@ John Eismeier Propose fix some spelling. Josh Paetzel Additional changes to vmmemctl.ko for FreeBSD 12.0 API changes. - https://github.com/vmware/open-vm-tools/pull/286 + +[Code]Ai Highlighted a potential NULL pointer dereference and four + pieces of dead code. + - https://github.com/vmware/open-vm-tools/pull/247 diff --git a/open-vm-tools/lib/misc/posixPosix.c b/open-vm-tools/lib/misc/posixPosix.c index 562ffa4ee..2c1c278e7 100644 --- a/open-vm-tools/lib/misc/posixPosix.c +++ b/open-vm-tools/lib/misc/posixPosix.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2008-2017 VMware, Inc. All rights reserved. + * Copyright (C) 2008-2018 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -2111,7 +2111,6 @@ Posix_Getmntent_r(FILE *fp, // IN: goto exit; } m->mnt_opts = memcpy(buf + n, opts, len); - n += len; } ret = 0; diff --git a/open-vm-tools/lib/procMgr/procMgrPosix.c b/open-vm-tools/lib/procMgr/procMgrPosix.c index a52456b55..d07b5d3ff 100644 --- a/open-vm-tools/lib/procMgr/procMgrPosix.c +++ b/open-vm-tools/lib/procMgr/procMgrPosix.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 1998-2017 VMware, Inc. All rights reserved. + * Copyright (C) 1998-2018 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -2206,7 +2206,7 @@ ProcMgr_ImpersonateUserStart(const char *user, // IN: UTF-8 encoded user name * according to POSIX 1003.1-2003, so patch up the errno. */ if (error == 0) { - error = ENOENT; + errno = ENOENT; } return FALSE; } diff --git a/open-vm-tools/services/vmtoolsd/pluginMgr.c b/open-vm-tools/services/vmtoolsd/pluginMgr.c index bee05e46f..697e36991 100644 --- a/open-vm-tools/services/vmtoolsd/pluginMgr.c +++ b/open-vm-tools/services/vmtoolsd/pluginMgr.c @@ -922,7 +922,8 @@ ToolsCore_UnloadPlugins(ToolsServiceState *state) ToolsPlugin *plugin = g_ptr_array_index(state->plugins, state->plugins->len - 1); GArray *regs = (plugin->data != NULL) ? plugin->data->regs : NULL; - g_message("Unloading plugin '%s'.\n", plugin->data->name); + g_message("Unloading plugin '%s'.\n", + plugin->data != NULL ? plugin->data->name : "unknown"); if (regs != NULL) { guint i; diff --git a/open-vm-tools/toolbox/toolboxcmd-shrink.c b/open-vm-tools/toolbox/toolboxcmd-shrink.c index 4e3e72472..39c0a923c 100644 --- a/open-vm-tools/toolbox/toolboxcmd-shrink.c +++ b/open-vm-tools/toolbox/toolboxcmd-shrink.c @@ -443,8 +443,6 @@ ShrinkDoWipeAndShrink(char *mountPoint, // IN: mount point } else { ToolsCmd_PrintErr(SU_(error.message, "Error: %s\n"), err); } - - rc = EX_TEMPFAIL; break; }