File CVE-2015-8929.patch of Package libarchive.2786

Overview Repositories Revisions Requests Users Attributes Meta

File CVE-2015-8929.patch of Package libarchive.2786

commit d24e79e8f9547ae475a3a0c9516e079a14010838
Author: Tim Kientzle <kientzle@acm.org>
Date:   Fri Feb 13 20:20:15 2015 -0800

Issue 409: archive_read_extract object leaked
    
    Register the cleanup function for the object at the point
    where the object is actually allocated to ensure that
    it always gets cleaned up.

Index: libarchive-3.1.2/libarchive/archive_read_extract.c
===================================================================
--- libarchive-3.1.2.orig/libarchive/archive_read_extract.c
+++ libarchive-3.1.2/libarchive/archive_read_extract.c
@@ -53,7 +53,7 @@ struct extract {
 	void			 *extract_progress_user_data;
 };
 
-static int	archive_read_extract_cleanup(struct archive_read *);
+static int     archive_read_extract_cleanup(struct archive_read *);
 static int	copy_data(struct archive *ar, struct archive *aw);
 static struct extract *get_extract(struct archive_read *);
 
@@ -69,17 +69,33 @@ get_extract(struct archive_read *a)
 			return (NULL);
 		}
 		memset(a->extract, 0, sizeof(*a->extract));
+		a->cleanup_archive_extract = archive_read_extract_cleanup;
 		a->extract->ad = archive_write_disk_new();
 		if (a->extract->ad == NULL) {
 			archive_set_error(&a->archive, ENOMEM, "Can't extract");
 			return (NULL);
 		}
 		archive_write_disk_set_standard_lookup(a->extract->ad);
-		a->cleanup_archive_extract = archive_read_extract_cleanup;
 	}
 	return (a->extract);
 }
 
+/*
+ * Cleanup function for archive_extract.
+ */
+static int
+archive_read_extract_cleanup(struct archive_read *a)
+{
+       int ret = ARCHIVE_OK;
+
+       if (a->extract->ad != NULL) {
+               ret = archive_write_free(a->extract->ad);
+       }
+       free(a->extract);
+       a->extract = NULL;
+       return (ret);
+}
+
 int
 archive_read_extract(struct archive *_a, struct archive_entry *entry, int flags)
 {
@@ -168,16 +184,3 @@ copy_data(struct archive *ar, struct arc
 	}
 }
 
-/*
- * Cleanup function for archive_extract.
- */
-static int
-archive_read_extract_cleanup(struct archive_read *a)
-{
-	int ret = ARCHIVE_OK;
-
-	ret = archive_write_free(a->extract->ad);
-	free(a->extract);
-	a->extract = NULL;
-	return (ret);
-}

Places

File CVE-2015-8929.patch of Package libarchive.2786

Places