[PATCH] libmisc/shell: Fix file pointer leak and improved input data sanitation.

Joel Sherrill joel at rtems.org
Wed May 17 14:10:55 UTC 2023 

This looks ok. I will push it.

Coverity is run up 1215 am and 1215 pm my time (910am now) so we should
have feedback in a few hours.

--joel

On Tue, May 16, 2023 at 7:04 PM <aaron.nyholm at unfoldedeffective.com> wrote:

> From: Aaron Nyholm <aaron.nyholm at southerninnovation.com>
>
> Coverity #1530126
> Coverity #1530125
> ---
>  cpukit/libmisc/shell/main_flashdev.c | 27 ++++++++++-----------------
>  1 file changed, 10 insertions(+), 17 deletions(-)
>
> diff --git a/cpukit/libmisc/shell/main_flashdev.c
> b/cpukit/libmisc/shell/main_flashdev.c
> index 495373235f..ca2454b33c 100644
> --- a/cpukit/libmisc/shell/main_flashdev.c
> +++ b/cpukit/libmisc/shell/main_flashdev.c
> @@ -78,6 +78,15 @@ static int rtems_flashdev_shell_main( int argc, char
> *argv[] ) {
>
>    for (i = 1; i < argc; ++i) {
>      if (argv[i][0] == '-') {
> +      /*
> +       * Check that a path to flashdev has been provided before running
> +       * command.
> +       */
> +      if (dev_path == NULL) {
> +        printf("Please input FLASH_DEV_PATH before instruction\n");
> +        return 1;
> +      }
> +      /* Run command */
>        switch (argv[i][1]) {
>        case ('r'):
>          /* Read */
> @@ -112,7 +121,6 @@ static int rtems_flashdev_shell_main( int argc, char
> *argv[] ) {
>          printf(rtems_flashdev_shell_usage);
>          break;
>        }
> -
>      } else if (dev_path == NULL) {
>        dev_path = argv[i];
>      } else {
> @@ -145,10 +153,6 @@ int flashdev_shell_read(
>      printf("Missing argument\n");
>      return -1;
>    }
> -  if (dev_path == NULL) {
> -    printf("Please input FLASH_DEV_PATH before instruction\n");
> -    return 1;
> -  }
>
>    /* Get arguments */
>    errno = 0;
> @@ -181,6 +185,7 @@ int flashdev_shell_read(
>    buffer = calloc((bytes + bytes%4), 1);
>    if (buffer == NULL) {
>      printf("Failed to allocate read buffer\n");
> +    close(fd);
>      return -1;
>    }
>
> @@ -230,10 +235,6 @@ int flashdev_shell_write(
>      printf("Missing argument\n");
>      return -1;
>    }
> -  if (dev_path == NULL) {
> -    printf("Please input FLASH_DEV_PATH before instruction\n");
> -    return 1;
> -  }
>
>    /* Get arguments */
>    errno = 0;
> @@ -337,10 +338,6 @@ int flashdev_shell_erase(
>      printf("Missing argument\n");
>      return -1;
>    }
> -  if (dev_path == NULL) {
> -    printf("Please input FLASH_DEV_PATH before instruction\n");
> -    return 1;
> -  }
>
>    /* Get arguments */
>    errno = 0;
> @@ -546,10 +543,6 @@ static int flashdev_shell_page(
>      printf("Missing argument\n");
>      return -1;
>    }
> -  if (dev_path == NULL) {
> -    printf("Please input FLASH_DEV_PATH before instruction\n");
> -    return 1;
> -  }
>
>    /* Get arguments */
>    errno = 0;
> --
> 2.25.1
>
> _______________________________________________
> devel mailing list
> devel at rtems.org
> http://lists.rtems.org/mailman/listinfo/devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rtems.org/pipermail/devel/attachments/20230517/fa990ebe/attachment.htm>

More information about the devel mailing list