From 3a378bc3635f9464003b29ca8d14da95209b8b9c Mon Sep 17 00:00:00 2001 From: Matthew Fernandez Date: Sat, 10 Oct 2020 15:36:52 -0700 Subject: [PATCH] fix Lefty's reliance on dup() internals This addresses the following Coverity warnings: Error: RESOURCE_LEAK (CWE-772): [#def39] graphviz-2.40.1/cmd/lefty/os/unix/io.c:362: open_fn: Returning handle opened by "dup". graphviz-2.40.1/cmd/lefty/os/unix/io.c:362: leaked_handle: Failing to save or close handle opened by "dup(fd[1])" leaks it. # 360| panic2 (POS, "ptyopen", "cannot fork"); # 361| case 0: # 362|-> close (fd[0]), close (0), dup (fd[1]); # 363| close (1), dup (fd[1]), close (fd[1]); # 364| execl (shell, shbname, "-c", cmd, NULL); Error: RESOURCE_LEAK (CWE-772): [#def40] graphviz-2.40.1/cmd/lefty/os/unix/io.c:363: open_fn: Returning handle opened by "dup". graphviz-2.40.1/cmd/lefty/os/unix/io.c:363: leaked_handle: Failing to save or close handle opened by "dup(fd[1])" leaks it. # 361| case 0: # 362| close (fd[0]), close (0), dup (fd[1]); # 363|-> close (1), dup (fd[1]), close (fd[1]); # 364| execl (shell, shbname, "-c", cmd, NULL); # 365| panic2 (POS, "ptyopen", "child cannot exec: %s\n", cmd); Error: RESOURCE_LEAK (CWE-772): [#def41] graphviz-2.40.1/cmd/lefty/os/unix/io.c:429: open_fn: Returning handle opened by "dup". graphviz-2.40.1/cmd/lefty/os/unix/io.c:429: leaked_handle: Failing to save or close handle opened by "dup(p1[1])" leaks it. # 427| panic2 (POS, "pipeopen", "child cannot exec: %s\n", cmd2); # 428| } # 429|-> close (1), dup (p1[1]), close (p1[1]); # 430| close (0), dup (p2[0]), close (p2[0]); # 431| execl (shell, shbname, "-c", cmd, NULL); Error: RESOURCE_LEAK (CWE-772): [#def42] graphviz-2.40.1/cmd/lefty/os/unix/io.c:430: open_fn: Returning handle opened by "dup". graphviz-2.40.1/cmd/lefty/os/unix/io.c:430: leaked_handle: Failing to save or close handle opened by "dup(p2[0])" leaks it. # 428| } # 429| close (1), dup (p1[1]), close (p1[1]); # 430|-> close (0), dup (p2[0]), close (p2[0]); # 431| execl (shell, shbname, "-c", cmd, NULL); # 432| panic2 (POS, "pipeopen", "child cannot exec: %s\n", cmd); Fixes #1823. Related to #1464. --- CHANGELOG.md | 1 + cmd/lefty/os/unix/io.c | 8 ++++---- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c8a7bf6dd..46a1cc671 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -60,6 +60,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Graphviz doesn't build on MacOS with the latest libc++ #1785 - make fails if ps2pdf is not installed (using autotools) #1763 - multiple graphs to file output causes a segfault #1845 +- lefty PTY functionality relies on file descriptor implementation details #1823 ## [2.44.1] - 2020-06-29 diff --git a/cmd/lefty/os/unix/io.c b/cmd/lefty/os/unix/io.c index dba142959..df10d9bd6 100644 --- a/cmd/lefty/os/unix/io.c +++ b/cmd/lefty/os/unix/io.c @@ -359,8 +359,8 @@ static void ptyopen (char *cmd, FILE **ifp, FILE **ofp, int *pidp) { case -1: panic2 (POS, "ptyopen", "cannot fork"); case 0: - close (fd[0]), close (0), dup (fd[1]); - close (1), dup (fd[1]), close (fd[1]); + close (fd[0]), dup2 (fd[1], 0); + dup2 (fd[1], 1), close (fd[1]); execl (shell, shbname, "-c", cmd, NULL); panic2 (POS, "ptyopen", "child cannot exec: %s\n", cmd); default: @@ -426,8 +426,8 @@ static void pipeopen (char *cmd, FILE **ifp, FILE **ofp, int *pidp) { execl (shell, shbname, "-c", cmd2, NULL); panic2 (POS, "pipeopen", "child cannot exec: %s\n", cmd2); } - close (1), dup (p1[1]), close (p1[1]); - close (0), dup (p2[0]), close (p2[0]); + dup2 (p1[1], 1), close (p1[1]); + dup2 (p2[0], 0), close (p2[0]); execl (shell, shbname, "-c", cmd, NULL); panic2 (POS, "pipeopen", "child cannot exec: %s\n", cmd); default: -- 2.40.0