Zsh Mailing List Archive Messages sorted by: Reverse Date, Date, Thread, Author

Re: PATCH: Fix use-after-free for print -zf and print -sf

X-seq: zsh-workers 34496
From: Mikael Magnusson <mikachu@xxxxxxxxx>
To: Peter Stephenson <p.stephenson@xxxxxxxxxxx>
Subject: Re: PATCH: Fix use-after-free for print -zf and print -sf
Date: Tue, 10 Feb 2015 12:32:52 +0100
Cc: zsh workers <zsh-workers@xxxxxxx>
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=hiOQRtfwFq8lr9E00VGo7vKTOHxWPutnUcrjEYVVYMI=; b=auqrZJvF7JlMzKzivJXqBDgJ9qSQU3yjvRi0Zk6raYBB92bBhok6/+zm/Vw8+B1WKV ElZaqmNqtQ2QwLNPmvezxzOTLnhKmB48W6s8MzdxEU8etq/KHMoLr1rgVGF615TtAco8 WxA3aOElZQrfy11M//CE+2fO+CUeeBdZCszUIPOLrBqVsarPKy8xn+sqv1PIA2RZllhW epPVAiFeW7FqFIst6rUJ+Q2ORQYbbrY/rRg0WBjmcXjJFqQohNu4kFR8dq/ScwPaG5Sc oNnOi4A0RLwGj4Q4CIhedLWfSXM887ryJUTY2gSFy3m4Qst7daJmoxGdvfV3EkuoaWsR SSwA==
In-reply-to: <20150210111811.1c851f7f@pwslap01u.europe.root.pri>
List-help: <mailto:zsh-workers-help@zsh.org>
List-id: Zsh Workers List <zsh-workers.zsh.org>
List-post: <mailto:zsh-workers@zsh.org>
Mailing-list: contact zsh-workers-help@xxxxxxx; run by ezmlm
References: <1423552346-18827-1-git-send-email-mikachu@gmail.com> <CAHYJk3QWK-z-WA4-8EC_m+PYc8QACt_GPjNqC2FXqRQk4VF-xg@mail.gmail.com> <20150210093729.476bab46@pwslap01u.europe.root.pri> <CAHYJk3QOK97+OjpNiBq+PBq2eAB-fDaFU_hXWppSs532MDiPsw@mail.gmail.com> <20150210111811.1c851f7f@pwslap01u.europe.root.pri>

On Tue, Feb 10, 2015 at 12:18 PM, Peter Stephenson
<p.stephenson@xxxxxxxxxxx> wrote:
> On Tue, 10 Feb 2015 12:13:12 +0100
> Mikael Magnusson <mikachu@xxxxxxxxx> wrote:
>> Oops, actually I think I do need it, since I want fout being NULL to
>> short circuit the whole if statement to false, and currently it's
>> interpreted as if ((fout && (fout != stdout)) ? .. : ..), resulting in
>> a call to fflush(NULL) which flushes all open output buffers. I should
>> probably have quoted both lines of the if. :)
>
> Yes, I missed that... that's kind of why I talked about rewriting it...
>
> pws

-    /* Testing EBADF special-cases >&- redirections */
-    if (fout && ((fout != stdout) ? (fclose(fout) != 0) :
-       (fflush(fout) != 0 && errno != EBADF))) {
-       zwarnnam(name, "write error: %e", errno);
-       ret = 1;
-    }
+#ifdef HAVE_OPEN_MEMSTREAM
+    if (fout)
+#endif
+       /* Testing EBADF special-cases >&- redirections */
+       if ((fout != stdout) ? (fclose(fout) != 0) :
+           (fflush(fout) != 0 && errno != EBADF)) {
+           zwarnnam(name, "write error: %e", errno);
+           ret = 1;
+       }
     return ret;
 }

This would make it very clear that fout can only be NULL in one very
particular case, and also leaves the main EBADF thing the same as the
other places in the function... (sorry for bikeshedding so much over
this). Which of these do you prefer?

-- 
Mikael Magnusson

Follow-Ups:
- Re: PATCH: Fix use-after-free for print -zf and print -sf
  - From: Peter Stephenson

References:
- PATCH: Fix use-after-free for print -zf and print -sf
  - From: Mikael Magnusson
- Re: PATCH: Fix use-after-free for print -zf and print -sf
  - From: Mikael Magnusson
- Re: PATCH: Fix use-after-free for print -zf and print -sf
  - From: Peter Stephenson
- Re: PATCH: Fix use-after-free for print -zf and print -sf
  - From: Mikael Magnusson
- Re: PATCH: Fix use-after-free for print -zf and print -sf
  - From: Peter Stephenson

Messages sorted by: Reverse Date, Date, Thread, Author