* spawn.cc (find_exec): Initialize err (CID 60111).

* strace.cc (strace::activate): Fix potential buffer overrun (CID 59938) * syscalls.cc (popen): Close parent pipe descriptor via fclosing fp on error to avoid resource leak (CID 59981). * thread.cc (pthread::exit): Avoid accessing cygtls member after deleting "this" (CID 60217).
2014-06-23 19:05:15 +00:00 · 2014-06-23 19:05:15 +00:00 · 8431e478d2
parent cf06a0b18c
commit 8431e478d2
5 changed files with 25 additions and 5 deletions
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@ -1,3 +1,12 @@
+2014-06-23  Corinna Vinschen  <corinna@vinschen.de>
+
+	* spawn.cc (find_exec): Initialize err (CID 60111).
+	* strace.cc (strace::activate): Fix potential buffer overrun (CID 59938)
+	* syscalls.cc (popen): Close parent pipe descriptor via fclosing fp on
+	error to avoid resource leak (CID 59981).
+	* thread.cc (pthread::exit): Avoid accessing cygtls member after
+	deleting "this" (CID 60217).
+
 2014-06-23  Corinna Vinschen  <corinna@vinschen.de>

 	* select.cc (start_thread_socket): Delete si on early return in case of
--- a/winsup/cygwin/spawn.cc
+++ b/winsup/cygwin/spawn.cc
@ -94,7 +94,7 @@ find_exec (const char *name, path_conv& buf, const char *mywinenv,
  char *tmp = tp.c_get ();
  const char *posix = (opt & FE_NATIVE) ? NULL : name;
  bool has_slash = !!strpbrk (name, "/\\");
-  int err;
+  int err = 0;

  /* Check to see if file can be opened as is first.
     Win32 systems always check . first, but PATH may not be set up to
--- a/winsup/cygwin/strace.cc
+++ b/winsup/cygwin/strace.cc
@ -50,7 +50,8 @@ strace::activate (bool isfork)
 	    }
 	  else
 	    {
-	      GetModuleFileNameW (NULL, progname_buf, sizeof (myself->progname));
+	      GetModuleFileNameW (NULL, progname_buf,
+	      			  sizeof progname_buf / sizeof (WCHAR));
 	      __small_sprintf (pidbuf, "(windows pid %u)", GetCurrentProcessId ());
 	      progname = progname_buf;
 	    }
--- a/winsup/cygwin/syscalls.cc
+++ b/winsup/cygwin/syscalls.cc
@ -4355,8 +4355,17 @@ popen (const char *command, const char *in_type)
  /* If we reach here we've seen an error but the pipe handles are open.
     Close them and return NULL. */
  int save_errno = get_errno ();
-  close (fds[0]);
-  close (fds[1]);
+  if (fp)
+    {
+      /* Must fclose fp to avoid memory leak. */
+      fclose (fp);
+      close (fds[myix ^ 1]);
+    }
+  else
+    {
+      close (fds[0]);
+      close (fds[1]);
+    }
  set_errno (save_errno);

 #undef rw
--- a/winsup/cygwin/thread.cc
+++ b/winsup/cygwin/thread.cc
@ -511,6 +511,7 @@ void
 pthread::exit (void *value_ptr)
 {
  class pthread *thread = this;
+  bool is_main_tls = (cygtls == _main_tls); // Check cygtls before deleting this

  // run cleanup handlers
  pop_all_cleanup_handlers ();
@ -536,7 +537,7 @@ pthread::exit (void *value_ptr)
    ::exit (0);
  else
    {
-      if (cygtls == _main_tls)
+      if (is_main_tls)
 	{
 	  _cygtls *dummy = (_cygtls *) malloc (sizeof (_cygtls));
 	  *dummy = *_main_tls;