[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH] util/envlist: Fix 2 bugs in envlist_setenv and envl
From: |
Hu Chaojian |
Subject: |
[Qemu-devel] [PATCH] util/envlist: Fix 2 bugs in envlist_setenv and envlist_unsetenv |
Date: |
Mon, 23 Jan 2017 02:36:58 +0000 |
From: chaojianhu <address@hidden>
In envlist_setenv, if any malloc fails, there will be inconsistency on el_count.
And in envlist_unsetenv, if env is "", the strncmp will be passed, eventually
wrong envlist_entry (shoud be the first one) will be removed.
Finally, in envlist_parse, to delimit environments with ',' is wrong, since
value
may contain ','. I suggest delete envlist_parse from the source code.
Reported-by: chaojianhu <address@hidden>
Signed-off-by: chaojianhu <address@hidden>
---
util/envlist.c | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/util/envlist.c b/util/envlist.c
index e86857e..5d68a6a 100644
--- a/util/envlist.c
+++ b/util/envlist.c
@@ -157,9 +157,8 @@ envlist_setenv(envlist_t *envlist, const char *env)
QLIST_REMOVE(entry, ev_link);
free((char *)entry->ev_var);
free(entry);
- } else {
- envlist->el_count++;
- }
+ envlist->el_count--;
+ }
if ((entry = malloc(sizeof (*entry))) == NULL)
return (errno);
@@ -168,6 +167,7 @@ envlist_setenv(envlist_t *envlist, const char *env)
return (errno);
}
QLIST_INSERT_HEAD(&envlist->el_entries, entry, ev_link);
+ envlist->el_count++;
return (0);
}
@@ -185,6 +185,11 @@ envlist_unsetenv(envlist_t *envlist, const char *env)
if ((envlist == NULL) || (env == NULL))
return (EINVAL);
+ envname_len = strlen(env);
+ if (0 == envname_len) {
+ return -EINVAL;
+ }
+
/* env is not allowed to contain '=' */
if (strchr(env, '=') != NULL)
return (EINVAL);
@@ -193,7 +198,6 @@ envlist_unsetenv(envlist_t *envlist, const char *env)
* Find out the requested entry and remove
* it from the list.
*/
- envname_len = strlen(env);
for (entry = envlist->el_entries.lh_first; entry != NULL;
entry = entry->ev_link.le_next) {
if (strncmp(entry->ev_var, env, envname_len) == 0)
--
1.9.1