svn commit: r317782 - in head: contrib/libarchive/cpio contrib/libarchive/cpio/test contrib/libarchive/libarchive contrib/libarchive/libarchive/test contrib/libarchive/test_utils lib/libarchive/tests

Conrad Meyer cem at freebsd.org
Wed May 10 16:27:04 UTC 2017 

Hi Martin,

One minor Coverity nit below:

On Wed, May 3, 2017 at 5:04 PM, Martin Matuska <mm at freebsd.org> wrote:
> Author: mm
> Date: Thu May  4 00:04:17 2017
> New Revision: 317782
> URL: https://svnweb.freebsd.org/changeset/base/317782
>
> Log:
>   MFV r317781:
>   Sync libarchive with vendor
>
>   Vendor changes (FreeBSD-related):
>     PR 897: add test for ZIP archives with invalid EOCD headers
>     PR 901: fix invalid renaming of sparse files
>     OSS-Fuzz issue 497: remove fallback tree in LZX decoder
>     OSS-Fuzz issue 527: rewrite expressions in lz4 filter
>     OSS-Fuzz issue 577: fix integer overflow in cpio reader
>     OSS-Fuzz issue 862: fix numerc parsing in mtree reader
>     OSS-Fuzz issue 1097: fix undefined shift in rar reader
>     cpio: various optimizations and memory leak fixes
>
>   MFC after:    1 week
>
> ...
> Modified: head/contrib/libarchive/cpio/test/test_option_lz4.c
> ==============================================================================
> --- head/contrib/libarchive/cpio/test/test_option_lz4.c Wed May  3 23:55:12 2017        (r317781)
> +++ head/contrib/libarchive/cpio/test/test_option_lz4.c Thu May  4 00:04:17 2017        (r317782)
> ...
> @@ -68,14 +71,18 @@ DEFINE_TEST(test_option_lz4)
>                 if (strstr(p, "Error closing") != NULL && !canLz4()) {
>                         skipping("This version of bsdcpio uses an external lz4 program "
>                             "but no such program is available on this system.");
> +                       free(p);
>                         return;
>                 }
> +               free(p);
>                 failure("--lz4 option is broken: %s", p);

p is used after free here.  Coverity CID 1374948.

Best,
Conrad

>                 assertEqualInt(r, 0);
>                 return;
>         }
> +       free(p);
>         /* Check that the archive file has an lz4 signature. */
>         p = slurpfile(&s, "archive.out");
>         assert(s > 2);
>         assertEqualMem(p, "\x04\x22\x4d\x18", 4);
> +       free(p);
>  }
> ...

More information about the svn-src-head mailing list