Checking the result of a stat() to avoid referencing unitialized data.

The original patch was by Kamil Dudka.

git-svn-id: svn://svn.savannah.gnu.org/nano/trunk/nano@5621 35c25a1d-7b9e-4130-9fde-d3aeb78583b8

diff --git a/ChangeLog b/ChangeLog
index 4c017e58e8b4ee5103c5710df3aec12eba03eb95..a69631082da2fe87d44f4c505487a5604fea1333 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2016-02-09  Benno Schulenberg  <bensberg@justemail.net>
+       * src/files.c (stat_with_alloc, open_buffer, write_file): Check the
+       result of a stat() to avoid referencing unitialized data.  Original
+       patch was by Kamil Dudka.
+
 2016-02-07  Benno Schulenberg  <bensberg@justemail.net>
        * src/files.c (update_poshistory): Don't put files in the history list
        when they have the default cursor position (line 1, column 1).

diff --git a/src/files.c b/src/files.c
index ae4f2be1a64b80ab87f7cd7c7a0a44ea6918b403..52ec63495f7d6d90bf9ce37d5ddb7f586e2694dc 100644 (file)
--- a/src/files.c
+++ b/src/files.c
@@ -383,6 +383,20 @@ int do_lockfile(const char *filename)
 
     return retval;
 }
+
+/* Perform a stat call on the given filename, allocating a stat struct
+ * if necessary.  On success, *pstat points to the stat's result.  On
+ * failure, *pstat is freed and made NULL. */
+void stat_with_alloc(const char *filename, struct stat **pstat)
+{
+    if (*pstat == NULL)
+       *pstat = (struct stat *)nmalloc(sizeof(struct stat));
+
+    if (stat(filename, *pstat) != 0) {
+       free(*pstat);
+       *pstat = NULL;
+    }
+}
 #endif /* !NANO_TINY */
 
 /* If it's not "", filename is a file to open.  We make a new buffer, if
@@ -466,11 +480,8 @@ bool open_buffer(const char *filename, bool undoable)
     if (rc > 0) {
        read_file(f, rc, filename, undoable, new_buffer);
 #ifndef NANO_TINY
-       if (openfile->current_stat == NULL) {
-           openfile->current_stat =
-               (struct stat *)nmalloc(sizeof(struct stat));
-           stat(filename, openfile->current_stat);
-       }
+       if (openfile->current_stat == NULL)
+           stat_with_alloc(filename, &openfile->current_stat);
 #endif
     }
 
@@ -1801,10 +1812,8 @@ bool write_file(const char *name, FILE *f_open, bool tmp, append_type
      * specified it interactively), stat and save the value now,
      * or else we will chase null pointers when we do modtime checks,
      * preserve file times, and so on, during backup. */
-    if (openfile->current_stat == NULL && !tmp && realexists) {
-       openfile->current_stat = (struct stat *)nmalloc(sizeof(struct stat));
-       stat(realname, openfile->current_stat);
-    }
+    if (openfile->current_stat == NULL && !tmp && realexists)
+       stat_with_alloc(realname, &openfile->current_stat);
 
     /* We backup only if the backup toggle is set, the file isn't
      * temporary, and the file already exists.  Furthermore, if we
@@ -2181,12 +2190,9 @@ bool write_file(const char *name, FILE *f_open, bool tmp, append_type
        }
 
 #ifndef NANO_TINY
-       /* Update current_stat to reference the file as it is now. */
-       if (openfile->current_stat == NULL)
-           openfile->current_stat =
-               (struct stat *)nmalloc(sizeof(struct stat));
        if (!openfile->mark_set)
-           stat(realname, openfile->current_stat);
+           /* Get or update the stat info to reflect the current state. */
+           stat_with_alloc(realname, &openfile->current_stat);
 #endif
 
        statusbar(P_("Wrote %lu line", "Wrote %lu lines",