]>
Commit | Line | Data |
---|---|---|
74a816df MK |
1 | From 149f009c3b4ab6bac8059b48142a1c3f698c8e53 Mon Sep 17 00:00:00 2001 |
2 | From: Wang Dong <dongdwdw@linux.vnet.ibm.com> | |
3 | Date: Fri, 23 Dec 2016 06:53:36 +0100 | |
4 | Subject: [PATCH 104/106] parted: fix crash due to improper partition number | |
5 | input | |
6 | ||
7 | When the user makes a new partition, if parted fails to add the | |
8 | partition to disk, it jumps to wrong error label. In this | |
9 | situation, this new partition actually is not a node in disk | |
10 | data structure. But in the wrong error label, it pretends this | |
11 | is a node and removes it as a list node, leading to other | |
12 | partition in this disk deleted. This might lead to a memory leak. | |
13 | Because if there are other partitions, it just removes them from | |
14 | list without releasing the resource. And this also leads to different | |
15 | disk information between memory and device. This is confusing. | |
16 | ||
17 | But when the new partition is added to disk successfully and if | |
18 | any operations followed fail, this partition should be removed from | |
19 | disk and destroyed. | |
20 | ||
21 | Signed-off-by: Wang Dong <dongdwdw@linux.vnet.ibm.com> | |
22 | Signed-off-by: Hendrik Brueckner <brueckner@linux.vnet.ibm.com> | |
23 | --- | |
24 | parted/ui.c | 26 ++++++++++++++++++++++---- | |
25 | 1 file changed, 22 insertions(+), 4 deletions(-) | |
26 | ||
27 | diff --git a/parted/ui.c b/parted/ui.c | |
28 | index 505b8ac..5d76c20 100644 | |
29 | --- a/parted/ui.c | |
30 | +++ b/parted/ui.c | |
31 | @@ -29,6 +29,8 @@ | |
32 | #include <unistd.h> | |
33 | #include <setjmp.h> | |
34 | #include <assert.h> | |
35 | +#include <limits.h> | |
36 | +#include <errno.h> | |
37 | ||
38 | #include "command.h" | |
39 | #include "strlist.h" | |
40 | @@ -909,16 +911,30 @@ command_line_get_integer (const char* prompt, int* value) | |
41 | { | |
42 | char def_str [10]; | |
43 | char* input; | |
44 | - int valid; | |
45 | + long ret; | |
46 | ||
47 | snprintf (def_str, 10, "%d", *value); | |
48 | input = command_line_get_word (prompt, *value ? def_str : NULL, | |
49 | NULL, 1); | |
50 | if (!input) | |
51 | return 0; | |
52 | - valid = sscanf (input, "%d", value); | |
53 | + | |
54 | + errno = 0; | |
55 | + ret = strtol (input, (char**) NULL, 10); | |
56 | + if (errno) | |
57 | + goto error; | |
58 | + | |
59 | + if ((ret > INT_MAX) || (ret < INT_MIN)) | |
60 | + goto error; | |
61 | + else | |
62 | + *value = (int) ret; | |
63 | + | |
64 | free (input); | |
65 | - return valid; | |
66 | + return 1; | |
67 | + | |
68 | +error: | |
69 | + free (input); | |
70 | + return 0; | |
71 | } | |
72 | ||
73 | int | |
74 | @@ -1029,6 +1045,7 @@ command_line_get_partition (const char* prompt, PedDisk* disk, | |
75 | PedPartition** value) | |
76 | { | |
77 | PedPartition* part; | |
78 | + int ret; | |
79 | ||
80 | /* Flawed logic, doesn't seem to work?! | |
81 | check = ped_disk_next_partition (disk, part); | |
82 | @@ -1045,7 +1062,8 @@ command_line_get_partition (const char* prompt, PedDisk* disk, | |
83 | */ | |
84 | int num = (*value) ? (*value)->num : 0; | |
85 | ||
86 | - if (!command_line_get_integer (prompt, &num)) { | |
87 | + ret = command_line_get_integer (prompt, &num); | |
88 | + if ((!ret) || (num < 0)) { | |
89 | ped_exception_throw (PED_EXCEPTION_ERROR, | |
90 | PED_EXCEPTION_CANCEL, | |
91 | _("Expecting a partition number.")); | |
92 | -- | |
93 | 2.20.1 | |
94 |