Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

r.out.png: fix consecutive fclose calls on same pointer #4214

Merged
merged 1 commit into from
Aug 23, 2024

Conversation

ymdatta
Copy link
Contributor

@ymdatta ymdatta commented Aug 22, 2024

This patch fixes two issues:

  1. In one of the code paths, we are calling fclose on a file pointer which could potentially be NULL. Doing that would lead to undefined behavior. Check if a file pointer is NULL before closing it.

  2. If we call fclose on same file pointer twice, in the second instance we could be closing file descriptor allocated to some other file, which typically happens to a freed descriptor.

This issue was found by using cppcheck tool.

Additional information:

  1. Machine used: Virtual Machine running Ubuntu 22.04.4 LTS.
  2. Tool used in finding this error: cppcheck
image

Tool's output after applying the patch

image
  1. Reproduction rate: 100%, reproducible every time.
  2. Architecture: Not specific to any underlying architecture.

This patch fixes two issues:

1. In one of the code paths, we are calling fclose on a
   file pointer which could potentially be NULL. Doing that
   would lead to undefined behavior. Check if a file pointer
   is NULL before closing it.

2. If we call fclose on same file pointer twice, in the
   second instance we could be closing file descriptor allocated
   to some other file, which typically happens to a freed
   descriptor.

This issue was found by using cppcheck tool.

Signed-off-by: Mohana Datta Yelugoti <ymdatta.work@gmail.com>
@github-actions github-actions bot added raster Related to raster data processing C Related code is in C module labels Aug 22, 2024
Copy link
Member

@echoix echoix left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree with the PR. I would want some feedback on if it is the correct pattern to be autonomous on future reviews of this kind.

Copy link
Member

@wenzeslaus wenzeslaus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Here I my thoughts:

  • Default value is set.
  • NULL is the right default for FILE.
  • fclose requires a check.

What Cppcheck does not see is that G_fatal_error does not return, so the later fclose calls will not happen. I'm not sure what is better here, try to configure, try to provide attributes to the function, or simply apply the best practice (close and set to NULL) regardless of the fact that it is not need. I lean towards the best practice as it is seems the simplest, however providing more info about the function to the compilers or the linters seems good long-term strategy.

@echoix echoix merged commit 917ba58 into OSGeo:main Aug 23, 2024
27 checks passed
@nilason
Copy link
Contributor

nilason commented Aug 23, 2024

Missed this by the second. The only place where it would have made any (if ever so little) sense to reset fp = NULL was

if (fp)
fclose(fp);
.

Other than that note, this was good to go.

@wenzeslaus
Copy link
Member

The last fp = NULL would indeed fit the pattern.

@ymdatta
Copy link
Contributor Author

ymdatta commented Aug 23, 2024

I will push another small patch adding fp = NULL at the missed place.

@neteler neteler added this to the 8.5.0 milestone Aug 25, 2024
Mahesh1998 pushed a commit to Mahesh1998/grass that referenced this pull request Sep 19, 2024
This patch fixes two issues:

1. In one of the code paths, we are calling fclose on a
   file pointer which could potentially be NULL. Doing that
   would lead to undefined behavior. Check if a file pointer
   is NULL before closing it.

2. If we call fclose on same file pointer twice, in the
   second instance we could be closing file descriptor allocated
   to some other file, which typically happens to a freed
   descriptor.

This issue was found by using cppcheck tool.

Signed-off-by: Mohana Datta Yelugoti <ymdatta.work@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
C Related code is in C module raster Related to raster data processing
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants