Pileus Git - ~andy/fetchmail/commit

author	John Beck <john.beck@oracle.com>
	Mon, 18 Feb 2013 22:25:01 +0000 (23:25 +0100)
committer	Matthias Andree <matthias.andree@gmx.de>
	Mon, 18 Feb 2013 22:27:08 +0000 (23:27 +0100)
commit	e4dd196b137223195739b9e0f50ec2a8a02b3534
tree	3aa4c7e33b5d4a23bbb3b938b56270c6130fbd26	tree \| snapshot
parent	52c5a71f5ecb67b7ebf6ee0e5862bab2534222eb	commit \| diff

Minor bug fixes for socket.c

While running a static code analysis tool (Parfait) on fetchmail, it found some
bugs:

Error: Memory leak (CWE 401)
   Memory leak of pointer 'plugin_copy' allocated with malloc((plugin_copy_len + 1))
        at line 137 of components/fetchmail/fetchmail-6.3.22/socket.c in function 'parse_plugin'.
          'plugin_copy' allocated at line 107 with malloc((plugin_copy_len + 1)).
          plugin_copy leaks when plugin_copy_offset >= plugin_copy_len at line 114.

Error: Null pointer dereference (CWE 476)
   Read from null pointer 'argvec'
        at line 189 of components/fetchmail/fetchmail-6.3.22/socket.c in function 'handle_plugin'.
          Function 'parse_plugin' may return constant 'NULL' at line 137, called at line 188.
          Null pointer introduced at line 137 in function 'parse_plugin'.
        at line 190 of components/fetchmail/fetchmail-6.3.22/socket.c in function 'handle_plugin'.
          Function 'parse_plugin' may return constant 'NULL' at line 137, called at line 188.
          Null pointer introduced at line 137 in function 'parse_plugin'.

(I realize these are on 6.3.22; I checked and verified that this portion of
the code is the same in 6.3.24.)

The attached patch fixes each of these.

(Note by Matthias Andree:
The NULL pointer dereference fix does not require error reporting,
because parse_plugin() will already have reported the out-of-memory
error that causes the NULL to be returned.)