Package: libepub-dev
Version: 0.2.2-4
Severity: normal
Dear Maintainer,
I scanned library with cppcheck and llvm's scan-build. It founds a few possible
memory leaks and NULL pointer dereference. I created a simple testcase which
triggers NULL pointer dereference and segfaults my program. Usage is quite
common: my example based on einfo tool.
I found that libepub website is abandoned and I didn't found any git/svn repos
for the project. So I've downloaded sources of library (0.2.2-4) with 'aptitude
source', added testcase to debian/tests and fixed NULL pointer dereference and
leaks. I'll attach changes (created by diff) to this bugreport along with scan-
build results.
-- System Information:
Debian Release: jessie/sid
APT prefers testing
APT policy: (900, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.14-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages libepub-dev depends on:
ii libepub0 0.2.2-4
libepub-dev recommends no packages.
libepub-dev suggests no packages.
diff -Nburd bugepub/ebook-tools-0.2.2/debian/tests/build epub-bug/ebook-tools-0.2.2/debian/tests/build
--- bugepub/ebook-tools-0.2.2/debian/tests/build 2014-07-30 02:06:47.000000000 +0700
+++ epub-bug/ebook-tools-0.2.2/debian/tests/build 2014-09-10 14:55:22.473294562 +0700
@@ -5,3 +5,6 @@
cd $ADTTMP
gcc -Wall -Werror -pedantic -std=c90 -o test-libepub $SRCDIR/test-libepub.c -lepub
./test-libepub "$SRCDIR/wasteland-20120118.epub"
+
+gcc -Wall -Werror -pedantic -std=c90 -o test-epub-toc $SRCDIR/test-epub-toc.c -lepub
+./test-epub-toc "$SRCDIR/wasteland-20120118.epub"
diff -Nburd bugepub/ebook-tools-0.2.2/debian/tests/test-epub-toc.c epub-bug/ebook-tools-0.2.2/debian/tests/test-epub-toc.c
--- bugepub/ebook-tools-0.2.2/debian/tests/test-epub-toc.c 1970-01-01 06:00:00.000000000 +0600
+++ epub-bug/ebook-tools-0.2.2/debian/tests/test-epub-toc.c 2014-09-10 14:56:21.077296438 +0700
@@ -0,0 +1,52 @@
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <epub.h>
+
+void quit(int code) {
+ epub_cleanup();
+ exit(code);
+}
+
+void usage(int code) {
+ fprintf(stderr, "Usage: toc_test <filename>\n");
+ exit(code);
+}
+
+int main(int argc , char **argv) {
+ struct epub *epub;
+ char *filename = NULL;
+ struct titerator *it;
+
+ if (argc != 2) {
+ fprintf(stderr, "Missing file name\n");
+ usage(1);
+ }
+ filename = argv[1];
+
+ if (! (epub = epub_open(filename, 0)))
+ quit(1);
+
+ it = epub_get_titerator(epub, TITERATOR_PAGES, 0);
+ if (!it) {
+ fprintf(stderr, "Cannot get TOC iterator\n");
+ quit(1);
+ }
+
+ do {
+ char *label = epub_tit_get_curr_label(it);
+ if (label) {
+ printf("%s\n", label);
+ free(label);
+ }
+ } while (epub_tit_next(it));
+
+ epub_free_titerator(it);
+
+ if (! epub_close(epub)) {
+ quit(1);
+ }
+
+ quit(0);
+ return 0;
+}
diff -Nburd bugepub/ebook-tools-0.2.2/src/libepub/epub.c epub-bug/ebook-tools-0.2.2/src/libepub/epub.c
--- bugepub/ebook-tools-0.2.2/src/libepub/epub.c 2012-09-04 21:32:32.000000000 +0700
+++ epub-bug/ebook-tools-0.2.2/src/libepub/epub.c 2014-09-10 14:44:49.373274303 +0700
@@ -503,7 +503,7 @@
return NULL;
break;
case TITERATOR_PAGES:
- if (! epub->opf->toc || epub->opf->toc->pageList)
+ if (! epub->opf->toc || ! epub->opf->toc->pageList)
return NULL;
break;
}
diff -Nburd bugepub/ebook-tools-0.2.2/src/libepub/ocf.c epub-bug/ebook-tools-0.2.2/src/libepub/ocf.c
--- bugepub/ebook-tools-0.2.2/src/libepub/ocf.c 2012-09-04 21:32:32.000000000 +0700
+++ epub-bug/ebook-tools-0.2.2/src/libepub/ocf.c 2014-09-10 14:44:49.373274303 +0700
@@ -218,6 +218,7 @@
if ( ! ocf->filename) {
_epub_print_debug(epub, DEBUG_ERROR, "Failed to allocate memory for filename");
+ _ocf_close(ocf);
return NULL;
}
diff -Nburd bugepub/ebook-tools-0.2.2/src/libepub/opf.c epub-bug/ebook-tools-0.2.2/src/libepub/opf.c
--- bugepub/ebook-tools-0.2.2/src/libepub/opf.c 2012-09-04 21:32:32.000000000 +0700
+++ epub-bug/ebook-tools-0.2.2/src/libepub/opf.c 2014-09-10 14:44:49.373274303 +0700
@@ -49,6 +49,7 @@
}
} else {
_epub_print_debug(opf->epub, DEBUG_ERROR, "unable to open OPF");
+ _opf_close(opf);
return NULL;
}
diff -Nburd bugepub/ebook-tools-0.2.2/debian/tests/build epub-bug/ebook-tools-0.2.2/debian/tests/build
--- bugepub/ebook-tools-0.2.2/debian/tests/build 2014-07-30 02:06:47.000000000 +0700
+++ epub-bug/ebook-tools-0.2.2/debian/tests/build 2014-09-10 14:55:22.473294562 +0700
@@ -5,3 +5,6 @@
cd $ADTTMP
gcc -Wall -Werror -pedantic -std=c90 -o test-libepub $SRCDIR/test-libepub.c -lepub
./test-libepub "$SRCDIR/wasteland-20120118.epub"
+
+gcc -Wall -Werror -pedantic -std=c90 -o test-epub-toc $SRCDIR/test-epub-toc.c -lepub
+./test-epub-toc "$SRCDIR/wasteland-20120118.epub"
diff -Nburd bugepub/ebook-tools-0.2.2/debian/tests/test-epub-toc.c epub-bug/ebook-tools-0.2.2/debian/tests/test-epub-toc.c
--- bugepub/ebook-tools-0.2.2/debian/tests/test-epub-toc.c 1970-01-01 06:00:00.000000000 +0600
+++ epub-bug/ebook-tools-0.2.2/debian/tests/test-epub-toc.c 2014-09-10 14:56:21.077296438 +0700
@@ -0,0 +1,52 @@
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <epub.h>
+
+void quit(int code) {
+ epub_cleanup();
+ exit(code);
+}
+
+void usage(int code) {
+ fprintf(stderr, "Usage: toc_test <filename>\n");
+ exit(code);
+}
+
+int main(int argc , char **argv) {
+ struct epub *epub;
+ char *filename = NULL;
+ struct titerator *it;
+
+ if (argc != 2) {
+ fprintf(stderr, "Missing file name\n");
+ usage(1);
+ }
+ filename = argv[1];
+
+ if (! (epub = epub_open(filename, 0)))
+ quit(1);
+
+ it = epub_get_titerator(epub, TITERATOR_PAGES, 0);
+ if (!it) {
+ fprintf(stderr, "Cannot get TOC iterator\n");
+ quit(1);
+ }
+
+ do {
+ char *label = epub_tit_get_curr_label(it);
+ if (label) {
+ printf("%s\n", label);
+ free(label);
+ }
+ } while (epub_tit_next(it));
+
+ epub_free_titerator(it);
+
+ if (! epub_close(epub)) {
+ quit(1);
+ }
+
+ quit(0);
+ return 0;
+}
diff -Nburd bugepub/ebook-tools-0.2.2/src/libepub/epub.c epub-bug/ebook-tools-0.2.2/src/libepub/epub.c
--- bugepub/ebook-tools-0.2.2/src/libepub/epub.c 2012-09-04 21:32:32.000000000 +0700
+++ epub-bug/ebook-tools-0.2.2/src/libepub/epub.c 2014-09-10 14:44:49.373274303 +0700
@@ -503,7 +503,7 @@
return NULL;
break;
case TITERATOR_PAGES:
- if (! epub->opf->toc || epub->opf->toc->pageList)
+ if (! epub->opf->toc || ! epub->opf->toc->pageList)
return NULL;
break;
}
diff -Nburd bugepub/ebook-tools-0.2.2/src/libepub/ocf.c epub-bug/ebook-tools-0.2.2/src/libepub/ocf.c
--- bugepub/ebook-tools-0.2.2/src/libepub/ocf.c 2012-09-04 21:32:32.000000000 +0700
+++ epub-bug/ebook-tools-0.2.2/src/libepub/ocf.c 2014-09-10 14:44:49.373274303 +0700
@@ -218,6 +218,7 @@
if ( ! ocf->filename) {
_epub_print_debug(epub, DEBUG_ERROR, "Failed to allocate memory for filename");
+ _ocf_close(ocf);
return NULL;
}
diff -Nburd bugepub/ebook-tools-0.2.2/src/libepub/opf.c epub-bug/ebook-tools-0.2.2/src/libepub/opf.c
--- bugepub/ebook-tools-0.2.2/src/libepub/opf.c 2012-09-04 21:32:32.000000000 +0700
+++ epub-bug/ebook-tools-0.2.2/src/libepub/opf.c 2014-09-10 14:44:49.373274303 +0700
@@ -49,6 +49,7 @@
}
} else {
_epub_print_debug(opf->epub, DEBUG_ERROR, "unable to open OPF");
+ _opf_close(opf);
return NULL;
}
diff -Nburd bugepub/ebook-tools-0.2.2/debian/tests/build epub-bug/ebook-tools-0.2.2/debian/tests/build
--- bugepub/ebook-tools-0.2.2/debian/tests/build 2014-07-30 02:06:47.000000000 +0700
+++ epub-bug/ebook-tools-0.2.2/debian/tests/build 2014-09-10 14:55:22.473294562 +0700
@@ -5,3 +5,6 @@
cd $ADTTMP
gcc -Wall -Werror -pedantic -std=c90 -o test-libepub $SRCDIR/test-libepub.c -lepub
./test-libepub "$SRCDIR/wasteland-20120118.epub"
+
+gcc -Wall -Werror -pedantic -std=c90 -o test-epub-toc $SRCDIR/test-epub-toc.c -lepub
+./test-epub-toc "$SRCDIR/wasteland-20120118.epub"
diff -Nburd bugepub/ebook-tools-0.2.2/debian/tests/test-epub-toc.c epub-bug/ebook-tools-0.2.2/debian/tests/test-epub-toc.c
--- bugepub/ebook-tools-0.2.2/debian/tests/test-epub-toc.c 1970-01-01 06:00:00.000000000 +0600
+++ epub-bug/ebook-tools-0.2.2/debian/tests/test-epub-toc.c 2014-09-10 14:56:21.077296438 +0700
@@ -0,0 +1,52 @@
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <epub.h>
+
+void quit(int code) {
+ epub_cleanup();
+ exit(code);
+}
+
+void usage(int code) {
+ fprintf(stderr, "Usage: toc_test <filename>\n");
+ exit(code);
+}
+
+int main(int argc , char **argv) {
+ struct epub *epub;
+ char *filename = NULL;
+ struct titerator *it;
+
+ if (argc != 2) {
+ fprintf(stderr, "Missing file name\n");
+ usage(1);
+ }
+ filename = argv[1];
+
+ if (! (epub = epub_open(filename, 0)))
+ quit(1);
+
+ it = epub_get_titerator(epub, TITERATOR_PAGES, 0);
+ if (!it) {
+ fprintf(stderr, "Cannot get TOC iterator\n");
+ quit(1);
+ }
+
+ do {
+ char *label = epub_tit_get_curr_label(it);
+ if (label) {
+ printf("%s\n", label);
+ free(label);
+ }
+ } while (epub_tit_next(it));
+
+ epub_free_titerator(it);
+
+ if (! epub_close(epub)) {
+ quit(1);
+ }
+
+ quit(0);
+ return 0;
+}
diff -Nburd bugepub/ebook-tools-0.2.2/src/libepub/epub.c epub-bug/ebook-tools-0.2.2/src/libepub/epub.c
--- bugepub/ebook-tools-0.2.2/src/libepub/epub.c 2012-09-04 21:32:32.000000000 +0700
+++ epub-bug/ebook-tools-0.2.2/src/libepub/epub.c 2014-09-10 14:44:49.373274303 +0700
@@ -503,7 +503,7 @@
return NULL;
break;
case TITERATOR_PAGES:
- if (! epub->opf->toc || epub->opf->toc->pageList)
+ if (! epub->opf->toc || ! epub->opf->toc->pageList)
return NULL;
break;
}
diff -Nburd bugepub/ebook-tools-0.2.2/src/libepub/ocf.c epub-bug/ebook-tools-0.2.2/src/libepub/ocf.c
--- bugepub/ebook-tools-0.2.2/src/libepub/ocf.c 2012-09-04 21:32:32.000000000 +0700
+++ epub-bug/ebook-tools-0.2.2/src/libepub/ocf.c 2014-09-10 14:44:49.373274303 +0700
@@ -218,6 +218,7 @@
if ( ! ocf->filename) {
_epub_print_debug(epub, DEBUG_ERROR, "Failed to allocate memory for filename");
+ _ocf_close(ocf);
return NULL;
}
diff -Nburd bugepub/ebook-tools-0.2.2/src/libepub/opf.c epub-bug/ebook-tools-0.2.2/src/libepub/opf.c
--- bugepub/ebook-tools-0.2.2/src/libepub/opf.c 2012-09-04 21:32:32.000000000 +0700
+++ epub-bug/ebook-tools-0.2.2/src/libepub/opf.c 2014-09-10 14:44:49.373274303 +0700
@@ -49,6 +49,7 @@
}
} else {
_epub_print_debug(opf->epub, DEBUG_ERROR, "unable to open OPF");
+ _opf_close(opf);
return NULL;
}
