Package: apt-spy
Severity: normal
Tags: patch
check_write_access() leaks a pathname string, as noted in the code.
Attached is a patch to fix this. Rather than plug the leak directly,
I opted to open the files immediately after argument parsing, which,
IMHO, simplifies the code and avoids a (harmless) race.
Justin
diff -ur apt-spy-3.1/file.c apt-spy-3.1.jp3/file.c
--- apt-spy-3.1/file.c 2005-07-08 20:48:09.000000000 -0400
+++ apt-spy-3.1.jp3/file.c 2005-07-09 14:09:01.000000000 -0400
@@ -170,25 +170,3 @@
free(new_name);
return 0;
}
-
-int check_write_access(char *path)
-{
- /* Thanks to Brian from [EMAIL PROTECTED] for pointing out and
- fixing the programming error here. */
-
- char *dir = strdup(path); /* Leak it, it's small */
-
- if (access(path, R_OK | W_OK) == -1) {
- if (access(dirname(dir), R_OK | W_OK) == -1) {
- perror("access");
- return 1;
- }
- else if (errno == ENOENT)
- return 0; /* Doesn't exist */
- else {
- perror("access"); /* Error */
- return 1;
- }
- }
- return 0;
-}
diff -ur apt-spy-3.1/main.c apt-spy-3.1.jp3/main.c
--- apt-spy-3.1/main.c 2005-07-08 20:48:09.000000000 -0400
+++ apt-spy-3.1.jp3/main.c 2005-07-09 14:12:06.000000000 -0400
@@ -212,16 +212,20 @@
if (outfile == NULL)
outfile = d_out;
- /* Check output file for accessibility */
- if (check_write_access(outfile) == 1) {
- fprintf(stderr, "Could not open outfile. Exiting.\n");
+ /* Open the output file... */
+ outfile_p = select_outfile(outfile);
+ if (outfile_p == NULL) {
+ perror("fopen");
+ fprintf(stderr, "Error opening output file. Exiting.\n");
exit(1);
}
- /* If topfile specified, check for accessibility */
+ /* Open the topfile */
if (topfile) {
- if (check_write_access(topfile) == 1) {
- fprintf(stderr, "Could not open topfile. Exiting.\n");
+ topfile_p = select_outfile(topfile);
+ if (topfile_p == NULL) {
+ perror("fopen");
+ fprintf(stderr, "Error opening topfile. Exiting.\n");
exit(1);
}
}
@@ -285,14 +289,6 @@
--test_number;
}
- /* Open the output file... */
- outfile_p = select_outfile(outfile);
- if (outfile_p == NULL) {
- perror("fopen");
- fprintf(stderr, "Error opening output file. Exiting.\n");
- exit(1);
- }
-
/* write the results */
printf("Writing new sources.list file: %s \n", outfile);
if (write_list(outfile_p, best, distrib) != 0) {
@@ -303,14 +299,7 @@
/* We write out the top servers to a file if asked. Note there's no
point in freeing the "best" structures. */
if (topfile) {
- /* Open the topfile */
- topfile_p = select_outfile(topfile);
printf("writing topfile: %s\n", topfile);
- if (topfile_p == NULL) {
- perror("fopen");
- fprintf(stderr, "Error opening topfile. Exiting.\n");
- exit(1);
- }
if (write_top(infile_p, topfile_p, best) != 0) {
fprintf(stderr,
