Projects
openEuler:24.03:SP1:Everything
audit
_service:tar_scm:backport-Cleanup-code-in-LRU.p...
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:backport-Cleanup-code-in-LRU.patch of Package audit
From 4939b8541322cbf3a53affc28e71ce53d92f121f Mon Sep 17 00:00:00 2001 From: Steve Grubb <ausearch.1@gmail.com> Date: Fri, 3 May 2024 17:50:35 -0400 Subject: [PATCH] Cleanup code in LRU Dont dereference anything until after checking if the queue is not empty. Also, leave a note disputing static analysis thinking there is a use after free destroying the queue. Conflict:NA Reference:https://github.com/linux-audit/audit-userspace/commit/4939b8541322cbf3a53affc28e71ce53d92f121f --- auparse/lru.c | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/auparse/lru.c b/auparse/lru.c index 05c4088d..f30bcf41 100644 --- a/auparse/lru.c +++ b/auparse/lru.c @@ -116,6 +116,11 @@ static void destroy_queue(Queue *queue) dump_queue_stats(queue); #endif + // Some static analysis scanners try to flag this as a use after + // free accessing queue->end. This is a false positive. It is freed. + // However, static analysis apps are incapable of seeing that in + // remove_node, end is updated to a prior node as part of detaching + // the current end node. while (queue->count) dequeue(queue); @@ -252,34 +257,33 @@ out: sanity_check_queue(queue, "2 remove_node"); } -// Remove from the end of the queue +// Remove from the end of the queue static void dequeue(Queue *queue) { - QNode *temp = queue->end; - if (queue_is_empty(queue)) return; + QNode *temp = queue->end; remove_node(queue, queue->end); // if (queue->cleanup) // queue->cleanup(temp->str); free(temp->str); free(temp); - + // decrement the total of full slots by 1 queue->count--; } - + // Remove front of the queue because its a mismatch void lru_evict(Queue *queue, unsigned int key) { + if (queue_is_empty(queue)) + return; + Hash *hash = queue->hash; QNode *temp = queue->front; - if (queue_is_empty(queue)) - return; - hash->array[key] = NULL; remove_node(queue, queue->front); -- 2.33.0
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2