Code reviews

- Use fstat() and fchmod() but not stat() and chmod() to fix race conditions - Avoid to use after free - Fix dereference of IBusComposeTable->priv - Fix to divide by zero
author: fujiwarat <takao.fujiwara1@gmail.com> 2021-07-26 22:53:34 +0900
committer: fujiwarat <takao.fujiwara1@gmail.com> 2021-07-26 22:53:34 +0900
commit: 17ae266cade41e795534532acefc85716bb309ef (patch)
tree: e682002a665d45c9e971cecb95a29d26f744cf30
parent: 4259f16324d578aa2505cf50f2f23923d8d87e76 (diff)
download: ibus-17ae266cade41e795534532acefc85716bb309ef.tar.gz
3 files changed, 27 insertions, 10 deletions
diff --git a/src/ibusbus.c b/src/ibusbus.c
index e9b0bcbb..47400cb8 100644
--- a/src/ibusbus.c
+++ b/src/ibusbus.c
@@ -21,13 +21,14 @@
  * USA
  */
 
-#include "ibusbus.h"
 #include <errno.h>
+#include <fcntl.h>
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <unistd.h>
 #include <glib/gstdio.h>
 #include <gio/gio.h>
+#include "ibusbus.h"
 #include "ibusmarshalers.h"
 #include "ibusinternal.h"
 #include "ibusshare.h"
@@ -537,7 +538,8 @@ static void
 ibus_bus_init (IBusBus *bus)
 {
     struct stat buf;
-    gchar *path;
+    char *path;
+    int fd;
 
     bus->priv = IBUS_BUS_GET_PRIVATE (bus);
 
@@ -562,20 +564,31 @@ ibus_bus_init (IBusBus *bus)
         return;
     }
 
-    if (stat (path, &buf) == 0) {
+    errno = 0;
+    if ((fd = open (path, O_RDONLY | O_DIRECTORY, S_IRWXU)) == -1) {
+        g_warning ("open %s failed: %s", path, g_strerror (errno));
+        g_free (path);
+        return;
+    }
+    /* TOCTOU: Use fstat() and fchmod() but not stat() and chmod().
+     * because it can cause a time-of-check, time-of-use race condition.
+     */
+    if (fstat (fd, &buf) == 0) {
         if (buf.st_uid != getuid ()) {
             g_warning ("The owner of %s is not %s!",
                        path, ibus_get_user_name ());
+            close (fd);
             g_free (path);
             return;
         }
         if (buf.st_mode != (S_IFDIR | S_IRWXU)) {
             errno = 0;
-            if (g_chmod (path, 0700))
-                g_warning ("chmod failed: %s", errno ? g_strerror (errno) : "");
+            if (fchmod (fd, S_IRWXU))
+                g_warning ("chmod failed: %s", g_strerror (errno));
         }
     }
 
+    close (fd);
     g_free (path);
 }
 
diff --git a/src/ibuscomposetable.c b/src/ibuscomposetable.c
index 2ad21551..a0b0befc 100644
--- a/src/ibuscomposetable.c
+++ b/src/ibuscomposetable.c
@@ -406,7 +406,7 @@ get_en_compose_file (void)
         path = g_build_filename (X11_DATADIR, *sys_lang, "Compose", NULL);
         if (g_file_test (path, G_FILE_TEST_EXISTS))
             break;
-        g_free (path);
+        g_clear_pointer (&path, g_free);
     }
     return path;
 }
@@ -975,7 +975,10 @@ ibus_compose_table_deserialize (const char *contents,
         goto out_load_cache;
     }
     if (data_length) {
-        retval->priv = g_new0 (IBusComposeTablePrivate, 1);
+        if (!(retval->priv = g_new0 (IBusComposeTablePrivate, 1))) {
+            g_warning ("Failed g_new");
+            goto out_load_cache;
+        }
         retval->priv->data_first = g_new (guint16, data_length);
         memcpy (retval->priv->data_first,
                 data_32bit_first, data_length * sizeof (guint16));
@@ -1565,6 +1568,7 @@ ibus_compose_table_compact_check (const IBusComposeTableCompactEx
             row_stride = i + 2;
 
             if (seq_index[i + 1] - seq_index[i] > 0) {
+                g_assert (row_stride);
                 seq = bsearch (compose_buffer + 1,
                                table->data + seq_index[i],
                                (seq_index[i + 1] - seq_index[i]) / row_stride,
diff --git a/src/tests/ibus-desktop-testing-runner.in b/src/tests/ibus-desktop-testing-runner.in
index 0ef72c03..c1016703 100755
--- a/src/tests/ibus-desktop-testing-runner.in
+++ b/src/tests/ibus-desktop-testing-runner.in
@@ -220,7 +220,7 @@ init_gnome()
     # G_MESSAGES_DEBUG=all or G_MESSAGES_DEBUG=GLib-GIO-DEBUG would append
     # debug messages to gsettings output and could not get the result correctly.
     backup_G_MESSAGES_DEBUG="$G_MESSAGES_DEBUG"
-    export -n G_MESSAGES_DEBUG=''
+    unset G_MESSAGES_DEBUG
     # Disable Tour dialog to get focus
     V=`gsettings get org.gnome.shell welcome-dialog-last-shown-version`
     if [ x"$V" = x"''" ] ; then
@@ -231,8 +231,8 @@ init_gnome()
     NO_SYS_DIR=/usr/share/gnome-shell/extensions/no-overview@fthx
     NO_USER_DIR=$HOME/.local/share/gnome-shell/extensions/no-overview@fthx
     if [ ! -d $NO_SYS_DIR ] && [ ! -d $NO_USER_DIR ] ; then
-        mkdir -p `dirname $NO_USER_DIR`
-        cp -R no-overview@fthx `dirname $NO_USER_DIR`
+        mkdir -p "`dirname $NO_USER_DIR`"
+        cp -R "no-overview@fthx" "`dirname $NO_USER_DIR`"
     fi
     V=`gsettings get org.gnome.shell disable-user-extensions`
     if [ x"$V" = x"true" ] ; then
author	fujiwarat <takao.fujiwara1@gmail.com>	2021-07-26 22:53:34 +0900
committer	fujiwarat <takao.fujiwara1@gmail.com>	2021-07-26 22:53:34 +0900
commit	17ae266cade41e795534532acefc85716bb309ef (patch)
tree	e682002a665d45c9e971cecb95a29d26f744cf30
parent	4259f16324d578aa2505cf50f2f23923d8d87e76 (diff)
download	ibus-17ae266cade41e795534532acefc85716bb309ef.tar.gz