On Wed, Aug 17, 2011 at 04:54:56PM +0200, Lukas Fleischer wrote:
Avoid invoking unlink() with a NULL path if the URL isn't to a file and we fail to create a temporary file.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> --- lib/libalpm/dload.c | 4 +++- 1 files changed, 3 insertions(+), 1 deletions(-)
Note that this still isn't fixed with the latest refactoring (not sure if 9f139550 was supposed to fix this). If we fail to create a temporary file (around line 224), tempfile still points to NULL and the unlink() invocation might result in a segfault. Can you outline *exactly* what needs to happen for this case to take
On Thu, Aug 18, 2011 at 2:13 AM, Lukas Fleischer <archlinux@cryptocrack.de> wrote: place? I'm not seeing it, or at least I don't think your case is when it would happen. If the STRDUP() into tempfile fails, we return -1 on the spot and don't continue any further. If on the other hand, ret stays at its default -1, payload->allow_resume is 0 (making should_unlink 1), and we goto cleanup before tempfile has been allocated, this could be a problem. Hoewver, I see no code path where this is possible. -Dan