From 3c7ccf15c787dc25a1f5c0d781aac4d32430f5c7 Mon Sep 17 00:00:00 2001
From: Konrad Witaszczyk <def@FreeBSD.org>
Date: Sat, 4 Feb 2017 14:10:16 +0000
Subject: Fix bugs found by Coverity in decryptcore(8) and savecore(8): -
 Perform final decryption and write decrypted data in case of non-block
 aligned input data; - Use strlcpy(3) instead of strncpy(3) to verify if paths
 aren't too long; - Check errno after calling unlink(2) instead of calling
 stat(2) in order to verify if a decrypted core was created by a child
 process; - Free dumpkey.

Reported by:	Coverity, cem, pfg
Suggested by:	cem
CID:		1366936, 1366942, 1366951, 1366952
Approved by:	pjd (mentor)
---
 sbin/savecore/savecore.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'sbin/savecore/savecore.c')

diff --git a/sbin/savecore/savecore.c b/sbin/savecore/savecore.c
index b07e7e1e018c..a85adc62e9e9 100644
--- a/sbin/savecore/savecore.c
+++ b/sbin/savecore/savecore.c
@@ -478,6 +478,7 @@ DoFile(const char *savedir, const char *device)
 	bool isencrypted, ret;
 
 	bounds = getbounds();
+	dumpkey = NULL;
 	mediasize = 0;
 	status = STATUS_UNKNOWN;
 
@@ -816,6 +817,7 @@ nuke:
 	}
 	xo_close_container_h(xostdout, "crashdump");
 	xo_finish_h(xostdout);
+	free(dumpkey);
 	free(temp);
 	close(fd);
 	return;
@@ -824,6 +826,7 @@ closeall:
 	fclose(fp);
 
 closefd:
+	free(dumpkey);
 	free(temp);
 	close(fd);
 }
-- 
cgit v1.2.3