Skip to content

Commit 4823244

Browse files
author
Atsushi Abe
authored
Fix a crash at parsing an extended attribute (#341)
1 parent ba13511 commit 4823244

1 file changed

Lines changed: 40 additions & 35 deletions

File tree

src/libltfs/xml_reader_libltfs.c

Lines changed: 40 additions & 35 deletions
Original file line numberDiff line numberDiff line change
@@ -772,7 +772,7 @@ static int _xml_parse_extents(xmlTextReaderPtr reader, int idx_version, struct d
772772
static int _xml_parse_one_xattr(xmlTextReaderPtr reader, struct dentry *d)
773773
{
774774
char *xattr_type;
775-
struct xattr_info *xattr;
775+
struct xattr_info *xattr = NULL;
776776
declare_parser_vars("xattr");
777777
declare_tracking_arrays(2, 0);
778778

@@ -793,6 +793,7 @@ static int _xml_parse_one_xattr(xmlTextReaderPtr reader, struct dentry *d)
793793
if (ret < 0) {
794794
ltfsmsg(LTFS_WARN, 17269W, d->name.name);
795795
free(xattr);
796+
xattr = NULL;
796797
}
797798

798799
check_tag_end("key");
@@ -808,53 +809,57 @@ static int _xml_parse_one_xattr(xmlTextReaderPtr reader, struct dentry *d)
808809
}
809810

810811
check_empty();
811-
if (empty == 0) {
812-
ret = xml_scan_text(reader, &value);
813-
if (ret < 0) {
814-
free(xattr->key.name);
815-
free(xattr);
816-
return ret;
817-
}
818-
819-
if (! xattr_type || ! strcmp(xattr_type, "text")) {
820-
xattr->value = strdup(value);
821-
if (! xattr->value) {
822-
ltfsmsg(LTFS_ERR, 10001E, __FUNCTION__);
812+
if (xattr) {
813+
if (empty == 0) {
814+
ret = xml_scan_text(reader, &value);
815+
if (ret < 0) {
823816
free(xattr->key.name);
824817
free(xattr);
825-
return -LTFS_NO_MEMORY;
818+
return ret;
826819
}
827-
xattr->size = strlen(value);
828-
} else { /* base64 */
829-
xattr->size = base64_decode((const unsigned char *)value, strlen(value),
830-
(unsigned char **)(&xattr->value));
831-
if (xattr->size == 0) {
832-
ltfsmsg(LTFS_ERR, 17028E);
833-
free(xattr->key.name);
834-
free(xattr);
835-
return -LTFS_XML_XATTR_SIZE;
820+
821+
if (! xattr_type || ! strcmp(xattr_type, "text")) {
822+
xattr->value = strdup(value);
823+
if (! xattr->value) {
824+
ltfsmsg(LTFS_ERR, 10001E, __FUNCTION__);
825+
free(xattr->key.name);
826+
free(xattr);
827+
return -LTFS_NO_MEMORY;
828+
}
829+
xattr->size = strlen(value);
830+
} else { /* base64 */
831+
xattr->size = base64_decode((const unsigned char *)value, strlen(value),
832+
(unsigned char **)(&xattr->value));
833+
if (xattr->size == 0) {
834+
ltfsmsg(LTFS_ERR, 17028E);
835+
free(xattr->key.name);
836+
free(xattr);
837+
return -LTFS_XML_XATTR_SIZE;
838+
}
836839
}
840+
if (strlen(value) > 0)
841+
check_tag_end("value");
842+
} else {
843+
xattr->value = NULL;
844+
xattr->size = 0;
837845
}
838-
if (strlen(value) > 0)
839-
check_tag_end("value");
840-
} else {
841-
xattr->value = NULL;
842-
xattr->size = 0;
843846
}
844847
free(xattr_type);
845-
846848
} else
847849
ignore_unrecognized_tag();
848850
}
849851

850852
check_required_tags();
851-
TAILQ_INSERT_TAIL(&d->xattrlist, xattr, list);
852853

853-
if (!strcmp(xattr->key.name, "ltfs.vendor.IBM.immutable") && !strcmp(xattr->value, "1") ) {
854-
d->is_immutable = true;
855-
}
856-
if (!strcmp(xattr->key.name, "ltfs.vendor.IBM.appendonly") && !strcmp(xattr->value, "1") ) {
857-
d->is_appendonly = true;
854+
if (xattr) {
855+
TAILQ_INSERT_TAIL(&d->xattrlist, xattr, list);
856+
857+
if (!strcmp(xattr->key.name, "ltfs.vendor.IBM.immutable") && !strcmp(xattr->value, "1") ) {
858+
d->is_immutable = true;
859+
}
860+
if (!strcmp(xattr->key.name, "ltfs.vendor.IBM.appendonly") && !strcmp(xattr->value, "1") ) {
861+
d->is_appendonly = true;
862+
}
858863
}
859864

860865
return 0;

0 commit comments

Comments
 (0)