impala-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Henry Robinson (Code Review)" <ger...@cloudera.org>
Subject [Impala-ASF-CR] IMPALA-5132: Fix ASAN use after free in timezone db
Date Tue, 28 Mar 2017 22:25:07 GMT
Henry Robinson has posted comments on this change.

Change subject: IMPALA-5132: Fix ASAN use after free in timezone_db
......................................................................


Patch Set 1:

(2 comments)

http://gerrit.cloudera.org:8080/#/c/6503/1/be/src/exprs/timezone_db.cc
File be/src/exprs/timezone_db.cc:

PS1, Line 676: char *filestr = strdup(path.string().c_str());
given the leak(s) below, how about something managed by the stack:

  string path = boost::filesystem::....string();
  vector<char> filestr(path.c_str(), path.c_str() + path.length() + 1);

  mkstemp(filestr.data());

http://man7.org/linux/man-pages/man3/mkstemp.3.html suggests that mkstemp *will* edit the
string in place.


PS1, Line 687: return
this would leak filestr.


-- 
To view, visit http://gerrit.cloudera.org:8080/6503
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: I490f741403ea2004bc51394aa1251577337b1e1d
Gerrit-PatchSet: 1
Gerrit-Project: Impala-ASF
Gerrit-Branch: master
Gerrit-Owner: Zach Amsden <zamsden@cloudera.com>
Gerrit-Reviewer: Bharath Vissapragada <bharathv@cloudera.com>
Gerrit-Reviewer: Henry Robinson <henry@cloudera.com>
Gerrit-Reviewer: Lars Volker <lv@cloudera.com>
Gerrit-HasComments: Yes

Mime
View raw message