Chameleon Commit Details - 2121 - Chameleon open source boot loader project.

Date:

2012-11-14 11:14:45 (11 years 5 months ago)

Author:

armel cadet-petit

Commit:

2121

Parents:

2120

Message:

Security fixes

Changes:

M	/branches/cparm/i386/libsaio/device_tree.c
M	/branches/cparm/i386/modules/USBFix/usb.c
M	/branches/cparm/i386/libsaio/convert.c
M	/branches/cparm/i386/libsaio/hfs.c
M	/branches/cparm/i386/util/fdisk/disk.c
M	/branches/cparm/i386/libsaio/hfs_compare.c
M	/branches/cparm/i386/libsaio/fake_efi.c
M	/branches/cparm/i386/libsaio/device_inject.c
M	/branches/cparm/i386/util/fdisk/fdisk.c
M	/branches/cparm/i386/libsaio/CoreHash.c
M	/branches/cparm/i386/libsaio/ufs.c
M	/branches/cparm/i386/modules/HibernateEnabler/bmdecompress.c
M	/branches/cparm/i386/modules/KernelPatcher/kernel_patcher.c
M	/branches/cparm/i386/modules/GUI/picopng.c
M	/branches/cparm/i386/util/fdisk/user.c
M	/branches/cparm/i386/util/fdisk/mbr.c

File differences

-353
354 354
355 355
356 
357 
358 
359 
356
360 357
361 358
362 359
+            }␊
        }␊
        if (child == 0 && createIfMissing) {␊
            DPRINTF("Creating node\n");␊
            //char *str = malloc(strlen(nameBuf) + 1);␊
            // XXX this will leak␊
            //strcpy(str, nameBuf);␊
            DPRINTF("Creating node\n");     ␊
            ␊
            const char *str = newString(nameBuf);␊
            if (str) {␊
             }␊
         }␊
         if (child == 0 && createIfMissing) {␊
-            DPRINTF("Creating node\n");␊
-            //char *str = malloc(strlen(nameBuf) + 1);␊
-            // XXX this will leak␊
-            //strcpy(str, nameBuf);␊
+            DPRINTF("Creating node\n");     ␊
             ␊
             const char *str = newString(nameBuf);␊
             if (str) {␊

-339
340 340
341 341
342 
342
343 343
344 344
345 345
... ...
360 360
361 361
362 362
363 
363
364 364
365 365
366 366
... ...
368 368
369 369
370 370
371 
371
372 372
373 373
374 374
... ...
611 611
612 612
613 613
614
615
616
617
614 618
615 619
616 620
... ...
743 747
744 748
745 749
750
751
752
753
746 754
747 755
748 756
+        if ((dirFlags & kFileTypeMask) != kFileTypeUnknown) return -1;␊
    }␊
␉␊
    GetCatalogEntry(dirIndex, name, flags, time, finderInfo, infoValid);␊
    if (GetCatalogEntry(dirIndex, name, flags, time, finderInfo, infoValid) != 0) return -1;␊
    if (*dirIndex == 0) *dirIndex = -1;␊
    if ((*flags & kFileTypeMask) == kFileTypeUnknown) return -1;␊
␉␊

␉␊
    /* Fill some crucial data structures by side effect. */␊
    dirIndex = 0;␊
    HFSGetDirEntry(ih, "/", &dirIndex, &name, &flags, &time, 0, 0);␊
    if (HFSGetDirEntry(ih, "/", &dirIndex, &name, &flags, &time, 0, 0) != 0) return;␊
␉␊
    /* Now we can loook up the volume name node. */␊
    nodeSize = SWAP_BE16(gBTHeaders[kBTreeCatalog]->nodeSize);␊

␉␊
    dirIndex = (long long) firstLeafNode * nodeSize;␊
␉␊
    GetCatalogEntry(&dirIndex, &name, &flags, &time, 0, 0);␊
    if (GetCatalogEntry(&dirIndex, &name, &flags, &time, 0, 0) != 0) return;␊
␉␊
    strncpy(str, name, strMaxLen);␊
    str[strMaxLen] = '\0';␊

␉␊
    nodeSize = SWAP_BE16(gBTHeaders[kBTreeCatalog]->nodeSize);␊
    nodeBuf  = (char *)malloc(nodeSize);␊
␉if (!nodeBuf) ␊
␉{␊
␉␉return -1;␊
␉}␊
    node     = (BTNodeDescriptor *)nodeBuf;␊
␉␊
    index   = (long) (*dirIndex % nodeSize);␊

    curNode  = SWAP_BE32(gBTHeaders[btree]->rootNode);␊
    nodeSize = SWAP_BE16(gBTHeaders[btree]->nodeSize);␊
    nodeBuf  = (char *)malloc(nodeSize);␊
␉if (!nodeBuf) ␊
␉{␊
␉␉return -1;␊
␉}␊
    node     = (BTNodeDescriptor *)nodeBuf;␊
␉␊
    while (1) {␊
 ...
 ...
 ...
 ...
         if ((dirFlags & kFileTypeMask) != kFileTypeUnknown) return -1;␊
     }␊
 ␉␊
-    GetCatalogEntry(dirIndex, name, flags, time, finderInfo, infoValid);␊
+    if (GetCatalogEntry(dirIndex, name, flags, time, finderInfo, infoValid) != 0) return -1;␊
     if (*dirIndex == 0) *dirIndex = -1;␊
     if ((*flags & kFileTypeMask) == kFileTypeUnknown) return -1;␊
 ␉␊
 ␉␊
     /* Fill some crucial data structures by side effect. */␊
     dirIndex = 0;␊
-    HFSGetDirEntry(ih, "/", &dirIndex, &name, &flags, &time, 0, 0);␊
+    if (HFSGetDirEntry(ih, "/", &dirIndex, &name, &flags, &time, 0, 0) != 0) return;␊
 ␉␊
     /* Now we can loook up the volume name node. */␊
     nodeSize = SWAP_BE16(gBTHeaders[kBTreeCatalog]->nodeSize);␊
 ␉␊
     dirIndex = (long long) firstLeafNode * nodeSize;␊
 ␉␊
-    GetCatalogEntry(&dirIndex, &name, &flags, &time, 0, 0);␊
+    if (GetCatalogEntry(&dirIndex, &name, &flags, &time, 0, 0) != 0) return;␊
 ␉␊
     strncpy(str, name, strMaxLen);␊
     str[strMaxLen] = '\0';␊
 ␉␊
     nodeSize = SWAP_BE16(gBTHeaders[kBTreeCatalog]->nodeSize);␊
     nodeBuf  = (char *)malloc(nodeSize);␊
+␉if (!nodeBuf) ␊
+␉{␊
+␉␉return -1;␊
+␉}␊
     node     = (BTNodeDescriptor *)nodeBuf;␊
 ␉␊
     index   = (long) (*dirIndex % nodeSize);␊
     curNode  = SWAP_BE32(gBTHeaders[btree]->rootNode);␊
     nodeSize = SWAP_BE16(gBTHeaders[btree]->nodeSize);␊
     nodeBuf  = (char *)malloc(nodeSize);␊
+␉if (!nodeBuf) ␊
+␉{␊
+␉␉return -1;␊
+␉}␊
     node     = (BTNodeDescriptor *)nodeBuf;␊
 ␉␊
     while (1) {␊

-37
38 38
39 39
40
41
42
43
44
40 45
41 46
42 47
+UncompressStructure(struct compressed_block *bp, int count, int size)␊
{␊
    unsigned short *out = malloc(size);␊
␉if (!out) ␊
␉{␊
␉␉stop("UncompressStructure unable to allocate memory\n");␊
␉␉return 0;␊
␉}␊
    unsigned short *op = out;␊
    unsigned short data;␊
    int i, j;␊
 UncompressStructure(struct compressed_block *bp, int count, int size)␊
 {␊
     unsigned short *out = malloc(size);␊
+␉if (!out) ␊
+␉{␊
+␉␉stop("UncompressStructure unable to allocate memory\n");␊
+␉␉return 0;␊
+␉}␊
     unsigned short *op = out;␊
     unsigned short data;␊
     int i, j;␊

-168
169 169
170 170
171
171 172
172 173
173 174
+    gFragsPerBlock = gBlockSize / gFragSize;␊
    if (gTempBlock != 0) free(gTempBlock);␊
    gTempBlock = malloc(gBlockSize);␊
␉if (!gTempBlock) return -1;␊
    CacheInit(ih, gBlockSize);␊
␊
    gCurrentIH = ih;␊
     gFragsPerBlock = gBlockSize / gFragSize;␊
     if (gTempBlock != 0) free(gTempBlock);␊
     gTempBlock = malloc(gBlockSize);␊
+␉if (!gTempBlock) return -1;␊
     CacheInit(ih, gBlockSize);␊
 ␊
     gCurrentIH = ih;␊

-352
353 353
354 354
355 
355
356 356
357 357
358 358
... ...
372 372
373 373
374 374
375 
376 
377 
378 
379 
375
376
377
380 378
381 
382 
383 
379
380
381
382
383
384
385
384 386
385 
387
388
389
386 390
387 
391
388 392
389 393
390 394
+␉const char *val;␊
␉uint8_t *binStr;␊
    uint8_t *kbinStr;␊
    ␊
    EFI_STATUS ret = EFI_DEVICE_ERROR;␊
␉int cnt = 0, cnt2 = 0;␊
␉␊
␉static char DEVICE_PROPERTIES_PROP[] = "device-properties";␊

␉if (cnt > 1)␊
␉{␊
␉␉binStr = convertHexStr2Binary(val, &cnt2);␊
        ␊
        if (cnt2 > 0)␊
        {␊
            kbinStr = (uint8_t*)AllocateKernelMemory(cnt2);␊
␉␉␉if (kbinStr) ␊
        if (binStr) ␊
␉␉{␊
␉␉␉if (cnt2 > 0)␊
␉␉␉{␊
␉␉␉␉bcopy(binStr,kbinStr,cnt2);␊
␉␉␉␉DT__AddProperty(node, DEVICE_PROPERTIES_PROP, cnt2, kbinStr);␊
␉␉␉␉return EFI_SUCCESS;␊
␉␉␉␉kbinStr = (uint8_t*)AllocateKernelMemory(cnt2);␊
␉␉␉␉if (kbinStr) ␊
␉␉␉␉{␊
␉␉␉␉␉bcopy(binStr,kbinStr,cnt2);␊
␉␉␉␉␉DT__AddProperty(node, DEVICE_PROPERTIES_PROP, cnt2, kbinStr);␊
␉␉␉␉␉ret = EFI_SUCCESS;␊
␉␉␉␉}␊
␉␉␉}␊
        }␊
␉␉␉free(binStr);␊
␉␉}␊
        ␊
␉}␊
␉return EFI_DEVICE_ERROR;␊
␉return ret;␊
␊
}␊
␊
 ...
 ␉const char *val;␊
 ␉uint8_t *binStr;␊
     uint8_t *kbinStr;␊
-    ␊
+    EFI_STATUS ret = EFI_DEVICE_ERROR;␊
 ␉int cnt = 0, cnt2 = 0;␊
 ␉␊
 ␉static char DEVICE_PROPERTIES_PROP[] = "device-properties";␊
 ␉if (cnt > 1)␊
 ␉{␊
 ␉␉binStr = convertHexStr2Binary(val, &cnt2);␊
-        ␊
-        if (cnt2 > 0)␊
-        {␊
-            kbinStr = (uint8_t*)AllocateKernelMemory(cnt2);␊
-␉␉␉if (kbinStr) ␊
+        if (binStr) ␊
+␉␉{␊
+␉␉␉if (cnt2 > 0)␊
 ␉␉␉{␊
-␉␉␉␉bcopy(binStr,kbinStr,cnt2);␊
-␉␉␉␉DT__AddProperty(node, DEVICE_PROPERTIES_PROP, cnt2, kbinStr);␊
-␉␉␉␉return EFI_SUCCESS;␊
+␉␉␉␉kbinStr = (uint8_t*)AllocateKernelMemory(cnt2);␊
+␉␉␉␉if (kbinStr) ␊
+␉␉␉␉{␊
+␉␉␉␉␉bcopy(binStr,kbinStr,cnt2);␊
+␉␉␉␉␉DT__AddProperty(node, DEVICE_PROPERTIES_PROP, cnt2, kbinStr);␊
+␉␉␉␉␉ret = EFI_SUCCESS;␊
+␉␉␉␉}␊
 ␉␉␉}␊
-        }␊
+␉␉␉free(binStr);␊
+␉␉}␊
+        ␊
 ␉}␊
-␉return EFI_DEVICE_ERROR;␊
+␉return ret;␊
 ␊
 }␊
 ␊

-49
50 50
51 51
52 
52
53
54
55
56
53 57
54 58
55 59
+static void CopyVarPtr (struct env_struct *var, void* ptr, size_t size)␊
{␊
    var->ptr = malloc(size);␊
    memcpy(var->ptr, ptr, size);␊
␉if (var->ptr)␊
␉{␊
␉␉memcpy(var->ptr, ptr, size);␊
␊
␉}␊
}␊
␊
static struct env_struct *find_env(const char *name) {␊
 static void CopyVarPtr (struct env_struct *var, void* ptr, size_t size)␊
 {␊
     var->ptr = malloc(size);␊
-    memcpy(var->ptr, ptr, size);␊
+␉if (var->ptr)␊
+␉{␊
+␉␉memcpy(var->ptr, ptr, size);␊
+␊
+␉}␊
 }␊
 ␊
 static struct env_struct *find_env(const char *name) {␊

-93
94 94
95 95
96 
97 
98 
99 
96
100 97
101 98
102 99
... ...
132 129
133 130
134 131
135 
136 
137 
138 
139 
132
133
134
135
136
140 137
+    {␊
        // the resulting binary will be the half size of the input hex string␊
        binStr = malloc(len / 2);␊
        if (!binStr) {␊
            *outLength = 0;␊
            return NULL;␊
        }␊
        if (!binStr) goto out;␊
        binStrIdx = 0;␊
        hexNibbleIdx = 0;␊
        for (hexStrIdx = 0; hexStrIdx < len; hexStrIdx++)␊

        *outLength = binStrIdx;␊
        return binStr;␊
    }␊
    else␊
    {␊
        *outLength = 0;␊
        return NULL;␊
    }␊
    ␊
out:␊
␉*outLength = 0;    ␊
    return NULL;␊
    ␊
}
 ...
     {␊
         // the resulting binary will be the half size of the input hex string␊
         binStr = malloc(len / 2);␊
-        if (!binStr) {␊
-            *outLength = 0;␊
-            return NULL;␊
-        }␊
+        if (!binStr) goto out;␊
         binStrIdx = 0;␊
         hexNibbleIdx = 0;␊
         for (hexStrIdx = 0; hexStrIdx < len; hexStrIdx++)␊
         *outLength = binStrIdx;␊
         return binStr;␊
     }␊
-    else␊
-    {␊
-        *outLength = 0;␊
-        return NULL;␊
-    }␊
+    ␊
+out:␊
+␉*outLength = 0;    ␊
+    return NULL;␊
+    ␊
 }

-264
265 265
266 266
267 
268 
267
269 268
270 
271 
272 
269
273 270
274 
275 
276 
271
272
273
274
275
276
277
278
279
277 280
281
278 282
279 283
280 284
+␉␉if (cnt > 1)␊
␉␉{␊
␉␉␉binStr = convertHexStr2Binary(val, &cnt2);␊
␉␉␉␊
␉␉␉if (cnt2 > 0)␊
␉␉␉if (binStr) ␊
␉␉␉{␊
␉␉␉␉kbinStr = (uint8_t*)AllocateKernelMemory(cnt2);␊
␉␉␉␉␊
␉␉␉␉if (kbinStr)␊
␉␉␉␉if (cnt2 > 0)␊
␉␉␉␉{␊
␉␉␉␉␉bcopy(binStr,kbinStr,cnt2);␊
␉␉␉␉␉DT__AddProperty(node, DEVICE_PROPERTIES_PROP, cnt2, kbinStr);␊
␉␉␉␉}            ␊
␉␉␉␉␉kbinStr = (uint8_t*)AllocateKernelMemory(cnt2);␊
␉␉␉␉␉␊
␉␉␉␉␉if (kbinStr)␊
␉␉␉␉␉{␊
␉␉␉␉␉␉bcopy(binStr,kbinStr,cnt2);␊
␉␉␉␉␉␉DT__AddProperty(node, DEVICE_PROPERTIES_PROP, cnt2, kbinStr);␊
␉␉␉␉␉}            ␊
␉␉␉␉}␊
␉␉␉␉free(binStr);␊
␉␉␉}␊
␉␉␉␊
␉␉}␊
␉}␉␊
}␊
 ␉␉if (cnt > 1)␊
 ␉␉{␊
 ␉␉␉binStr = convertHexStr2Binary(val, &cnt2);␊
-␉␉␉␊
-␉␉␉if (cnt2 > 0)␊
+␉␉␉if (binStr) ␊
 ␉␉␉{␊
-␉␉␉␉kbinStr = (uint8_t*)AllocateKernelMemory(cnt2);␊
-␉␉␉␉␊
-␉␉␉␉if (kbinStr)␊
+␉␉␉␉if (cnt2 > 0)␊
 ␉␉␉␉{␊
-␉␉␉␉␉bcopy(binStr,kbinStr,cnt2);␊
-␉␉␉␉␉DT__AddProperty(node, DEVICE_PROPERTIES_PROP, cnt2, kbinStr);␊
-␉␉␉␉}            ␊
+␉␉␉␉␉kbinStr = (uint8_t*)AllocateKernelMemory(cnt2);␊
+␉␉␉␉␉␊
+␉␉␉␉␉if (kbinStr)␊
+␉␉␉␉␉{␊
+␉␉␉␉␉␉bcopy(binStr,kbinStr,cnt2);␊
+␉␉␉␉␉␉DT__AddProperty(node, DEVICE_PROPERTIES_PROP, cnt2, kbinStr);␊
+␉␉␉␉␉}            ␊
+␉␉␉␉}␊
+␉␉␉␉free(binStr);␊
 ␉␉␉}␊
+␉␉␉␊
 ␉␉}␊
 ␉}␉␊
 }␊

-73
74 74
75 75
76
76 77
77 78
78 79
... ...
104 105
105 106
106 107
108
107 109
108 110
109 111
... ...
1347 1349
1348 1350
1349 1351
1352
1353
1354
1355
1350 1356
1351 1357
1352 1358
... ...
1365 1371
1366 1372
1367 1373
1374
1375
1376
1377
1378
1368 1379
1369 1380
1370 1381
... ...
1397 1408
1398 1409
1399 1410
1411
1412
1413
1414
1415
1400 1416
1401 1417
1402 1418
+␉if (png_alloc_find_node(addr))␊
␉␉return;␊
␉node = malloc(sizeof (png_alloc_node_t));␊
␉if (!node) return;␊
␉node->addr = addr;␊
␉node->size = size;␊
␉node->prev = png_alloc_tail;␊

void *png_alloc_malloc(size_t size)␊
{␊
␉void *addr = malloc(size);␊
␉if (!addr) return NULL;␊
␉png_alloc_add_node(addr, size);␊
␉return addr;␊
}␊

        goto failed;␊
    }␊
    pngData = malloc(pngSize);␊
␉if (!pngData) {␊
␉␉error = -1;␊
        goto failed;␊
␉}␊
    if (read(pngFile, (char *) pngData, pngSize) != pngSize) {␊
        error = -1;␊
        goto failed;␊

        goto failed;␊
    }␊
␉uint8_t *result = malloc(info->width*4*info->height);␊
␉if (!result) ␊
␉{␊
␉␉error = -1;␊
        goto failed;␊
␉}␊
    *width = info->width;␊
    *height = info->height;␊
␉memcpy(result, info->image->data, info->width*4*info->height);␊

        goto failed;␊
    }␊
␉uint8_t *result = malloc(info->width*4*info->height);␊
␉if (!result) ␊
␉{␊
␉␉error = -1;␊
        goto failed;␊
␉}␊
␉*width = info->width;␊
    *height = info->height;␊
␉memcpy(result, info->image->data, info->width*4*info->height);␊
 ...
 ...
 ...
 ...
 ␉if (png_alloc_find_node(addr))␊
 ␉␉return;␊
 ␉node = malloc(sizeof (png_alloc_node_t));␊
+␉if (!node) return;␊
 ␉node->addr = addr;␊
 ␉node->size = size;␊
 ␉node->prev = png_alloc_tail;␊
 void *png_alloc_malloc(size_t size)␊
 {␊
 ␉void *addr = malloc(size);␊
+␉if (!addr) return NULL;␊
 ␉png_alloc_add_node(addr, size);␊
 ␉return addr;␊
 }␊
         goto failed;␊
     }␊
     pngData = malloc(pngSize);␊
+␉if (!pngData) {␊
+␉␉error = -1;␊
+        goto failed;␊
+␉}␊
     if (read(pngFile, (char *) pngData, pngSize) != pngSize) {␊
         error = -1;␊
         goto failed;␊
         goto failed;␊
     }␊
 ␉uint8_t *result = malloc(info->width*4*info->height);␊
+␉if (!result) ␊
+␉{␊
+␉␉error = -1;␊
+        goto failed;␊
+␉}␊
     *width = info->width;␊
     *height = info->height;␊
 ␉memcpy(result, info->image->data, info->width*4*info->height);␊
         goto failed;␊
     }␊
 ␉uint8_t *result = malloc(info->width*4*info->height);␊
+␉if (!result) ␊
+␉{␊
+␉␉error = -1;␊
+        goto failed;␊
+␉}␊
 ␉*width = info->width;␊
     *height = info->height;␊
 ␉memcpy(result, info->image->data, info->width*4*info->height);␊

-129
130 130
131 131
132
133
132 134
133 135
134 136
... ...
139 141
140 142
141 143
144
145
146
142 147
143 148
144 149
... ...
153 158
154 159
155 160
161
156 162
157 163
158 164
... ...
166 172
167 173
168 174
175
176
169 177
170 178
171 179
+␉if(patches == NULL)␊
␉{␊
␉␉patches = entry = malloc(sizeof(patchRoutine_t));␊
␉␉␊
␉␉if (!entry || !patches) return;␊
␉}␊
␉else␊
␉{␊

␉␉}␊
␉␉␊
␉␉entry->next = malloc(sizeof(patchRoutine_t));␊
␉␉␊
␉␉if (!entry) return;␊
␉␉␊
␉␉entry = entry->next;␊
␉}␊
␉␊

␉if(kernelSymbols == NULL)␊
␉{␊
␉␉kernelSymbols = malloc(sizeof(kernSymbols_t));␊
␉␉if (!kernelSymbols) return;␊
␉␉kernelSymbols->next = NULL;␊
␉␉kernelSymbols->symbol = (char*)name;␊
␉␉kernelSymbols->addr = 0;␊

␉␉}␊
␉␉␊
␉␉symbol->next = malloc(sizeof(kernSymbols_t));␊
␉␉if (!symbol->next) return;␊
␊
␉␉symbol = symbol->next;␊
␊
␉␉symbol->next = NULL;␊
 ...
 ...
 ...
 ␉if(patches == NULL)␊
 ␉{␊
 ␉␉patches = entry = malloc(sizeof(patchRoutine_t));␊
+␉␉␊
+␉␉if (!entry || !patches) return;␊
 ␉}␊
 ␉else␊
 ␉{␊
 ␉␉}␊
 ␉␉␊
 ␉␉entry->next = malloc(sizeof(patchRoutine_t));␊
+␉␉␊
+␉␉if (!entry) return;␊
+␉␉␊
 ␉␉entry = entry->next;␊
 ␉}␊
 ␉␊
 ␉if(kernelSymbols == NULL)␊
 ␉{␊
 ␉␉kernelSymbols = malloc(sizeof(kernSymbols_t));␊
+␉␉if (!kernelSymbols) return;␊
 ␉␉kernelSymbols->next = NULL;␊
 ␉␉kernelSymbols->symbol = (char*)name;␊
 ␉␉kernelSymbols->addr = 0;␊
 ␉␉}␊
 ␉␉␊
 ␉␉symbol->next = malloc(sizeof(kernSymbols_t));␊
+␉␉if (!symbol->next) return;␊
+␊
 ␉␉symbol = symbol->next;␊
 ␊
 ␉␉symbol->next = NULL;␊

-46
47 47
48 48
49
50
51
49 52
50 53
51 54
... ...
147 150
148 151
149 152
153
154
155
156
150 157
151 158
152 159
+    uint16_t * sc1 = malloc((width+2) * sizeof(uint16_t));␊
    uint16_t * sc2 = malloc((width+2) * sizeof(uint16_t));␊
    uint16_t * sc3 = malloc((width+2) * sizeof(uint16_t));␊
␉␊
␉if (!sc0 || !sc1 || !sc2 || !sc3) return;␊
␉␊
    uint32_t   sr0, sr1, sr2, sr3;␊
    ␊
    bzero(sc0, (width+2) * sizeof(uint16_t));␊

    uint16_t * sc1 = malloc((width+2) * sizeof(uint16_t));␊
    uint16_t * sc2 = malloc((width+2) * sizeof(uint16_t));␊
    uint16_t * sc3 = malloc((width+2) * sizeof(uint16_t));␊
␉␊
␉if (!sc0 || !sc1 || !sc2 || !sc3) return;␊
␊
␉␊
    uint32_t   sr0, sr1, sr2, sr3;␊
    ␊
    bzero(sc0, (width+2) * sizeof(uint16_t));␊
 ...
     uint16_t * sc1 = malloc((width+2) * sizeof(uint16_t));␊
     uint16_t * sc2 = malloc((width+2) * sizeof(uint16_t));␊
     uint16_t * sc3 = malloc((width+2) * sizeof(uint16_t));␊
+␉␊
+␉if (!sc0 || !sc1 || !sc2 || !sc3) return;␊
+␉␊
     uint32_t   sr0, sr1, sr2, sr3;␊
     ␊
     bzero(sc0, (width+2) * sizeof(uint16_t));␊
     uint16_t * sc1 = malloc((width+2) * sizeof(uint16_t));␊
     uint16_t * sc2 = malloc((width+2) * sizeof(uint16_t));␊
     uint16_t * sc3 = malloc((width+2) * sizeof(uint16_t));␊
+␉␊
+␉if (!sc0 || !sc1 || !sc2 || !sc3) return;␊
+␊
+␉␊
     uint32_t   sr0, sr1, sr2, sr3;␊
     ␊
     bzero(sc0, (width+2) * sizeof(uint16_t));␊

-57
58 58
59 59
60 
60
61 61
62 62
63 63
+␉␉␉current = current->next;␊
␉␉}␊
␉␉current->next = (struct pciList*)malloc(sizeof(struct pciList));␊
        if (!current) {␊
        if (!current->next) {␊
            return;␊
        }␊
␉␉current = current->next;␊
 ␉␉␉current = current->next;␊
 ␉␉}␊
 ␉␉current->next = (struct pciList*)malloc(sizeof(struct pciList));␊
-        if (!current) {␊
+        if (!current->next) {␊
             return;␊
         }␊
 ␉␉current = current->next;␊

-239
240 240
241 241
242
243
244
242 245
243 246
244 247
... ...
259 262
260 263
261 264
265
262 266
263 267
264 268
+␉}␊
␊
␉mbr_binary = (char *)malloc(MBR_CODE_SIZE);␊
␉if (!mbr_binary) errx(1, "out of memory");␊
␊
␉␊
␉if ((fd = open(mbrfile, O_RDONLY)) == -1) {␊
␉  warn("could not open MBR file %s", mbrfile);␊
␉  bzero(mbr_binary, MBR_CODE_SIZE);␊

␉} else if (i_flag) {␊
␉  /* If they didn't specify -a, they'll get the default auto style */␊
␉  mp = MBR_alloc(NULL);␊
␉  if (!mp) errx(1, "out of memory");␊
␉  if (AUTO_init(&disk, auto_style, mp) != AUTO_OK) {␊
␉    errx(1, "error initializing disk");␊
␉  }␊
 ...
 ␉}␊
 ␊
 ␉mbr_binary = (char *)malloc(MBR_CODE_SIZE);␊
+␉if (!mbr_binary) errx(1, "out of memory");␊
+␊
+␉␊
 ␉if ((fd = open(mbrfile, O_RDONLY)) == -1) {␊
 ␉  warn("could not open MBR file %s", mbrfile);␊
 ␉  bzero(mbr_binary, MBR_CODE_SIZE);␊
 ␉} else if (i_flag) {␊
 ␉  /* If they didn't specify -a, they'll get the default auto style */␊
 ␉  mp = MBR_alloc(NULL);␊
+␉  if (!mp) errx(1, "out of memory");␊
 ␉  if (AUTO_init(&disk, auto_style, mp) != AUTO_OK) {␊
 ␉    errx(1, "error initializing disk");␊
 ␉  }␊

-156
157 157
158 158
159
159 160
161
162
160 163
161 164
162 165
... ...
256 259
257 260
258 261
262
263
259 264
260 265
261 266
+␊
␉/* Read MBR & partition */␊
␉mbr = MBR_alloc(NULL);␊
␉if (!mbr) errx(1, "out of memory");␊
␉fd = DISK_open(disk->name, O_RDONLY);␊
␉if (fd == -1) ␊
␉␉err(1, "Could not open %s", disk->name);␊
␉MBR_read(disk, fd, offset, mbr);␊
␉DISK_close(fd);␊
␊

␉mbr_t *mbr;␊
␊
␉fd = DISK_open(disk->name, O_RDONLY);␊
␉if (fd == -1) ␊
␉␉err(1, "Could not open %s", disk->name);␊
␉/*offset = firstoff = 0;*/␊
␊
␉if (!do_dump)␊
 ...
 ␊
 ␉/* Read MBR & partition */␊
 ␉mbr = MBR_alloc(NULL);␊
+␉if (!mbr) errx(1, "out of memory");␊
 ␉fd = DISK_open(disk->name, O_RDONLY);␊
+␉if (fd == -1) ␊
+␉␉err(1, "Could not open %s", disk->name);␊
 ␉MBR_read(disk, fd, offset, mbr);␊
 ␉DISK_close(fd);␊
 ␊
 ␉mbr_t *mbr;␊
 ␊
 ␉fd = DISK_open(disk->name, O_RDONLY);␊
+␉if (fd == -1) ␊
+␉␉err(1, "Could not open %s", disk->name);␊
 ␉/*offset = firstoff = 0;*/␊
 ␊
 ␉if (!do_dump)␊

-237
238 238
239 239
240
240 241
242
243
241 244
242 245
243 246
... ...
393 396
394 397
395 398
399
396 400
397 401
398 402
... ...
446 450
447 451
448 452
453
449 454
450 455
451 456
... ...
475 480
476 481
477 482
483
484
478 485
479 486
480 487
488
481 489
482 490
483 491
... ...
511 519
512 520
513 521
522
523
514 524
515 525
516 526
+␉mbr_t *mbrd;␊
␉␊
␉mbrd = MBR_alloc(NULL);␊
␉if (!mbr) errx(1, "out of memory");␊
␉fd = DISK_open(disk->name, O_RDONLY);␊
␉if (fd == -1) ␊
␉␉err(1, "Could not open %s", disk->name);␊
␉MBR_read(disk, fd, offset, mbrd);␊
␉DISK_close(fd);␊
␉MBR_parse(disk, offset, reloff, mbrd);␊

␊
␉if (mbr == NULL) {␊
␉    mbr = MBR_alloc(prev_mbr);␊
␉␉if (!mbr) errx(1, "out of memory");␊
␉    if (head == NULL)␊
␉␉head = mbr;␊
␉}␊

MBR_alloc(mbr_t *parent)␊
{␊
  mbr_t *mbr = (mbr_t *)malloc(sizeof(mbr_t));␊
  if (!mbr) return NULL;␊
  bzero(mbr, sizeof(mbr_t));␊
  if (parent) {␊
    parent->next = mbr;␊

  int i, fd, offset, firstoff;␊
␊
  fd = DISK_open(disk->name, O_RDONLY);␊
  if (fd == -1) ␊
␉␉err(1, "Could not open %s", disk->name);␊
  firstoff = offset = 0;␊
  do {␊
    mbr = MBR_alloc(mbr);␊
␉if (!mbr) errx(1, "out of memory");␊
    if (head == NULL) {␊
      head = mbr;␊
    }␊

  int fd;␊
␊
  fd = DISK_open(disk->name, O_RDWR);␊
  if (fd == -1) ␊
␉␉err(1, "Could not open %s", disk->name);␊
  while (mbr) {␊
    MBR_make(mbr);␊
    result = MBR_write(disk, fd, mbr);␊
 ...
 ...
 ...
 ...
 ␉mbr_t *mbrd;␊
 ␉␊
 ␉mbrd = MBR_alloc(NULL);␊
+␉if (!mbr) errx(1, "out of memory");␊
 ␉fd = DISK_open(disk->name, O_RDONLY);␊
+␉if (fd == -1) ␊
+␉␉err(1, "Could not open %s", disk->name);␊
 ␉MBR_read(disk, fd, offset, mbrd);␊
 ␉DISK_close(fd);␊
 ␉MBR_parse(disk, offset, reloff, mbrd);␊
 ␊
 ␉if (mbr == NULL) {␊
 ␉    mbr = MBR_alloc(prev_mbr);␊
+␉␉if (!mbr) errx(1, "out of memory");␊
 ␉    if (head == NULL)␊
 ␉␉head = mbr;␊
 ␉}␊
 MBR_alloc(mbr_t *parent)␊
 {␊
   mbr_t *mbr = (mbr_t *)malloc(sizeof(mbr_t));␊
+  if (!mbr) return NULL;␊
   bzero(mbr, sizeof(mbr_t));␊
   if (parent) {␊
     parent->next = mbr;␊
   int i, fd, offset, firstoff;␊
 ␊
   fd = DISK_open(disk->name, O_RDONLY);␊
+  if (fd == -1) ␊
+␉␉err(1, "Could not open %s", disk->name);␊
   firstoff = offset = 0;␊
   do {␊
     mbr = MBR_alloc(mbr);␊
+␉if (!mbr) errx(1, "out of memory");␊
     if (head == NULL) {␊
       head = mbr;␊
     }␊
   int fd;␊
 ␊
   fd = DISK_open(disk->name, O_RDWR);␊
+  if (fd == -1) ␊
+␉␉err(1, "Could not open %s", disk->name);␊
   while (mbr) {␊
     MBR_make(mbr);␊
     result = MBR_write(disk, fd, mbr);␊

-167
168 168
169 169
170 
170
171
172
173
171 174
172 175
173 176
+␉/* Get label metrics */␊
␉if ((fd = DISK_open(name, O_RDONLY)) != -1) {␊
␉␉lm = malloc(sizeof(DISK_metrics));␊
␊
␉␉if (!lm) {␊
␉␉␉err(1, "DISK_getlabelmetrics: Could not allocate memory");␊
␉␉␉return NULL;␊
␉␉}␊
␉␉if (fstat(fd, &st) == -1)␊
␉␉  err(1, "%s", name);␊
␉␉if (!S_ISREG(st.st_mode) || S_ISBLK(st.st_mode)) {␊
 ␉/* Get label metrics */␊
 ␉if ((fd = DISK_open(name, O_RDONLY)) != -1) {␊
 ␉␉lm = malloc(sizeof(DISK_metrics));␊
-␊
+␉␉if (!lm) {␊
+␉␉␉err(1, "DISK_getlabelmetrics: Could not allocate memory");␊
+␉␉␉return NULL;␊
+␉␉}␊
 ␉␉if (fstat(fd, &st) == -1)␊
 ␉␉  err(1, "%s", name);␊
 ␉␉if (!S_ISREG(st.st_mode) || S_ISBLK(st.st_mode)) {␊

Download the corresponding diff file