I reviewed servicelog git version 4cb0d4987ad00d4b0d5359ddb495fd20fcd7e01a;
this shouldn't be considered a full security audit.
- main() in log_repair_action.c doesn't check fread() error returns, a
zero return could cause out-of-buffer write
- main() in log_repair_action.c doesn't check strdup() error returns
- main() in log_repair_action.c uses popen("date ..."), is this ever
called from other programs? It's fine if it's just for administrators,
but if other tools can use it, it ought to be fixed.
Cases of "assuming the error":
- main() in log_repair_action.c, stat() error can happen for more reasons
than just ENOENT
- main() in log_repair_action.c, S_IXUSR test does not match execve() tests
Slightly odd:
- main() in log_repair_action.c suggests to mail support when a wrong
option is provided, rather than just print the usage.
I reviewed servicelog git version 4cb0d4987ad00d4 b0d5359ddb495fd 20fcd7e01a;
this shouldn't be considered a full security audit.
- main() in log_repair_action.c doesn't check fread() error returns, a
zero return could cause out-of-buffer write
- main() in log_repair_action.c doesn't check strdup() error returns
- main() in log_repair_action.c uses popen("date ..."), is this ever
called from other programs? It's fine if it's just for administrators,
but if other tools can use it, it ought to be fixed.
Cases of "assuming the error": action. c, stat() error can happen for more reasons action. c, S_IXUSR test does not match execve() tests
- main() in log_repair_
than just ENOENT
- main() in log_repair_
Slightly odd:
- main() in log_repair_action.c suggests to mail support when a wrong
option is provided, rather than just print the usage.
Thanks