svn commit: r357859 - head/usr.sbin/sesutil

[Alan Somers]

Author: asomers
Date: Thu Feb 13 15:28:56 2020
New Revision: 357859
URL: https://svnweb.freebsd.org/changeset/base/357859

Log:
  sesutil: fix Coverity CIDs
  
  * 1411604: file descriptor leak
  * 1411586: memory leaks, null dereference on ENOMEM
  
  Reported by:	Coverity Scan
  Coverity CIDs:	1411604, 1411586
  Reviewed by:	trasz
  MFC after:	2 weeks
  Sponsored by:	Axcient
  Differential Revision:	https://reviews.freebsd.org/D23651

Modified:
  head/usr.sbin/sesutil/sesutil.c

Modified: head/usr.sbin/sesutil/sesutil.c
==============================================================================
--- head/usr.sbin/sesutil/sesutil.c	Thu Feb 13 15:14:46 2020	(r357858)
+++ head/usr.sbin/sesutil/sesutil.c	Thu Feb 13 15:28:56 2020	(r357859)
@@ -570,17 +570,17 @@ fetch_device_details(char *devnames, char **model, cha
 {
 	char ident[DISK_IDENT_SIZE];
 	struct diocgattr_arg arg;
-	char *device, *tmp;
+	char *tmp;
 	off_t mediasize;
+	int comma;
 	int fd;
 
-	tmp = strdup(devnames);
+	comma = (int)strcspn(devnames, ",");
+	asprintf(&tmp, "/dev/%.*s", comma, devnames);
 	if (tmp == NULL)
-		err(1, "strdup");
-
-	device = strsep(&tmp, ",");
-	asprintf(&tmp, "/dev/%s", device);
+		err(1, "asprintf");
 	fd = open(tmp, O_RDONLY);
+	free(tmp);
 	if (fd < 0) {
 		/*
 		 * This can happen with a disk so broken it cannot
@@ -589,6 +589,7 @@ fetch_device_details(char *devnames, char **model, cha
 		*model = strdup("?");
 		*serial = strdup("?");
 		*size = -1;
+		close(fd);
 		return;
 	}
 
@@ -608,6 +609,7 @@ fetch_device_details(char *devnames, char **model, cha
 		*size = mediasize;
 	else
 		*size = -1;
+	close(fd);
 }
 
 static void