Bug Summary

File:wsutil/ws_pipe.c
Warning:line 651, column 18
Potential leak of memory pointed to by 'argv'

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple x86_64-pc-linux-gnu -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name ws_pipe.c -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 2 -fhalf-no-semantic-interposition -fno-delete-null-pointer-checks -mframe-pointer=all -relaxed-aliasing -fmath-errno -ffp-contract=on -fno-rounding-math -ffloat16-excess-precision=fast -fbfloat16-excess-precision=fast -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fdebug-compilation-dir=/builds/wireshark/wireshark/build -fcoverage-compilation-dir=/builds/wireshark/wireshark/build -resource-dir /usr/lib/llvm-21/lib/clang/21 -isystem /usr/include/glib-2.0 -isystem /usr/lib/x86_64-linux-gnu/glib-2.0/include -D BUILD_WSUTIL -D G_DISABLE_DEPRECATED -D G_DISABLE_SINGLE_INCLUDES -D WS_BUILD_DLL -D WS_DEBUG -D WS_DEBUG_UTF_8 -D wsutil_EXPORTS -I /builds/wireshark/wireshark/build -I /builds/wireshark/wireshark -I /builds/wireshark/wireshark/include -I /builds/wireshark/wireshark/build/wsutil -D _GLIBCXX_ASSERTIONS -internal-isystem /usr/lib/llvm-21/lib/clang/21/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/14/../../../../x86_64-linux-gnu/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -fmacro-prefix-map=/builds/wireshark/wireshark/= -fmacro-prefix-map=/builds/wireshark/wireshark/build/= -fmacro-prefix-map=../= -Wno-format-nonliteral -std=gnu11 -ferror-limit 19 -fvisibility=hidden -fwrapv -fwrapv-pointer -fstrict-flex-arrays=3 -stack-protector 2 -fstack-clash-protection -fcf-protection=full -fgnuc-version=4.2.1 -fskip-odr-check-in-gmf -fexceptions -fcolor-diagnostics -analyzer-output=html -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /builds/wireshark/wireshark/sbout/2025-12-13-100343-3573-1 -x c /builds/wireshark/wireshark/wsutil/ws_pipe.c
1/* ws_pipe.c
2 *
3 * Routines for handling pipes.
4 *
5 * Wireshark - Network traffic analyzer
6 * By Gerald Combs <[email protected]>
7 * Copyright 1998 Gerald Combs
8 *
9 * SPDX-License-Identifier: GPL-2.0-or-later
10 */
11
12#include <config.h>
13#define WS_LOG_DOMAIN"Capture" LOG_DOMAIN_CAPTURE"Capture"
14#include "wsutil/ws_pipe.h"
15
16#include <stdio.h>
17#include <stdlib.h>
18#include <string.h>
19
20#ifdef _WIN32
21#include <windows.h>
22#include <io.h>
23#include <fcntl.h> /* for _O_BINARY */
24#include <wsutil/win32-utils.h>
25#else
26#include <unistd.h>
27#ifdef HAVE_SYS_SELECT_H
28#include <sys/select.h>
29#endif
30#endif
31
32#if !GLIB_CHECK_VERSION(2, 58, 2)(2 > (2) || (2 == (2) && 80 > (58)) || (2 == (2
) && 80 == (58) && 0 >= (2)))
33#ifdef __linux__1
34#define HAS_G_SPAWN_LINUX_THREAD_SAFETY_BUG
35#include <fcntl.h>
36#include <sys/syscall.h> /* for syscall and SYS_getdents64 */
37#include <wsutil/file_util.h> /* for ws_open -> open to pacify checkAPIs.pl */
38#endif
39#endif
40
41#include "wsutil/filesystem.h"
42#include "wsutil/wslog.h"
43
44#ifdef HAS_G_SPAWN_LINUX_THREAD_SAFETY_BUG
45struct linux_dirent64 {
46 uint64_t d_ino; /* 64-bit inode number */
47 uint64_t d_off; /* 64-bit offset to next structure */
48 unsigned short d_reclen; /* Size of this dirent */
49 unsigned char d_type; /* File type */
50 char d_name[]; /* Filename (null-terminated) */
51};
52
53/* Async-signal-safe string to integer conversion. */
54static int
55filename_to_fd(const char *p)
56{
57 char c;
58 int fd = 0;
59 const int cutoff = INT_MAX2147483647 / 10;
60 const int cutlim = INT_MAX2147483647 % 10;
61
62 if (*p == '\0')
63 return -1;
64
65 while ((c = *p++) != '\0') {
66 if (!g_ascii_isdigit(c)((g_ascii_table[(guchar) (c)] & G_ASCII_DIGIT) != 0))
67 return -1;
68 c -= '0';
69
70 /* Check for overflow. */
71 if (fd > cutoff || (fd == cutoff && c > cutlim))
72 return -1;
73
74 fd = fd * 10 + c;
75 }
76
77 return fd;
78}
79
80static void
81close_non_standard_fds_linux(void * user_data _U___attribute__((unused)))
82{
83 /*
84 * GLib 2.14.2 and newer (up to at least GLib 2.58.1) on Linux with multiple
85 * threads can deadlock in the child process due to use of opendir (which
86 * is not async-signal-safe). To avoid this, disable the broken code path
87 * and manually close file descriptors using async-signal-safe code only.
88 * Use CLOEXEC to allow reporting of execve errors to the parent via a pipe.
89 * https://gitlab.gnome.org/GNOME/glib/issues/1014
90 * https://gitlab.gnome.org/GNOME/glib/merge_requests/490
91 */
92 int dir_fd = ws_open("/proc/self/fd", O_RDONLY | O_DIRECTORY);
93 if (dir_fd >= 0) {
94 char buf[4096];
95 int nread, fd;
96 struct linux_dirent64 *de;
97
98 while ((nread = (int) syscall(SYS_getdents64, dir_fd, buf, sizeof(buf))) > 0) {
99 for (int pos = 0; pos < nread; pos += de->d_reclen) {
100 de = (struct linux_dirent64 *)(buf + pos);
101 fd = filename_to_fd(de->d_name);
102 if (fd > STDERR_FILENO2 && fd != dir_fd) {
103 /* Close all other (valid) file descriptors above stderr. */
104 fcntl(fd, F_SETFD, FD_CLOEXEC);
105 }
106 }
107 }
108
109 close(dir_fd);
110 } else {
111 /* Slow fallback in case /proc is not mounted */
112 for (int fd = STDERR_FILENO2 + 1; fd < getdtablesize(); fd++) {
113 fcntl(fd, F_SETFD, FD_CLOEXEC);
114 }
115 }
116}
117#endif
118
119#ifdef _WIN32
120static ULONG pipe_serial_number;
121
122/* Alternative for CreatePipe() where read handle is opened with FILE_FLAG_OVERLAPPED */
123static bool_Bool
124ws_pipe_create_overlapped_read(HANDLE *read_pipe_handle, HANDLE *write_pipe_handle,
125 SECURITY_ATTRIBUTES *sa, DWORD suggested_buffer_size)
126{
127 HANDLE read_pipe, write_pipe;
128 char *name = ws_strdup_printf("\\\\.\\Pipe\\WiresharkWsPipe.%08lx.%08lx",wmem_strdup_printf(((void*)0), "\\\\.\\Pipe\\WiresharkWsPipe.%08lx.%08lx"
, GetCurrentProcessId(), InterlockedIncrement((LONG*)&pipe_serial_number
))
129 GetCurrentProcessId(),wmem_strdup_printf(((void*)0), "\\\\.\\Pipe\\WiresharkWsPipe.%08lx.%08lx"
, GetCurrentProcessId(), InterlockedIncrement((LONG*)&pipe_serial_number
))
130 InterlockedIncrement((LONG*)&pipe_serial_number))wmem_strdup_printf(((void*)0), "\\\\.\\Pipe\\WiresharkWsPipe.%08lx.%08lx"
, GetCurrentProcessId(), InterlockedIncrement((LONG*)&pipe_serial_number
));
131 gunichar2 *wname = g_utf8_to_utf16(name, -1, NULL((void*)0), NULL((void*)0), NULL((void*)0));
132
133 g_free(name);
134
135 read_pipe = CreateNamedPipe(wname, PIPE_ACCESS_INBOUND | FILE_FLAG_OVERLAPPED,
136 PIPE_TYPE_BYTE | PIPE_WAIT, 1,
137 suggested_buffer_size, suggested_buffer_size,
138 0, sa);
139 if (INVALID_HANDLE_VALUE == read_pipe)
140 {
141 g_free(wname);
142 return false0;
143 }
144
145 write_pipe = CreateFile(wname, GENERIC_WRITE, 0, sa, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL((void*)0));
146 if (INVALID_HANDLE_VALUE == write_pipe)
147 {
148 DWORD error = GetLastError();
149 CloseHandle(read_pipe);
150 SetLastError(error);
151 g_free(wname);
152 return false0;
153 }
154
155 *read_pipe_handle = read_pipe;
156 *write_pipe_handle = write_pipe;
157 g_free(wname);
158 return true1;
159}
160#endif
161
162/**
163 * Helper to convert a command and argument list to an NULL-terminated 'argv'
164 * array, suitable for g_spawn_sync and friends. Free with g_strfreev.
165 */
166static char **
167convert_to_argv(const char *command, unsigned args_count, char *const *args)
168{
169 char **argv = g_new(char *, (size_t)args_count + 2)((char * *) g_malloc_n (((size_t)args_count + 2), sizeof (char
*)));
10
Memory is allocated
170 // The caller does not seem to modify this, but g_spawn_sync uses 'char **'
171 // as opposed to 'const char **', so just to be sure clone it.
172 argv[0] = g_strdup(command)g_strdup_inline (command);
173 for (unsigned i = 0; i < args_count; i++) {
11
Assuming 'i' is >= 'args_count'
12
Loop condition is false. Execution continues on line 183
174 // Empty arguments may indicate a bug in Wireshark. Extcap for example
175 // omits arguments when their string value is empty. On Windows, empty
176 // arguments would silently be ignored because protect_arg returns an
177 // empty string, therefore we print a warning here.
178 if (!*args[i]) {
179 ws_warning("Empty argument %u in arguments list", i)do { if (1) { ws_log_full("Capture", LOG_LEVEL_WARNING, "wsutil/ws_pipe.c"
, 179, __func__, "Empty argument %u in arguments list", i); }
} while (0);
180 }
181 argv[1 + i] = g_strdup(args[i])g_strdup_inline (args[i]);
182 }
183 argv[args_count + 1] = NULL((void*)0);
184 return argv;
185}
186
187/**
188 * Convert a non-empty NULL-terminated array of command and arguments to a
189 * string for displaying purposes. On Windows, the returned string is properly
190 * escaped and can be executed directly.
191 */
192static char *
193convert_to_command_line(char **argv)
194{
195 GString *command_line = g_string_sized_new(200);
196#ifdef _WIN32
197 // The first argument must always be quoted even if it does not contain
198 // special characters or else CreateProcess might consider arguments as part
199 // of the executable.
200 char *quoted_arg = protect_arg(argv[0]);
201 if (quoted_arg[0] != '"') {
202 g_string_append_c(command_line, '"')g_string_append_c_inline (command_line, '"');
203 g_string_append(command_line, quoted_arg)(__builtin_constant_p (quoted_arg) ? __extension__ ({ const char
* const __val = (quoted_arg); g_string_append_len_inline (command_line
, __val, (__val != ((void*)0)) ? (gssize) strlen (((__val) + !
(__val))) : (gssize) -1); }) : g_string_append_len_inline (command_line
, quoted_arg, (gssize) -1));
204 g_string_append_c(command_line, '"')g_string_append_c_inline (command_line, '"');
205 } else {
206 g_string_append(command_line, quoted_arg)(__builtin_constant_p (quoted_arg) ? __extension__ ({ const char
* const __val = (quoted_arg); g_string_append_len_inline (command_line
, __val, (__val != ((void*)0)) ? (gssize) strlen (((__val) + !
(__val))) : (gssize) -1); }) : g_string_append_len_inline (command_line
, quoted_arg, (gssize) -1));
207 }
208 g_free(quoted_arg);
209
210 for (int i = 1; argv[i]; i++) {
211 quoted_arg = protect_arg(argv[i]);
212 g_string_append_c(command_line, ' ')g_string_append_c_inline (command_line, ' ');
213 g_string_append(command_line, quoted_arg)(__builtin_constant_p (quoted_arg) ? __extension__ ({ const char
* const __val = (quoted_arg); g_string_append_len_inline (command_line
, __val, (__val != ((void*)0)) ? (gssize) strlen (((__val) + !
(__val))) : (gssize) -1); }) : g_string_append_len_inline (command_line
, quoted_arg, (gssize) -1));
214 g_free(quoted_arg);
215 }
216#else
217 for (int i = 0; argv[i]; i++) {
218 char *quoted_arg = g_shell_quote(argv[i]);
219 if (i != 0) {
220 g_string_append_c(command_line, ' ')g_string_append_c_inline (command_line, ' ');
221 }
222 g_string_append(command_line, quoted_arg)(__builtin_constant_p (quoted_arg) ? __extension__ ({ const char
* const __val = (quoted_arg); g_string_append_len_inline (command_line
, __val, (__val != ((void*)0)) ? (gssize) strlen (((__val) + !
(__val))) : (gssize) -1); }) : g_string_append_len_inline (command_line
, quoted_arg, (gssize) -1));
223 g_free(quoted_arg);
224 }
225#endif
226 return g_string_free(command_line, FALSE)(__builtin_constant_p ((0)) ? (((0)) ? (g_string_free) ((command_line
), ((0))) : g_string_free_and_steal (command_line)) : (g_string_free
) ((command_line), ((0))));
15
Loop condition is false. Execution continues on line 226
16
'?' condition is false
17
Returning without deallocating memory or storing the pointer for later deallocation
227}
228
229bool_Bool ws_pipe_spawn_sync(const char *working_directory, const char *command, unsigned argc, char **args, char **command_output)
230{
231 bool_Bool status = false0;
232 bool_Bool result = false0;
233 char *local_output = NULL((void*)0);
234#ifdef _WIN32
235
236#define BUFFER_SIZE 16384
237
238 STARTUPINFO info;
239 PROCESS_INFORMATION processInfo;
240
241 SECURITY_ATTRIBUTES sa;
242 HANDLE child_stdout_rd = NULL((void*)0);
243 HANDLE child_stdout_wr = NULL((void*)0);
244 HANDLE child_stderr_rd = NULL((void*)0);
245 HANDLE child_stderr_wr = NULL((void*)0);
246 HANDLE inherit_handles[2];
247
248 OVERLAPPED stdout_overlapped;
249 OVERLAPPED stderr_overlapped;
250#else
251 int exit_status = 0;
252#endif
253
254 char **argv = convert_to_argv(command, argc, args);
255 char *command_line = convert_to_command_line(argv);
256
257 ws_debug("command line: %s", command_line)do { if (1) { ws_log_full("Capture", LOG_LEVEL_DEBUG, "wsutil/ws_pipe.c"
, 257, __func__, "command line: %s", command_line); } } while
(0);
258
259 int64_t start_time = g_get_monotonic_time();
260
261#ifdef _WIN32
262 /* Setup overlapped structures. Create Manual Reset events, initially not signalled */
263 memset(&stdout_overlapped, 0, sizeof(OVERLAPPED));
264 memset(&stderr_overlapped, 0, sizeof(OVERLAPPED));
265 stdout_overlapped.hEvent = CreateEvent(NULL((void*)0), true1, false0, NULL((void*)0));
266 if (!stdout_overlapped.hEvent)
267 {
268 g_free(command_line);
269 g_strfreev(argv);
270 ws_debug("Could not create stdout overlapped event")do { if (1) { ws_log_full("Capture", LOG_LEVEL_DEBUG, "wsutil/ws_pipe.c"
, 270, __func__, "Could not create stdout overlapped event");
} } while (0);
271 return false0;
272 }
273 stderr_overlapped.hEvent = CreateEvent(NULL((void*)0), true1, false0, NULL((void*)0));
274 if (!stderr_overlapped.hEvent)
275 {
276 CloseHandle(stdout_overlapped.hEvent);
277 g_free(command_line);
278 g_strfreev(argv);
279 ws_debug("Could not create stderr overlapped event")do { if (1) { ws_log_full("Capture", LOG_LEVEL_DEBUG, "wsutil/ws_pipe.c"
, 279, __func__, "Could not create stderr overlapped event");
} } while (0);
280 return false0;
281 }
282
283 memset(&sa, 0, sizeof(SECURITY_ATTRIBUTES));
284 sa.nLength = sizeof(SECURITY_ATTRIBUTES);
285 sa.bInheritHandle = false0;
286 sa.lpSecurityDescriptor = NULL((void*)0);
287
288 if (!ws_pipe_create_overlapped_read(&child_stdout_rd, &child_stdout_wr, &sa, 0))
289 {
290 CloseHandle(stdout_overlapped.hEvent);
291 CloseHandle(stderr_overlapped.hEvent);
292 g_free(command_line);
293 g_strfreev(argv);
294 ws_debug("Could not create stdout handle")do { if (1) { ws_log_full("Capture", LOG_LEVEL_DEBUG, "wsutil/ws_pipe.c"
, 294, __func__, "Could not create stdout handle"); } } while
(0);
295 return false0;
296 }
297
298 if (!ws_pipe_create_overlapped_read(&child_stderr_rd, &child_stderr_wr, &sa, 0))
299 {
300 CloseHandle(stdout_overlapped.hEvent);
301 CloseHandle(stderr_overlapped.hEvent);
302 CloseHandle(child_stdout_rd);
303 CloseHandle(child_stdout_wr);
304 g_free(command_line);
305 g_strfreev(argv);
306 ws_debug("Could not create stderr handle")do { if (1) { ws_log_full("Capture", LOG_LEVEL_DEBUG, "wsutil/ws_pipe.c"
, 306, __func__, "Could not create stderr handle"); } } while
(0);
307 return false0;
308 }
309
310 inherit_handles[0] = child_stderr_wr;
311 inherit_handles[1] = child_stdout_wr;
312
313 memset(&processInfo, 0, sizeof(PROCESS_INFORMATION));
314 memset(&info, 0, sizeof(STARTUPINFO));
315
316 info.cb = sizeof(STARTUPINFO);
317 info.hStdError = child_stderr_wr;
318 info.hStdOutput = child_stdout_wr;
319 info.dwFlags = STARTF_USESTDHANDLES | STARTF_USESHOWWINDOW;
320 info.wShowWindow = SW_HIDE;
321
322 if (win32_create_process(NULL((void*)0), command_line, NULL((void*)0), NULL((void*)0), G_N_ELEMENTS(inherit_handles)(sizeof (inherit_handles) / sizeof ((inherit_handles)[0])), inherit_handles,
323 CREATE_NEW_CONSOLE, NULL((void*)0), working_directory, &info, &processInfo))
324 {
325 char* stdout_buffer = (char*)g_malloc(BUFFER_SIZE);
326 char* stderr_buffer = (char*)g_malloc(BUFFER_SIZE);
327 DWORD dw;
328 DWORD bytes_read;
329 GString *output_string = g_string_new(NULL((void*)0));
330 bool_Bool process_finished = false0;
331 bool_Bool pending_stdout = true1;
332 bool_Bool pending_stderr = true1;
333
334 /* Start asynchronous reads from child process stdout and stderr */
335 if (!ReadFile(child_stdout_rd, stdout_buffer, BUFFER_SIZE, NULL((void*)0), &stdout_overlapped))
336 {
337 if (GetLastError() != ERROR_IO_PENDING)
338 {
339 ws_debug("ReadFile on child stdout pipe failed. Error %ld", GetLastError())do { if (1) { ws_log_full("Capture", LOG_LEVEL_DEBUG, "wsutil/ws_pipe.c"
, 339, __func__, "ReadFile on child stdout pipe failed. Error %ld"
, GetLastError()); } } while (0);
340 pending_stdout = false0;
341 }
342 }
343
344 if (!ReadFile(child_stderr_rd, stderr_buffer, BUFFER_SIZE, NULL((void*)0), &stderr_overlapped))
345 {
346 if (GetLastError() != ERROR_IO_PENDING)
347 {
348 ws_debug("ReadFile on child stderr pipe failed. Error %ld", GetLastError())do { if (1) { ws_log_full("Capture", LOG_LEVEL_DEBUG, "wsutil/ws_pipe.c"
, 348, __func__, "ReadFile on child stderr pipe failed. Error %ld"
, GetLastError()); } } while (0);
349 pending_stderr = false0;
350 }
351 }
352
353 for (;;)
354 {
355 HANDLE handles[3];
356 DWORD n_handles = 0;
357 if (!process_finished)
358 {
359 handles[n_handles++] = processInfo.hProcess;
360 }
361 if (pending_stdout)
362 {
363 handles[n_handles++] = stdout_overlapped.hEvent;
364 }
365 if (pending_stderr)
366 {
367 handles[n_handles++] = stderr_overlapped.hEvent;
368 }
369
370 if (!n_handles)
371 {
372 /* No more things to wait */
373 break;
374 }
375
376 dw = WaitForMultipleObjects(n_handles, handles, false0, INFINITE);
377 if (dw < (WAIT_OBJECT_0 + n_handles))
378 {
379 int i = dw - WAIT_OBJECT_0;
380 if (handles[i] == processInfo.hProcess)
381 {
382 /* Process finished but there might still be unread data in the pipe.
383 * Close the write pipes, so ReadFile does not wait indefinitely.
384 */
385 CloseHandle(child_stdout_wr);
386 CloseHandle(child_stderr_wr);
387 process_finished = true1;
388 }
389 else if (handles[i] == stdout_overlapped.hEvent)
390 {
391 bytes_read = 0;
392 if (!GetOverlappedResult(child_stdout_rd, &stdout_overlapped, &bytes_read, true1))
393 {
394 if (GetLastError() == ERROR_BROKEN_PIPE)
395 {
396 pending_stdout = false0;
397 continue;
398 }
399 ws_debug("GetOverlappedResult on stdout failed. Error %ld", GetLastError())do { if (1) { ws_log_full("Capture", LOG_LEVEL_DEBUG, "wsutil/ws_pipe.c"
, 399, __func__, "GetOverlappedResult on stdout failed. Error %ld"
, GetLastError()); } } while (0);
400 }
401 if (process_finished && (bytes_read == 0))
402 {
403 /* We have drained the pipe and there isn't any process that holds active write handle to the pipe. */
404 pending_stdout = false0;
405 continue;
406 }
407 g_string_append_len(output_string, stdout_buffer, bytes_read)g_string_append_len_inline (output_string, stdout_buffer, bytes_read
);
408 if (!ReadFile(child_stdout_rd, stdout_buffer, BUFFER_SIZE, NULL((void*)0), &stdout_overlapped))
409 {
410 if (GetLastError() != ERROR_IO_PENDING)
411 {
412 ws_debug("ReadFile on child stdout pipe failed. Error %ld", GetLastError())do { if (1) { ws_log_full("Capture", LOG_LEVEL_DEBUG, "wsutil/ws_pipe.c"
, 412, __func__, "ReadFile on child stdout pipe failed. Error %ld"
, GetLastError()); } } while (0);
413 pending_stdout = false0;
414 }
415 }
416 }
417 else if (handles[i] == stderr_overlapped.hEvent)
418 {
419 /* Discard the stderr data just like non-windows version of this function does. */
420 bytes_read = 0;
421 if (!GetOverlappedResult(child_stderr_rd, &stderr_overlapped, &bytes_read, true1))
422 {
423 if (GetLastError() == ERROR_BROKEN_PIPE)
424 {
425 pending_stderr = false0;
426 continue;
427 }
428 ws_debug("GetOverlappedResult on stderr failed. Error %ld", GetLastError())do { if (1) { ws_log_full("Capture", LOG_LEVEL_DEBUG, "wsutil/ws_pipe.c"
, 428, __func__, "GetOverlappedResult on stderr failed. Error %ld"
, GetLastError()); } } while (0);
429 }
430 if (process_finished && (bytes_read == 0))
431 {
432 pending_stderr = false0;
433 continue;
434 }
435 if (!ReadFile(child_stderr_rd, stderr_buffer, BUFFER_SIZE, NULL((void*)0), &stderr_overlapped))
436 {
437 if (GetLastError() != ERROR_IO_PENDING)
438 {
439 ws_debug("ReadFile on child stderr pipe failed. Error %ld", GetLastError())do { if (1) { ws_log_full("Capture", LOG_LEVEL_DEBUG, "wsutil/ws_pipe.c"
, 439, __func__, "ReadFile on child stderr pipe failed. Error %ld"
, GetLastError()); } } while (0);
440 pending_stderr = false0;
441 }
442 }
443 }
444 }
445 else
446 {
447 ws_debug("WaitForMultipleObjects returned 0x%08lX. Error %ld", dw, GetLastError())do { if (1) { ws_log_full("Capture", LOG_LEVEL_DEBUG, "wsutil/ws_pipe.c"
, 447, __func__, "WaitForMultipleObjects returned 0x%08lX. Error %ld"
, dw, GetLastError()); } } while (0);
448 }
449 }
450
451 g_free(stdout_buffer);
452 g_free(stderr_buffer);
453
454 status = GetExitCodeProcess(processInfo.hProcess, &dw);
455 if (status && dw != 0)
456 {
457 status = false0;
458 }
459
460 local_output = g_string_free(output_string, FALSE)(__builtin_constant_p ((0)) ? (((0)) ? (g_string_free) ((output_string
), ((0))) : g_string_free_and_steal (output_string)) : (g_string_free
) ((output_string), ((0))));
461
462 CloseHandle(child_stdout_rd);
463 CloseHandle(child_stderr_rd);
464
465 CloseHandle(processInfo.hProcess);
466 CloseHandle(processInfo.hThread);
467 }
468 else
469 {
470 status = false0;
471
472 CloseHandle(child_stdout_rd);
473 CloseHandle(child_stdout_wr);
474 CloseHandle(child_stderr_rd);
475 CloseHandle(child_stderr_wr);
476 }
477
478 CloseHandle(stdout_overlapped.hEvent);
479 CloseHandle(stderr_overlapped.hEvent);
480#else
481
482 GSpawnFlags flags = (GSpawnFlags)0;
483 GSpawnChildSetupFunc child_setup = NULL((void*)0);
484#ifdef HAS_G_SPAWN_LINUX_THREAD_SAFETY_BUG
485 flags = (GSpawnFlags)(flags | G_SPAWN_LEAVE_DESCRIPTORS_OPEN);
486 child_setup = close_non_standard_fds_linux;
487#endif
488 status = g_spawn_sync(working_directory, argv, NULL((void*)0),
489 flags, child_setup, NULL((void*)0), &local_output, NULL((void*)0), &exit_status, NULL((void*)0));
490
491 if (status && exit_status != 0)
492 status = false0;
493#endif
494
495 ws_debug("%s finished in %.3fms", argv[0], (g_get_monotonic_time() - start_time) / 1000.0)do { if (1) { ws_log_full("Capture", LOG_LEVEL_DEBUG, "wsutil/ws_pipe.c"
, 495, __func__, "%s finished in %.3fms", argv[0], (g_get_monotonic_time
() - start_time) / 1000.0); } } while (0);
496
497 if (status)
498 {
499 if (local_output != NULL((void*)0)) {
500 ws_noisy("spawn output: %s", local_output)do { if (1) { ws_log_full("Capture", LOG_LEVEL_NOISY, "wsutil/ws_pipe.c"
, 500, __func__, "spawn output: %s", local_output); } } while
(0);
501 if (command_output != NULL((void*)0))
502 *command_output = g_strdup(local_output)g_strdup_inline (local_output);
503 }
504 result = true1;
505 }
506
507 g_free(local_output);
508 g_free(command_line);
509 g_strfreev(argv);
510
511 return result;
512}
513
514void ws_pipe_init(ws_pipe_t *ws_pipe)
515{
516 if (!ws_pipe) return;
517 memset(ws_pipe, 0, sizeof(ws_pipe_t));
518 ws_pipe->pid = WS_INVALID_PID-1;
519}
520
521GPid ws_pipe_spawn_async(ws_pipe_t *ws_pipe, GPtrArray *args)
522{
523 GPid pid = WS_INVALID_PID-1;
524 int stdin_fd, stdout_fd, stderr_fd;
525#ifdef _WIN32
526 STARTUPINFO info;
527 PROCESS_INFORMATION processInfo;
528
529 SECURITY_ATTRIBUTES sa;
530 HANDLE child_stdin_rd = NULL((void*)0);
531 HANDLE child_stdin_wr = NULL((void*)0);
532 HANDLE child_stdout_rd = NULL((void*)0);
533 HANDLE child_stdout_wr = NULL((void*)0);
534 HANDLE child_stderr_rd = NULL((void*)0);
535 HANDLE child_stderr_wr = NULL((void*)0);
536 HANDLE inherit_handles[3];
537#endif
538
539 // XXX harmonize handling of command arguments for the sync/async functions
540 // and make them const? This array ends with a trailing NULL by the way.
541 char **args_array = (char **)args->pdata;
542
543 // args must include command itself
544 ws_return_val_if(args->len < 1, WS_INVALID_PID)do { if (1 && (args->len < 1)) { ws_log_full("InvalidArg"
, LOG_LEVEL_WARNING, "wsutil/ws_pipe.c", 544, __func__, "invalid argument: %s"
, "args->len < 1"); return (-1); } } while (0);
1
Assuming field 'len' is >= 1
2
Taking false branch
545 ws_return_val_if(!args_array[0], WS_INVALID_PID)do { if (1 && (!args_array[0])) { ws_log_full("InvalidArg"
, LOG_LEVEL_WARNING, "wsutil/ws_pipe.c", 545, __func__, "invalid argument: %s"
, "!args_array[0]"); return (-1); } } while (0);
3
Loop condition is false. Exiting loop
4
Assuming the condition is false
5
Taking false branch
6
Loop condition is false. Exiting loop
546
547 unsigned args_count = args->len - 2;
548 if (args_array[args->len - 1] != NULL((void*)0)) {
7
Assuming the condition is false
8
Taking false branch
549 ws_warning("args should be NULL-terminated")do { if (1) { ws_log_full("Capture", LOG_LEVEL_WARNING, "wsutil/ws_pipe.c"
, 549, __func__, "args should be NULL-terminated"); } } while
(0);
550 args_count = args->len - 1;
551 }
552 char **argv = convert_to_argv(args_array[0], args_count, args_array + 1);
9
Calling 'convert_to_argv'
13
Returned allocated memory
553 char *command_line = convert_to_command_line(argv);
14
Calling 'convert_to_command_line'
18
Returning from 'convert_to_command_line'
554
555 ws_debug("command line: %s", command_line)do { if (1) { ws_log_full("Capture", LOG_LEVEL_DEBUG, "wsutil/ws_pipe.c"
, 555, __func__, "command line: %s", command_line); } } while
(0);
19
Taking true branch
20
Loop condition is false. Exiting loop
556
557#ifdef _WIN32
558 sa.nLength = sizeof(SECURITY_ATTRIBUTES);
559 sa.bInheritHandle = false0;
560 sa.lpSecurityDescriptor = NULL((void*)0);
561
562 if (!CreatePipe(&child_stdin_rd, &child_stdin_wr, &sa, 0))
563 {
564 g_free(command_line);
565 g_strfreev(argv);
566 ws_debug("Could not create stdin handle")do { if (1) { ws_log_full("Capture", LOG_LEVEL_DEBUG, "wsutil/ws_pipe.c"
, 566, __func__, "Could not create stdin handle"); } } while (
0);
567 return WS_INVALID_PID-1;
568 }
569
570 if (!CreatePipe(&child_stdout_rd, &child_stdout_wr, &sa, 0))
571 {
572 CloseHandle(child_stdin_rd);
573 CloseHandle(child_stdin_wr);
574 g_free(command_line);
575 g_strfreev(argv);
576 ws_debug("Could not create stdout handle")do { if (1) { ws_log_full("Capture", LOG_LEVEL_DEBUG, "wsutil/ws_pipe.c"
, 576, __func__, "Could not create stdout handle"); } } while
(0);
577 return WS_INVALID_PID-1;
578 }
579
580 if (!CreatePipe(&child_stderr_rd, &child_stderr_wr, &sa, 0))
581 {
582 CloseHandle(child_stdin_rd);
583 CloseHandle(child_stdin_wr);
584 CloseHandle(child_stdout_rd);
585 CloseHandle(child_stdout_wr);
586 g_free(command_line);
587 g_strfreev(argv);
588 ws_debug("Could not create stderr handle")do { if (1) { ws_log_full("Capture", LOG_LEVEL_DEBUG, "wsutil/ws_pipe.c"
, 588, __func__, "Could not create stderr handle"); } } while
(0);
589 return WS_INVALID_PID-1;
590 }
591
592 inherit_handles[0] = child_stdin_rd;
593 inherit_handles[1] = child_stderr_wr;
594 inherit_handles[2] = child_stdout_wr;
595
596 memset(&processInfo, 0, sizeof(PROCESS_INFORMATION));
597 memset(&info, 0, sizeof(STARTUPINFO));
598
599 info.cb = sizeof(STARTUPINFO);
600 info.hStdInput = child_stdin_rd;
601 info.hStdError = child_stderr_wr;
602 info.hStdOutput = child_stdout_wr;
603 info.dwFlags = STARTF_USESTDHANDLES | STARTF_USESHOWWINDOW;
604 info.wShowWindow = SW_HIDE;
605
606 if (win32_create_process(NULL((void*)0), command_line, NULL((void*)0), NULL((void*)0), G_N_ELEMENTS(inherit_handles)(sizeof (inherit_handles) / sizeof ((inherit_handles)[0])), inherit_handles,
607 CREATE_NEW_CONSOLE, NULL((void*)0), NULL((void*)0), &info, &processInfo))
608 {
609 stdin_fd = _open_osfhandle((intptr_t)(child_stdin_wr), _O_BINARY);
610 stdout_fd = _open_osfhandle((intptr_t)(child_stdout_rd), _O_BINARY);
611 stderr_fd = _open_osfhandle((intptr_t)(child_stderr_rd), _O_BINARY);
612 pid = processInfo.hProcess;
613 CloseHandle(processInfo.hThread);
614 }
615 else
616 {
617 CloseHandle(child_stdin_wr);
618 CloseHandle(child_stdout_rd);
619 CloseHandle(child_stderr_rd);
620 }
621
622 /* We no longer need other (child) end of pipes. The child process holds
623 * its own handles that will be closed on process exit. However, we have
624 * to close *our* handles as otherwise read() on stdout_fd and stderr_fd
625 * will block indefinitely after the process exits.
626 */
627 CloseHandle(child_stdin_rd);
628 CloseHandle(child_stdout_wr);
629 CloseHandle(child_stderr_wr);
630#else
631
632 GError *error = NULL((void*)0);
633 GSpawnFlags flags = G_SPAWN_DO_NOT_REAP_CHILD;
634 GSpawnChildSetupFunc child_setup = NULL((void*)0);
635#ifdef HAS_G_SPAWN_LINUX_THREAD_SAFETY_BUG
636 flags = (GSpawnFlags)(flags | G_SPAWN_LEAVE_DESCRIPTORS_OPEN);
637 child_setup = close_non_standard_fds_linux;
638#endif
639 bool_Bool spawned = g_spawn_async_with_pipes(NULL((void*)0), argv, NULL((void*)0),
640 flags, child_setup, NULL((void*)0),
641 &pid, &stdin_fd, &stdout_fd, &stderr_fd, &error);
642 if (!spawned) {
21
Assuming 'spawned' is true
22
Taking false branch
643 ws_debug("Error creating async pipe: %s", error->message)do { if (1) { ws_log_full("Capture", LOG_LEVEL_DEBUG, "wsutil/ws_pipe.c"
, 643, __func__, "Error creating async pipe: %s", error->message
); } } while (0);
644 g_free(error->message);
645 }
646#endif
647
648 g_free(command_line);
649 g_strfreev(argv);
650
651 ws_pipe->pid = pid;
23
Potential leak of memory pointed to by 'argv'
652
653 if (pid != WS_INVALID_PID-1) {
654#ifdef _WIN32
655 ws_pipe->stdin_io = g_io_channel_win32_new_fd(stdin_fd);
656 ws_pipe->stdout_io = g_io_channel_win32_new_fd(stdout_fd);
657 ws_pipe->stderr_io = g_io_channel_win32_new_fd(stderr_fd);
658#else
659 ws_pipe->stdin_io = g_io_channel_unix_new(stdin_fd);
660 ws_pipe->stdout_io = g_io_channel_unix_new(stdout_fd);
661 ws_pipe->stderr_io = g_io_channel_unix_new(stderr_fd);
662#endif
663 g_io_channel_set_encoding(ws_pipe->stdin_io, NULL((void*)0), NULL((void*)0));
664 g_io_channel_set_encoding(ws_pipe->stdout_io, NULL((void*)0), NULL((void*)0));
665 g_io_channel_set_encoding(ws_pipe->stderr_io, NULL((void*)0), NULL((void*)0));
666 g_io_channel_set_buffered(ws_pipe->stdin_io, false0);
667 g_io_channel_set_buffered(ws_pipe->stdout_io, false0);
668 g_io_channel_set_buffered(ws_pipe->stderr_io, false0);
669 g_io_channel_set_close_on_unref(ws_pipe->stdin_io, true1);
670 g_io_channel_set_close_on_unref(ws_pipe->stdout_io, true1);
671 g_io_channel_set_close_on_unref(ws_pipe->stderr_io, true1);
672 }
673
674 return pid;
675}
676
677#ifdef _WIN32
678
679typedef struct
680{
681 HANDLE pipeHandle;
682 OVERLAPPED ol;
683 BOOL pendingIO;
684} PIPEINTS;
685
686bool_Bool
687ws_pipe_wait_for_pipe(HANDLE * pipe_handles, int num_pipe_handles, HANDLE pid)
688{
689 PIPEINTS pipeinsts[3];
690 HANDLE handles[4];
691 bool_Bool result = true1;
692
693 SecureZeroMemory(pipeinsts, sizeof(pipeinsts));
694
695 if (num_pipe_handles == 0 || num_pipe_handles > 3)
696 {
697 ws_debug("Invalid number of pipes given as argument.")do { if (1) { ws_log_full("Capture", LOG_LEVEL_DEBUG, "wsutil/ws_pipe.c"
, 697, __func__, "Invalid number of pipes given as argument."
); } } while (0);
698 return false0;
699 }
700
701 for (int i = 0; i < num_pipe_handles; ++i)
702 {
703 pipeinsts[i].ol.hEvent = CreateEvent(NULL((void*)0), true1, false0, NULL((void*)0));
704 if (!pipeinsts[i].ol.hEvent)
705 {
706 ws_debug("Could not create overlapped event")do { if (1) { ws_log_full("Capture", LOG_LEVEL_DEBUG, "wsutil/ws_pipe.c"
, 706, __func__, "Could not create overlapped event"); } } while
(0);
707 for (int j = 0; j < i; j++)
708 {
709 CloseHandle(pipeinsts[j].ol.hEvent);
710 }
711 return false0;
712 }
713 }
714
715 for (int i = 0; i < num_pipe_handles; ++i)
716 {
717 pipeinsts[i].pipeHandle = pipe_handles[i];
718 pipeinsts[i].ol.Pointer = 0;
719 pipeinsts[i].pendingIO = false0;
720 if (!ConnectNamedPipe(pipeinsts[i].pipeHandle, &pipeinsts[i].ol))
721 {
722 DWORD error = GetLastError();
723 switch (error)
724 {
725 case ERROR_IO_PENDING:
726 pipeinsts[i].pendingIO = true1;
727 break;
728
729 case ERROR_PIPE_CONNECTED:
730 SetEvent(pipeinsts[i].ol.hEvent);
731 break;
732
733 default:
734 ws_debug("ConnectNamedPipe failed with %ld\n.", error)do { if (1) { ws_log_full("Capture", LOG_LEVEL_DEBUG, "wsutil/ws_pipe.c"
, 734, __func__, "ConnectNamedPipe failed with %ld\n.", error
); } } while (0);
735 result = false0;
736 }
737 }
738 }
739
740 while (result)
741 {
742 DWORD dw;
743 int num_handles = 0;
744 for (int i = 0; i < num_pipe_handles; ++i)
745 {
746 if (pipeinsts[i].pendingIO)
747 {
748 handles[num_handles] = pipeinsts[i].ol.hEvent;
749 num_handles++;
750 }
751 }
752 if (num_handles == 0)
753 {
754 /* All pipes have been successfully connected */
755 break;
756 }
757 /* Wait for process in case it exits before the pipes have connected */
758 handles[num_handles] = pid;
759 num_handles++;
760
761 dw = WaitForMultipleObjects(num_handles, handles, false0, 30000);
762 int handle_idx = dw - WAIT_OBJECT_0;
763 if (dw == WAIT_TIMEOUT)
764 {
765 ws_debug("extcap didn't connect to pipe within 30 seconds.")do { if (1) { ws_log_full("Capture", LOG_LEVEL_DEBUG, "wsutil/ws_pipe.c"
, 765, __func__, "extcap didn't connect to pipe within 30 seconds."
); } } while (0);
766 result = false0;
767 break;
768 }
769 // If index points to our handles array
770 else if (handle_idx >= 0 && handle_idx < num_handles)
771 {
772 if (handles[handle_idx] == pid)
773 {
774 ws_debug("extcap terminated without connecting to pipe.")do { if (1) { ws_log_full("Capture", LOG_LEVEL_DEBUG, "wsutil/ws_pipe.c"
, 774, __func__, "extcap terminated without connecting to pipe."
); } } while (0);
775 result = false0;
776 }
777 for (int i = 0; i < num_pipe_handles; ++i)
778 {
779 if (handles[handle_idx] == pipeinsts[i].ol.hEvent)
780 {
781 DWORD cbRet;
782 BOOL success = GetOverlappedResult(
783 pipeinsts[i].pipeHandle, // handle to pipe
784 &pipeinsts[i].ol, // OVERLAPPED structure
785 &cbRet, // bytes transferred
786 true1); // wait
787 if (!success)
788 {
789 ws_debug("Error %ld \n.", GetLastError())do { if (1) { ws_log_full("Capture", LOG_LEVEL_DEBUG, "wsutil/ws_pipe.c"
, 789, __func__, "Error %ld \n.", GetLastError()); } } while (
0);
790 result = false0;
791 }
792 pipeinsts[i].pendingIO = false0;
793 }
794 }
795 }
796 else
797 {
798 ws_debug("WaitForMultipleObjects returned 0x%08lX. Error %ld", dw, GetLastError())do { if (1) { ws_log_full("Capture", LOG_LEVEL_DEBUG, "wsutil/ws_pipe.c"
, 798, __func__, "WaitForMultipleObjects returned 0x%08lX. Error %ld"
, dw, GetLastError()); } } while (0);
799 result = false0;
800 }
801 }
802
803 for (int i = 0; i < num_pipe_handles; ++i)
804 {
805 if (pipeinsts[i].pendingIO)
806 {
807 CancelIoEx(pipeinsts[i].pipeHandle, &pipeinsts[i].ol);
808 WaitForSingleObject(pipeinsts[i].ol.hEvent, INFINITE);
809 }
810 CloseHandle(pipeinsts[i].ol.hEvent);
811 }
812
813 return result;
814}
815#endif
816
817bool_Bool
818ws_pipe_data_available(int pipe_fd)
819{
820#ifdef _WIN32 /* PeekNamedPipe */
821 HANDLE hPipe = (HANDLE) _get_osfhandle(pipe_fd);
822 DWORD bytes_avail;
823
824 if (hPipe == INVALID_HANDLE_VALUE)
825 {
826 return false0;
827 }
828
829 if (! PeekNamedPipe(hPipe, NULL((void*)0), 0, NULL((void*)0), &bytes_avail, NULL((void*)0)))
830 {
831 return false0;
832 }
833
834 if (bytes_avail > 0)
835 {
836 return true1;
837 }
838 return false0;
839#else /* select */
840 fd_set rfds;
841 struct timeval timeout;
842
843 FD_ZERO(&rfds)do { unsigned int __i; fd_set *__arr = (&rfds); for (__i =
0; __i < sizeof (fd_set) / sizeof (__fd_mask); ++__i) ((__arr
)->__fds_bits)[__i] = 0; } while (0);
844 FD_SET(pipe_fd, &rfds)((void) (((&rfds)->__fds_bits)[((pipe_fd) / (8 * (int)
sizeof (__fd_mask)))] |= ((__fd_mask) (1UL << ((pipe_fd
) % (8 * (int) sizeof (__fd_mask)))))));
845 timeout.tv_sec = 0;
846 timeout.tv_usec = 0;
847
848 if (select(pipe_fd + 1, &rfds, NULL((void*)0), NULL((void*)0), &timeout) > 0)
849 {
850 return true1;
851 }
852
853 return false0;
854#endif
855}
856
857/*
858 * Editor modelines - https://www.wireshark.org/tools/modelines.html
859 *
860 * Local variables:
861 * c-basic-offset: 4
862 * tab-width: 8
863 * indent-tabs-mode: nil
864 * End:
865 *
866 * vi: set shiftwidth=4 tabstop=8 expandtab:
867 * :indentSize=4:tabSize=8:noTabs=true:
868 */