From 6d8fbc8b818c9f23a538f1586ee055b1dd7a7f2f Mon Sep 17 00:00:00 2001
From: Danny Al-Gaaf <danny.al-gaaf@bisect.de>
Date: Sat, 22 Mar 2014 22:08:06 +0100
Subject: [PATCH 1/6] jerasure.c: fix memory leak in error case

Check matrix for NULL before call talloc().

CID 1093213 (#1 of 1): Resource leak (RESOURCE_LEAK)
 4. leaked_storage: Variable "bitmatrix" going out of scope
 leaks the storage it points to.

Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>
---
 src/jerasure.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/jerasure.c b/src/jerasure.c
index bb577af..d2af918 100644
--- a/src/jerasure.c
+++ b/src/jerasure.c
@@ -273,9 +273,10 @@ int *jerasure_matrix_to_bitmatrix(int k, int m, int w, int *matrix)
   int *bitmatrix;
   int rowelts, rowindex, colindex, elt, i, j, l, x;
 
-  bitmatrix = talloc(int, k*m*w*w);
   if (matrix == NULL) { return NULL; }
 
+  bitmatrix = talloc(int, k*m*w*w);
+
   rowelts = k * w;
   rowindex = 0;
 

From bd6cddba8b842283d921315e03eda7a22b0e8211 Mon Sep 17 00:00:00 2001
From: Danny Al-Gaaf <danny.al-gaaf@bisect.de>
Date: Sat, 22 Mar 2014 23:38:48 +0100
Subject: [PATCH 2/6] Examples/reed_sol_time_gf.c: include sys/time.h

Fix warning: implicit declaration of function 'gettimeofday' is
invalid in C99 [-Wimplicit-function-declaration]

Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>
---
 Examples/reed_sol_time_gf.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Examples/reed_sol_time_gf.c b/Examples/reed_sol_time_gf.c
index fd61f8b..175de8b 100644
--- a/Examples/reed_sol_time_gf.c
+++ b/Examples/reed_sol_time_gf.c
@@ -44,6 +44,7 @@
    Revision 1.0 - 2007: James S. Plank.
  */
 
+#include <sys/time.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>

From 4b6c76c659047e59f51904282a53ae7d9b2a0bb7 Mon Sep 17 00:00:00 2001
From: Danny Al-Gaaf <danny.al-gaaf@bisect.de>
Date: Sat, 22 Mar 2014 23:46:51 +0100
Subject: [PATCH 3/6] Examples/*coder.c: add missing include of unistd.h

Fix warning: implicit declaration of function 'getcwd' is invalid in
C99 [-Wimplicit-function-declaration]

Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>
---
 Examples/decoder.c | 1 +
 Examples/encoder.c | 1 +
 2 files changed, 2 insertions(+)

diff --git a/Examples/decoder.c b/Examples/decoder.c
index f00fce6..0f6e030 100644
--- a/Examples/decoder.c
+++ b/Examples/decoder.c
@@ -62,6 +62,7 @@ same arguments, and encoder.c does error check.
 #include <stdlib.h>
 #include <string.h>
 #include <time.h>
+#include <unistd.h>
 #include <sys/time.h>
 #include <sys/stat.h>
 #include <signal.h>
diff --git a/Examples/encoder.c b/Examples/encoder.c
index 2c8cd67..8b9184f 100644
--- a/Examples/encoder.c
+++ b/Examples/encoder.c
@@ -59,6 +59,7 @@ is the file name with "_k#" or "_m#" and then the extension.
 #include <time.h>
 #include <sys/time.h>
 #include <sys/stat.h>
+#include <unistd.h>
 #include <string.h>
 #include <stdio.h>
 #include <stdlib.h>

From b14af86424e3cb8c89c0f2fd2b856580e446fba4 Mon Sep 17 00:00:00 2001
From: Danny Al-Gaaf <danny.al-gaaf@bisect.de>
Date: Sat, 22 Mar 2014 21:58:53 +0100
Subject: [PATCH 4/6] jerasure.c: free memory before return in error case

Fix for Coverity issue from Ceph project:

CID 1093211 (#1 of 1): Resource leak (RESOURCE_LEAK)
 20. leaked_storage: Variable "ind_to_row" going out of scope leaks
 the storage it points to.

CID 1093212 (#1 of 1): Resource leak (RESOURCE_LEAK)
 20. leaked_storage: Variable "row_ids" going out of scope leaks the
 storage it points to.

Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>
---
 src/jerasure.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/jerasure.c b/src/jerasure.c
index d2af918..de54fcf 100644
--- a/src/jerasure.c
+++ b/src/jerasure.c
@@ -838,7 +838,11 @@ static int **jerasure_generate_decoding_schedule(int k, int m, int w, int *bitma
   row_ids = talloc(int, k+m);
   ind_to_row = talloc(int, k+m);
 
-  if (set_up_ids_for_scheduled_decoding(k, m, erasures, row_ids, ind_to_row) < 0) return NULL;
+  if (set_up_ids_for_scheduled_decoding(k, m, erasures, row_ids, ind_to_row) < 0) {
+    free(row_ids);
+    free(ind_to_row);
+    return NULL;
+  }
 
   /* Now, we're going to create one decoding matrix which is going to 
      decode everything with one call.  The hope is that the scheduler

From 31810e1fdcd60e31029cf6be71e940e350442450 Mon Sep 17 00:00:00 2001
From: Danny Al-Gaaf <danny.al-gaaf@bisect.de>
Date: Sun, 27 Apr 2014 18:54:21 +0200
Subject: [PATCH 5/6] jerasure.c: add check for result of malloc()

Add check for bitmatrix and return NULL if malloc failed.

Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>
---
 src/jerasure.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/jerasure.c b/src/jerasure.c
index de54fcf..a2bd3e7 100644
--- a/src/jerasure.c
+++ b/src/jerasure.c
@@ -276,6 +276,7 @@ int *jerasure_matrix_to_bitmatrix(int k, int m, int w, int *matrix)
   if (matrix == NULL) { return NULL; }
 
   bitmatrix = talloc(int, k*m*w*w);
+  if (!bitmatrix) return NULL;
 
   rowelts = k * w;
   rowindex = 0;

From a21b2733a964bcb3649d78bb7afd23c15dce3d96 Mon Sep 17 00:00:00 2001
From: Danny Al-Gaaf <danny.al-gaaf@bisect.de>
Date: Sun, 27 Apr 2014 19:25:02 +0200
Subject: [PATCH 6/6] jerasure.c: add more checks for talloc/malloc results

Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>
---
 src/jerasure.c | 91 ++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 91 insertions(+)

diff --git a/src/jerasure.c b/src/jerasure.c
index a2bd3e7..d8c1179 100644
--- a/src/jerasure.c
+++ b/src/jerasure.c
@@ -245,6 +245,12 @@ int jerasure_matrix_decode(int k, int m, int w, int *matrix, int row_k_ones, int
 
   if (edd > 0) {
     tmpids = talloc(int, k);
+    if (!tmpids) {
+      free(erased);
+      free(dm_ids);
+      free(decoding_matrix);
+      return -1;
+    }
     for (i = 0; i < k; i++) {
       tmpids[i] = (i < lastdrive) ? i : i+1;
     }
@@ -697,6 +703,12 @@ int jerasure_bitmatrix_decode(int k, int m, int w, int *bitmatrix, int row_k_one
 
   if (edd > 0) {
     tmpids = talloc(int, k);
+    if (!tmpids) {
+      free(erased);
+      free(dm_ids);
+      free(decoding_matrix);
+      return -1;
+    }
     for (i = 0; i < k; i++) {
       tmpids[i] = (i < lastdrive) ? i : i+1;
     }
@@ -748,6 +760,10 @@ static char **set_up_ptrs_for_scheduled_decoding(int k, int m, int *erasures, ch
    */
          
   ptrs = talloc(char *, k+m);
+  if (!ptrs) {
+    free(erased);
+    return NULL;
+  }
 
   j = k;
   x = k;
@@ -837,7 +853,12 @@ static int **jerasure_generate_decoding_schedule(int k, int m, int w, int *bitma
   }
   
   row_ids = talloc(int, k+m);
+  if (!row_ids) return NULL;
   ind_to_row = talloc(int, k+m);
+  if (!ind_to_row) {
+    free(row_ids);
+    return NULL;
+  }
 
   if (set_up_ids_for_scheduled_decoding(k, m, erasures, row_ids, ind_to_row) < 0) {
     free(row_ids);
@@ -851,6 +872,11 @@ static int **jerasure_generate_decoding_schedule(int k, int m, int w, int *bitma
      number of erasures (ddf+cdf) */
 
   real_decoding_matrix = talloc(int, k*w*(cdf+ddf)*w);
+  if (!real_decoding_matrix) {
+    free(row_ids);
+    free(ind_to_row);
+    return NULL;
+  }
 
   /* First, if any data drives have failed, then initialize the first
      ddf*w rows of the decoding matrix from the standard decoding
@@ -859,6 +885,11 @@ static int **jerasure_generate_decoding_schedule(int k, int m, int w, int *bitma
   if (ddf > 0) {
     
     decoding_matrix = talloc(int, k*k*w*w);
+    if (!decoding_matrix) {
+      free(row_ids);
+      free(ind_to_row);
+      return NULL;
+    }
     ptr = decoding_matrix;
     for (i = 0; i < k; i++) {
       if (row_ids[i] == i) {
@@ -872,6 +903,12 @@ static int **jerasure_generate_decoding_schedule(int k, int m, int w, int *bitma
       ptr += (k*w*w);
     }
     inverse = talloc(int, k*k*w*w);
+    if (!inverse) {
+      free(row_ids);
+      free(ind_to_row);
+      free(decoding_matrix);
+      return NULL;
+    }
     jerasure_invert_bitmatrix(decoding_matrix, inverse, k*w);
 
 /*    printf("\nMatrix to invert\n");
@@ -1213,6 +1250,7 @@ int **jerasure_dumb_bitmatrix_to_schedule(int k, int m, int w, int *bitmatrix)
   int index, optodo, i, j;
 
   operations = talloc(int *, k*m*w*w+1);
+  if (!operations) return NULL;
   op = 0;
   
   index = 0;
@@ -1221,6 +1259,10 @@ int **jerasure_dumb_bitmatrix_to_schedule(int k, int m, int w, int *bitmatrix)
     for (j = 0; j < k*w; j++) {
       if (bitmatrix[index]) {
         operations[op] = talloc(int, 5);
+	if (!operations[op]) {
+	  // -ENOMEM
+          goto error;
+        }
         operations[op][4] = optodo;
         operations[op][0] = j/w;
         operations[op][1] = j%w;
@@ -1234,8 +1276,19 @@ int **jerasure_dumb_bitmatrix_to_schedule(int k, int m, int w, int *bitmatrix)
     }
   }
   operations[op] = talloc(int, 5);
+  if (!operations[op]) {
+    // -ENOMEM
+    goto error;
+  }
   operations[op][0] = -1;
   return operations;
+
+error:
+  for (i = 0; i <= op; i++) {
+    free(operations[op]);
+  }
+  free(operations);
+  return NULL;
 }
 
 int **jerasure_smart_bitmatrix_to_schedule(int k, int m, int w, int *bitmatrix)
@@ -1252,12 +1305,35 @@ int **jerasure_smart_bitmatrix_to_schedule(int k, int m, int w, int *bitmatrix)
   jerasure_print_bitmatrix(bitmatrix, m*w, k*w, w); */
 
   operations = talloc(int *, k*m*w*w+1);
+  if (!operations) return NULL;
   op = 0;
   
   diff = talloc(int, m*w);
+  if (!diff) {
+    free(operations);
+    return NULL;
+  }
   from = talloc(int, m*w);
+  if (!from) {
+    free(operations);
+    free(diff);
+    return NULL;
+  }
   flink = talloc(int, m*w);
+  if (!flink) {
+    free(operations);
+    free(diff);
+    free(from);
+    return NULL;
+  }
   blink = talloc(int, m*w);
+  if (!blink) {
+    free(operations);
+    free(diff);
+    free(from);
+    free(flink);
+    return NULL;
+  }
 
   ptr = bitmatrix;
 
@@ -1301,6 +1377,7 @@ int **jerasure_smart_bitmatrix_to_schedule(int k, int m, int w, int *bitmatrix)
       for (j = 0; j < k*w; j++) {
         if (ptr[j]) {
           operations[op] = talloc(int, 5);
+          if (!operations[op]) goto error;
           operations[op][4] = optodo;
           operations[op][0] = j/w;
           operations[op][1] = j%w;
@@ -1312,6 +1389,7 @@ int **jerasure_smart_bitmatrix_to_schedule(int k, int m, int w, int *bitmatrix)
       }
     } else {
       operations[op] = talloc(int, 5);
+      if (!operations[op]) goto error;
       operations[op][4] = 0;
       operations[op][0] = k+from[row]/w;
       operations[op][1] = from[row]%w;
@@ -1322,6 +1400,7 @@ int **jerasure_smart_bitmatrix_to_schedule(int k, int m, int w, int *bitmatrix)
       for (j = 0; j < k*w; j++) {
         if (ptr[j] ^ b1[j]) {
           operations[op] = talloc(int, 5);
+          if (!operations[op]) goto error;
           operations[op][4] = 1;
           operations[op][0] = j/w;
           operations[op][1] = j%w;
@@ -1349,6 +1428,7 @@ int **jerasure_smart_bitmatrix_to_schedule(int k, int m, int w, int *bitmatrix)
   }
   
   operations[op] = talloc(int, 5);
+  if (!operations[op]) goto error;
   operations[op][0] = -1;
   free(from);
   free(diff);
@@ -1356,6 +1436,17 @@ int **jerasure_smart_bitmatrix_to_schedule(int k, int m, int w, int *bitmatrix)
   free(flink);
 
   return operations;
+
+error:
+  for (i = 0; i <= op; i++) {
+    free(operations[op]);
+  }
+  free(operations);
+  free(from);
+  free(diff);
+  free(blink);
+  free(flink);
+  return NULL;
 }
 
 void jerasure_bitmatrix_encode(int k, int m, int w, int *bitmatrix,