andykimpe / rpms / 389-ds-base

Forked from rpms/389-ds-base 5 months ago
Clone
Source Code
GIT

Blame 0089-Coverity-Fixes-part-1.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-armhfp c7-beta c8-beta-stream-1.4 c8-stream-1.4 c8s-stream-1.4 c8s-stream-ds c9 c9-beta
  1.   c6
  2.   0089-Coverity-Fixes-part-1.patch
Blob History Raw
dc8c34 
From 8a5273d62a8785e6443aca11d6c06e5650884911 Mon Sep 17 00:00:00 2001
dc8c34 
From: Mark Reynolds <mreynolds@redhat.com>
dc8c34 
Date: Mon, 3 Jun 2013 17:17:24 -0400
dc8c34 
Subject: [PATCH 89/99] Coverity Fixes (part 1)
dc8c34
dc8c34 
11648 - string length miscalulation (ldclt.c)
dc8c34 
11655 - unchecked return value (agtmmap.c)
dc8c34 
11656 - unchecked return value (dblayer.c)
dc8c34 
11657 - unchecked return value (daemon.c)
dc8c34 
11658 - unchecked return value (daemon.c)
dc8c34 
11660 - unchecked return value (log.c)
dc8c34 
11661 - unchecked return value (main.c)
dc8c34 
11662 - unchecked return value (ssl.c)
dc8c34 
11668 - Same on both sides (repl5_protocol_util.c)
dc8c34 
11669 - Same on both sides (ssl.c)
dc8c34 
11670 - Same on both sides (util.c)
dc8c34 
11673 - Copy-and-paste error (tools/rsearch/sdattable.c)
dc8c34
dc8c34 
https://bugzilla.redhat.com/show_bug.cgi?id=970221
dc8c34
dc8c34 
Reviewed by: Noriko(Thanks!)
dc8c34 
(cherry picked from commit 2b5aecb77784a9cf68fe29204f15bd4b61159d6d)
dc8c34 
(cherry picked from commit f771f95f3f34442a9c238b687227d1d17a1015e7)
dc8c34 
---
dc8c34 
 .../plugins/replication/repl5_protocol_util.c      |  2 +-
dc8c34 
 ldap/servers/slapd/agtmmap.c                       | 69 +++++++++++-----------
dc8c34 
 ldap/servers/slapd/back-ldbm/dblayer.c             |  7 ++-
dc8c34 
 ldap/servers/slapd/daemon.c                        | 29 +++++----
dc8c34 
 ldap/servers/slapd/log.c                           | 18 +++++-
dc8c34 
 ldap/servers/slapd/main.c                          |  5 +-
dc8c34 
 ldap/servers/slapd/ssl.c                           | 17 ++++--
dc8c34 
 ldap/servers/slapd/tools/ldclt/ldclt.c             |  4 +-
dc8c34 
 ldap/servers/slapd/tools/rsearch/sdattable.c       |  2 +-
dc8c34 
 ldap/servers/slapd/util.c                          |  2 +-
dc8c34 
 10 files changed, 98 insertions(+), 57 deletions(-)
dc8c34
dc8c34 
diff --git a/ldap/servers/plugins/replication/repl5_protocol_util.c b/ldap/servers/plugins/replication/repl5_protocol_util.c
dc8c34 
index 30d211a..4449170 100644
dc8c34 
--- a/ldap/servers/plugins/replication/repl5_protocol_util.c
dc8c34 
+++ b/ldap/servers/plugins/replication/repl5_protocol_util.c
dc8c34 
@@ -603,7 +603,7 @@ release_replica(Private_Repl_Protocol *prp)
dc8c34 
 		struct berval *data = NULL;
dc8c34
dc8c34 
 		/* Check the message id's match */
dc8c34 
-		if (sent_message_id != sent_message_id)
dc8c34 
+		if (sent_message_id != ret_message_id)
dc8c34 
 		{
dc8c34 
 			int operation, error;
dc8c34 
 			conn_get_error(prp->conn, &operation, &error);
dc8c34 
diff --git a/ldap/servers/slapd/agtmmap.c b/ldap/servers/slapd/agtmmap.c
dc8c34 
index d82da5f..f18138a 100644
dc8c34 
--- a/ldap/servers/slapd/agtmmap.c
dc8c34 
+++ b/ldap/servers/slapd/agtmmap.c
dc8c34 
@@ -187,46 +187,49 @@ agt_mopen_stats (char * statsfile, int mode, int *hdl)
dc8c34
dc8c34 
 	           if ( fd < 0 )
dc8c34 
 	           {
dc8c34 
-			err = errno;
dc8c34 
+                   err = errno;
dc8c34 
 #if (0)
dc8c34 
-			fprintf (stderr, "returning errno =%d from %s(line: %d)\n", err, __FILE__, __LINE__);
dc8c34 
+                   fprintf (stderr, "returning errno =%d from %s(line: %d)\n", err, __FILE__, __LINE__);
dc8c34 
 #endif
dc8c34 
-	                rc = err;
dc8c34 
-			goto bail;
dc8c34 
-                   }
dc8c34 
+                   rc = err;
dc8c34 
+                   goto bail;
dc8c34 
+               }
dc8c34
dc8c34 
-		   fstat (fd, &fileinfo);
dc8c34 
-
dc8c34 
-		   sz = sizeof (struct agt_stats_t);
dc8c34 
-
dc8c34 
-		   if (fileinfo.st_size < sz)
dc8c34 
-		   {
dc8c34 
-			   /* Without this we will get segv when we try to read/write later */
dc8c34 
-			   buf = calloc (1, sz);
dc8c34 
-			   (void)write (fd, buf, sz);
dc8c34 
-			   free (buf);
dc8c34 
-		   }
dc8c34 
-
dc8c34 
-		   fp = mmap (NULL, sz, (PROT_READ | PROT_WRITE), MAP_SHARED, fd, 0);
dc8c34 
-
dc8c34 
-		   if (fp == (caddr_t) -1)
dc8c34 
-		   {
dc8c34 
-			err = errno;
dc8c34 
-			close (fd);
dc8c34 
+               if(fstat (fd, &fileinfo) != 0){
dc8c34 
+                   rc = errno;
dc8c34 
+                   goto bail;
dc8c34 
+		       }
dc8c34 
+
dc8c34 
+               sz = sizeof (struct agt_stats_t);
dc8c34 
+
dc8c34 
+               if (fileinfo.st_size < sz)
dc8c34 
+               {
dc8c34 
+                   /* Without this we will get segv when we try to read/write later */
dc8c34 
+                   buf = calloc (1, sz);
dc8c34 
+                   (void)write (fd, buf, sz);
dc8c34 
+                   free (buf);
dc8c34 
+               }
dc8c34 
+
dc8c34 
+               fp = mmap (NULL, sz, (PROT_READ | PROT_WRITE), MAP_SHARED, fd, 0);
dc8c34 
+
dc8c34 
+               if (fp == (caddr_t) -1)
dc8c34 
+               {
dc8c34 
+                   err = errno;
dc8c34 
+                   close (fd);
dc8c34 
 #if (0)
dc8c34 
-			fprintf (stderr, "returning errno =%d from %s(line: %d)\n", err, __FILE__, __LINE__);
dc8c34 
+                   fprintf (stderr, "returning errno =%d from %s(line: %d)\n", err, __FILE__, __LINE__);
dc8c34 
 #endif
dc8c34 
-			rc = err;
dc8c34 
-			goto bail;
dc8c34 
-		   }
dc8c34 
+                   rc = err;
dc8c34 
+                   goto bail;
dc8c34 
+               }
dc8c34
dc8c34 
-		   mmap_tbl [1].maptype = AGT_MAP_RDWR;
dc8c34 
-		   mmap_tbl [1].fd 	= fd;
dc8c34 
-		   mmap_tbl [1].fp 	= fp;
dc8c34 
-		   *hdl = 1;
dc8c34 
+               mmap_tbl [1].maptype = AGT_MAP_RDWR;
dc8c34 
+               mmap_tbl [1].fd = fd;
dc8c34 
+               mmap_tbl [1].fp = fp;
dc8c34 
+               *hdl = 1;
dc8c34
dc8c34 
-		   rc = 0;
dc8c34 
-                   break;
dc8c34 
+               rc = 0;
dc8c34 
+           break;
dc8c34 
 	} /* end switch */
dc8c34 
 #else
dc8c34 
 	/* _WIN32 */
dc8c34 
diff --git a/ldap/servers/slapd/back-ldbm/dblayer.c b/ldap/servers/slapd/back-ldbm/dblayer.c
dc8c34 
index 8696834..960d99e 100644
dc8c34 
--- a/ldap/servers/slapd/back-ldbm/dblayer.c
dc8c34 
+++ b/ldap/servers/slapd/back-ldbm/dblayer.c
dc8c34 
@@ -4478,7 +4478,12 @@ static int checkpoint_threadmain(void *param)
dc8c34 
                                 "%s.old", *listp);
dc8c34 
                     checkpoint_debug_message(debug_checkpointing,
dc8c34 
                                 "Renaming %s -> %s\n",*listp, new_filename, 0);
dc8c34 
-                    rename(*listp, new_filename);
dc8c34 
+                    if(rename(*listp, new_filename) != 0){
dc8c34 
+                    	LDAPDebug(LDAP_DEBUG_ANY, "checkpoint_threadmain: failed to rename log (%s) to (%s)\n",
dc8c34 
+                    	        *listp, new_filename, 0);
dc8c34 
+                    	rval = -1;
dc8c34 
+                    	goto error_return;
dc8c34 
+                    }
dc8c34 
                 }
dc8c34 
             }
dc8c34 
             slapi_ch_free((void**)&list);
dc8c34 
diff --git a/ldap/servers/slapd/daemon.c b/ldap/servers/slapd/daemon.c
dc8c34 
index 221b156..524a6aa 100644
dc8c34 
--- a/ldap/servers/slapd/daemon.c
dc8c34 
+++ b/ldap/servers/slapd/daemon.c
dc8c34 
@@ -3384,8 +3384,14 @@ createsignalpipe( void )
dc8c34 
 	}
dc8c34 
 	writesignalpipe = PR_FileDesc2NativeHandle(signalpipe[1]);
dc8c34 
 	readsignalpipe = PR_FileDesc2NativeHandle(signalpipe[0]);
dc8c34 
-	fcntl(writesignalpipe, F_SETFD, O_NONBLOCK);
dc8c34 
-	fcntl(readsignalpipe, F_SETFD, O_NONBLOCK);
dc8c34 
+	if(fcntl(writesignalpipe, F_SETFD, O_NONBLOCK) == -1){
dc8c34 
+		LDAPDebug( LDAP_DEBUG_ANY,"createsignalpipe: failed to set FD for write pipe (%d).\n",
dc8c34 
+				errno, 0, 0 );
dc8c34 
+	}
dc8c34 
+	if(fcntl(readsignalpipe, F_SETFD, O_NONBLOCK) == -1){
dc8c34 
+		LDAPDebug( LDAP_DEBUG_ANY,"createsignalpipe: failed to set FD for read pipe (%d).\n",
dc8c34 
+				errno, 0, 0);
dc8c34 
+	}
dc8c34 
 #endif
dc8c34
dc8c34 
 	return( 0 );
dc8c34 
@@ -3605,7 +3611,7 @@ void configure_ns_socket( int * ns )
dc8c34 
 {
dc8c34
dc8c34 
 	int enable_nagle = config_get_nagle();
dc8c34 
-        int on;
dc8c34 
+	int on, rc;
dc8c34
dc8c34 
 #if defined(LINUX)
dc8c34 
 	/* On Linux we use TCP_CORK so we must enable nagle */
dc8c34 
@@ -3615,19 +3621,18 @@ void configure_ns_socket( int * ns )
dc8c34 
 	if ( have_send_timeouts ) {
dc8c34 
 		daemon_configure_send_timeout( *ns, config_get_ioblocktimeout() );
dc8c34 
 	}
dc8c34 
-
dc8c34 
-
dc8c34 
+	/* set the nagle */
dc8c34 
 	if ( !enable_nagle ) {
dc8c34 
-	        on = 1;
dc8c34 
-	        setsockopt( *ns, IPPROTO_TCP, TCP_NODELAY, (char * ) &on, sizeof(on) );
dc8c34 
+		on = 1;
dc8c34 
 	} else {
dc8c34 
-	        on = 0;
dc8c34 
-		setsockopt( *ns, IPPROTO_TCP, TCP_NODELAY, (char * ) &on, sizeof(on) );
dc8c34 
-	} /* else (!enable_nagle) */
dc8c34 
-
dc8c34 
+		on = 0;
dc8c34 
+	}
dc8c34 
+	/* check for errors */
dc8c34 
+	if((rc = setsockopt( *ns, IPPROTO_TCP, TCP_NODELAY, (char * ) &on, sizeof(on) ) != 0)){
dc8c34 
+		LDAPDebug( LDAP_DEBUG_ANY,"configure_ns_socket: Failed to configure socket (%d).\n", rc, 0, 0);
dc8c34 
+	}
dc8c34
dc8c34 
 	return;
dc8c34 
-
dc8c34 
 }
dc8c34
dc8c34
dc8c34 
diff --git a/ldap/servers/slapd/log.c b/ldap/servers/slapd/log.c
dc8c34 
index a765001..9b3f640 100644
dc8c34 
--- a/ldap/servers/slapd/log.c
dc8c34 
+++ b/ldap/servers/slapd/log.c
dc8c34 
@@ -3789,6 +3789,9 @@ log__open_errorlogfile(int logfile_state, int locked)
dc8c34 
 	struct logfileinfo	*logp;
dc8c34 
 	char			buffer[BUFSIZ];
dc8c34 
 	struct passwd	*pw = NULL;
dc8c34 
+#ifndef _WIN32
dc8c34 
+	int rc = 0;
dc8c34 
+#endif
dc8c34
dc8c34 
 	slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
dc8c34
dc8c34 
@@ -3886,7 +3889,20 @@ log__open_errorlogfile(int logfile_state, int locked)
dc8c34 
 	 * alternate ns-slapd modes, such as db2bak, tries to log an error
dc8c34 
 	 * at startup, it will create the logfile as root!
dc8c34 
 	 */
dc8c34 
-	slapd_chown_if_not_owner(loginfo.log_error_file, pw->pw_uid, -1);
dc8c34 
+	if((rc = slapd_chown_if_not_owner(loginfo.log_error_file, pw->pw_uid, -1)) != 0){
dc8c34 
+		PR_snprintf(buffer, sizeof(buffer),
dc8c34 
+				"Failed to chown log file %s: error %d (%s); Exiting...",
dc8c34 
+				loginfo.log_error_file, errno, slapd_system_strerror(errno));
dc8c34 
+		log__error_emergency(buffer, 1, locked);
dc8c34 
+		if (!locked) LOG_ERROR_UNLOCK_WRITE();
dc8c34 
+		/* failed to write to the errors log.  should not continue. */
dc8c34 
+		g_set_shutdown( SLAPI_SHUTDOWN_EXIT );
dc8c34 
+		/*if I have an old log file -- I should log a message
dc8c34 
+		** that I can't open the new file. Let the caller worry
dc8c34 
+		** about logging message.
dc8c34 
+		*/
dc8c34 
+		return LOG_UNABLE_TO_OPENFILE;
dc8c34 
+	}
dc8c34 
 #endif
dc8c34
dc8c34 
 	loginfo.log_error_fdes = fp;
dc8c34 
diff --git a/ldap/servers/slapd/main.c b/ldap/servers/slapd/main.c
dc8c34 
index 84ce01d..9938c01 100644
dc8c34 
--- a/ldap/servers/slapd/main.c
dc8c34 
+++ b/ldap/servers/slapd/main.c
dc8c34 
@@ -247,7 +247,10 @@ chown_dir_files(char *name, struct passwd *pw, PRBool strip_fn, PRBool both)
dc8c34 
     while( (entry = PR_ReadDir(dir , PR_SKIP_BOTH )) !=NULL )
dc8c34 
     {
dc8c34 
       PR_snprintf(file,MAXPATHLEN+1,"%s/%s",log,entry->name);
dc8c34 
-      slapd_chown_if_not_owner( file, pw->pw_uid, both?pw->pw_gid:-1 );
dc8c34 
+      if((rc = slapd_chown_if_not_owner( file, pw->pw_uid, both?pw->pw_gid:-1 )) != 0){
dc8c34 
+    	  LDAPDebug(LDAP_DEBUG_ANY, "chown_dir_files: file (%s) chown failed (%d) %s.\n",
dc8c34 
+    			  file, errno, slapd_system_strerror(errno));
dc8c34 
+      }
dc8c34 
     }
dc8c34 
     PR_CloseDir( dir );
dc8c34 
   }
dc8c34 
diff --git a/ldap/servers/slapd/ssl.c b/ldap/servers/slapd/ssl.c
dc8c34 
index 0aab53d..f515b8e 100644
dc8c34 
--- a/ldap/servers/slapd/ssl.c
dc8c34 
+++ b/ldap/servers/slapd/ssl.c
dc8c34 
@@ -360,7 +360,7 @@ _conf_setciphers(char *ciphers)
dc8c34 
         if(t)
dc8c34 
             ciphers = t;
dc8c34 
     }
dc8c34 
-    if (unsuplist && unsuplist) {
dc8c34 
+    if (unsuplist && *unsuplist) {
dc8c34 
         char *strsup = charray2str(suplist, ",");
dc8c34 
         char *strunsup = charray2str(unsuplist, ",");
dc8c34 
         slapd_SSL_warn("Security Initialization: FIPS mode is enabled - only the following "
dc8c34 
@@ -614,9 +614,18 @@ slapd_nss_init(int init_ssl, int config_available)
dc8c34 
 		certdb_file_name = slapi_ch_smprintf("%s/cert8.db", certdir);
dc8c34 
 		keydb_file_name = slapi_ch_smprintf("%s/key3.db", certdir);
dc8c34 
 		secmoddb_file_name = slapi_ch_smprintf("%s/secmod.db", certdir);
dc8c34 
-		chmod(certdb_file_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP );
dc8c34 
-		chmod(keydb_file_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP );
dc8c34 
-		chmod(secmoddb_file_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP );
dc8c34 
+		if(chmod(certdb_file_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP )){
dc8c34 
+			LDAPDebug(LDAP_DEBUG_ANY, "slapd_nss_init: chmod failed for file %s error (%d) %s.\n",
dc8c34 
+					certdb_file_name, errno, slapd_system_strerror(errno));
dc8c34 
+		}
dc8c34 
+		if(chmod(keydb_file_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP )){
dc8c34 
+			LDAPDebug(LDAP_DEBUG_ANY, "slapd_nss_init: chmod failed for file %s error (%d) %s.\n",
dc8c34 
+					keydb_file_name, errno, slapd_system_strerror(errno));
dc8c34 
+		}
dc8c34 
+		if(chmod(secmoddb_file_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP )){
dc8c34 
+			LDAPDebug(LDAP_DEBUG_ANY, "slapd_nss_init: chmod failed for file %s error (%d) %s.\n",
dc8c34 
+					secmoddb_file_name, errno, slapd_system_strerror(errno));
dc8c34 
+		}
dc8c34 
 	}
dc8c34
dc8c34 
     /****** end of NSS Initialization ******/
dc8c34 
diff --git a/ldap/servers/slapd/tools/ldclt/ldclt.c b/ldap/servers/slapd/tools/ldclt/ldclt.c
dc8c34 
index 27a2412..2a45c76 100644
dc8c34 
--- a/ldap/servers/slapd/tools/ldclt/ldclt.c
dc8c34 
+++ b/ldap/servers/slapd/tools/ldclt/ldclt.c
dc8c34 
@@ -1497,7 +1497,7 @@ basicInit (void)
dc8c34 
     /*
dc8c34 
      * Parse the deference attribute value
dc8c34 
      */
dc8c34 
-    mctx.attRefDef= (char *)malloc(strlen(mctx.attrpl+i+1) + 1);
dc8c34 
+    mctx.attRefDef= (char *)malloc(strlen(mctx.attrpl + i) + 2);
dc8c34 
     if (mctx.attRefDef== NULL) {
dc8c34 
       printf ("Error: unable to allocate memory for attRefDef\n");
dc8c34 
       return (-1);
dc8c34 
@@ -1525,7 +1525,7 @@ basicInit (void)
dc8c34 
     /*
dc8c34 
      * Parse the attribute value
dc8c34 
      */
dc8c34 
-    mctx.attrplFile = (char *)malloc(strlen(mctx.attrpl+i+1) + 1);
dc8c34 
+    mctx.attrplFile = (char *)malloc(strlen(mctx.attrpl+i) + 2);
dc8c34 
     if (mctx.attrplFile == NULL) {
dc8c34 
       printf ("Error: unable to allocate memory for attreplfile\n");
dc8c34 
       return (-1);
dc8c34 
diff --git a/ldap/servers/slapd/tools/rsearch/sdattable.c b/ldap/servers/slapd/tools/rsearch/sdattable.c
dc8c34 
index df1c152..c0274d0 100644
dc8c34 
--- a/ldap/servers/slapd/tools/rsearch/sdattable.c
dc8c34 
+++ b/ldap/servers/slapd/tools/rsearch/sdattable.c
dc8c34 
@@ -183,7 +183,7 @@ int sdt_save(SDatTable *sdt, const char *filename)
dc8c34 
 	    PR_Write(fd, sdt->dns[i], strlen(sdt->dns[i]));
dc8c34 
 	    PR_Write(fd, "\n", 1);
dc8c34 
 	}
dc8c34 
-	if (sdt->dns[i]) {
dc8c34 
+	if (sdt->uids[i]) {
dc8c34 
 	    PR_Write(fd, "uid: ", 5);
dc8c34 
 	    PR_Write(fd, sdt->uids[i], strlen(sdt->uids[i]));
dc8c34 
 	    PR_Write(fd, "\n", 1);
dc8c34 
diff --git a/ldap/servers/slapd/util.c b/ldap/servers/slapd/util.c
dc8c34 
index 649b3a9..0a9d23d 100644
dc8c34 
--- a/ldap/servers/slapd/util.c
dc8c34 
+++ b/ldap/servers/slapd/util.c
dc8c34 
@@ -417,7 +417,7 @@ normalize_mods2bvals(const LDAPMod **mods)
dc8c34 
                 num_values++;
dc8c34 
             }
dc8c34 
         } else {
dc8c34 
-            for (x = 0; mods[w]->mod_values[x] != NULL &&
dc8c34 
+            for (x = 0; mods[w]->mod_values != NULL &&
dc8c34 
                     mods[w]->mod_values[x] != NULL; x++)
dc8c34 
             {
dc8c34 
                 num_values++;
dc8c34 
--
dc8c34 
1.8.1.4
dc8c34

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation