andykimpe / rpms / 389-ds-base

Forked from rpms/389-ds-base 5 months ago
Clone
Blob Blame History Raw
From 8a5273d62a8785e6443aca11d6c06e5650884911 Mon Sep 17 00:00:00 2001
From: Mark Reynolds <mreynolds@redhat.com>
Date: Mon, 3 Jun 2013 17:17:24 -0400
Subject: [PATCH 89/99] Coverity Fixes (part 1)

11648 - string length miscalulation (ldclt.c)
11655 - unchecked return value (agtmmap.c)
11656 - unchecked return value (dblayer.c)
11657 - unchecked return value (daemon.c)
11658 - unchecked return value (daemon.c)
11660 - unchecked return value (log.c)
11661 - unchecked return value (main.c)
11662 - unchecked return value (ssl.c)
11668 - Same on both sides (repl5_protocol_util.c)
11669 - Same on both sides (ssl.c)
11670 - Same on both sides (util.c)
11673 - Copy-and-paste error (tools/rsearch/sdattable.c)

https://bugzilla.redhat.com/show_bug.cgi?id=970221

Reviewed by: Noriko(Thanks!)
(cherry picked from commit 2b5aecb77784a9cf68fe29204f15bd4b61159d6d)
(cherry picked from commit f771f95f3f34442a9c238b687227d1d17a1015e7)
---
 .../plugins/replication/repl5_protocol_util.c      |  2 +-
 ldap/servers/slapd/agtmmap.c                       | 69 +++++++++++-----------
 ldap/servers/slapd/back-ldbm/dblayer.c             |  7 ++-
 ldap/servers/slapd/daemon.c                        | 29 +++++----
 ldap/servers/slapd/log.c                           | 18 +++++-
 ldap/servers/slapd/main.c                          |  5 +-
 ldap/servers/slapd/ssl.c                           | 17 ++++--
 ldap/servers/slapd/tools/ldclt/ldclt.c             |  4 +-
 ldap/servers/slapd/tools/rsearch/sdattable.c       |  2 +-
 ldap/servers/slapd/util.c                          |  2 +-
 10 files changed, 98 insertions(+), 57 deletions(-)

diff --git a/ldap/servers/plugins/replication/repl5_protocol_util.c b/ldap/servers/plugins/replication/repl5_protocol_util.c
index 30d211a..4449170 100644
--- a/ldap/servers/plugins/replication/repl5_protocol_util.c
+++ b/ldap/servers/plugins/replication/repl5_protocol_util.c
@@ -603,7 +603,7 @@ release_replica(Private_Repl_Protocol *prp)
 		struct berval *data = NULL;
 
 		/* Check the message id's match */
-		if (sent_message_id != sent_message_id)
+		if (sent_message_id != ret_message_id)
 		{
 			int operation, error;
 			conn_get_error(prp->conn, &operation, &error);
diff --git a/ldap/servers/slapd/agtmmap.c b/ldap/servers/slapd/agtmmap.c
index d82da5f..f18138a 100644
--- a/ldap/servers/slapd/agtmmap.c
+++ b/ldap/servers/slapd/agtmmap.c
@@ -187,46 +187,49 @@ agt_mopen_stats (char * statsfile, int mode, int *hdl)
 
 	           if ( fd < 0 )
 	           {
-			err = errno;
+                   err = errno;
 #if (0)
-			fprintf (stderr, "returning errno =%d from %s(line: %d)\n", err, __FILE__, __LINE__);
+                   fprintf (stderr, "returning errno =%d from %s(line: %d)\n", err, __FILE__, __LINE__);
 #endif
-	                rc = err;
-			goto bail;
-                   }
+                   rc = err;
+                   goto bail;
+               }
 		
-		   fstat (fd, &fileinfo);
-
-		   sz = sizeof (struct agt_stats_t);
-
-		   if (fileinfo.st_size < sz)
-		   {
-			   /* Without this we will get segv when we try to read/write later */
-			   buf = calloc (1, sz);
-			   (void)write (fd, buf, sz);
-			   free (buf);
-		   }
-
-		   fp = mmap (NULL, sz, (PROT_READ | PROT_WRITE), MAP_SHARED, fd, 0);
-
-		   if (fp == (caddr_t) -1)
-		   {
-			err = errno;
-			close (fd);
+               if(fstat (fd, &fileinfo) != 0){
+                   rc = errno;
+                   goto bail;
+		       }
+
+               sz = sizeof (struct agt_stats_t);
+
+               if (fileinfo.st_size < sz)
+               {
+                   /* Without this we will get segv when we try to read/write later */
+                   buf = calloc (1, sz);
+                   (void)write (fd, buf, sz);
+                   free (buf);
+               }
+
+               fp = mmap (NULL, sz, (PROT_READ | PROT_WRITE), MAP_SHARED, fd, 0);
+
+               if (fp == (caddr_t) -1)
+               {
+                   err = errno;
+                   close (fd);
 #if (0)
-			fprintf (stderr, "returning errno =%d from %s(line: %d)\n", err, __FILE__, __LINE__);
+                   fprintf (stderr, "returning errno =%d from %s(line: %d)\n", err, __FILE__, __LINE__);
 #endif
-			rc = err;
-			goto bail;
-		   }
+                   rc = err;
+                   goto bail;
+               }
 
-		   mmap_tbl [1].maptype = AGT_MAP_RDWR;
-		   mmap_tbl [1].fd 	= fd;
-		   mmap_tbl [1].fp 	= fp;
-		   *hdl = 1;
+               mmap_tbl [1].maptype = AGT_MAP_RDWR;
+               mmap_tbl [1].fd = fd;
+               mmap_tbl [1].fp = fp;
+               *hdl = 1;
 
-		   rc = 0;
-                   break;
+               rc = 0;
+           break;
 	} /* end switch */
 #else
 	/* _WIN32 */
diff --git a/ldap/servers/slapd/back-ldbm/dblayer.c b/ldap/servers/slapd/back-ldbm/dblayer.c
index 8696834..960d99e 100644
--- a/ldap/servers/slapd/back-ldbm/dblayer.c
+++ b/ldap/servers/slapd/back-ldbm/dblayer.c
@@ -4478,7 +4478,12 @@ static int checkpoint_threadmain(void *param)
                                 "%s.old", *listp);
                     checkpoint_debug_message(debug_checkpointing,
                                 "Renaming %s -> %s\n",*listp, new_filename, 0);
-                    rename(*listp, new_filename);    
+                    if(rename(*listp, new_filename) != 0){
+                    	LDAPDebug(LDAP_DEBUG_ANY, "checkpoint_threadmain: failed to rename log (%s) to (%s)\n",
+                    	        *listp, new_filename, 0);
+                    	rval = -1;
+                    	goto error_return;
+                    }
                 }
             }
             slapi_ch_free((void**)&list);
diff --git a/ldap/servers/slapd/daemon.c b/ldap/servers/slapd/daemon.c
index 221b156..524a6aa 100644
--- a/ldap/servers/slapd/daemon.c
+++ b/ldap/servers/slapd/daemon.c
@@ -3384,8 +3384,14 @@ createsignalpipe( void )
 	}
 	writesignalpipe = PR_FileDesc2NativeHandle(signalpipe[1]);
 	readsignalpipe = PR_FileDesc2NativeHandle(signalpipe[0]);
-	fcntl(writesignalpipe, F_SETFD, O_NONBLOCK);
-	fcntl(readsignalpipe, F_SETFD, O_NONBLOCK);
+	if(fcntl(writesignalpipe, F_SETFD, O_NONBLOCK) == -1){
+		LDAPDebug( LDAP_DEBUG_ANY,"createsignalpipe: failed to set FD for write pipe (%d).\n",
+				errno, 0, 0 );
+	}
+	if(fcntl(readsignalpipe, F_SETFD, O_NONBLOCK) == -1){
+		LDAPDebug( LDAP_DEBUG_ANY,"createsignalpipe: failed to set FD for read pipe (%d).\n",
+				errno, 0, 0);
+	}
 #endif
 
 	return( 0 );
@@ -3605,7 +3611,7 @@ void configure_ns_socket( int * ns )
 {
 
 	int enable_nagle = config_get_nagle();
-        int on;
+	int on, rc;
 
 #if defined(LINUX)
 	/* On Linux we use TCP_CORK so we must enable nagle */
@@ -3615,19 +3621,18 @@ void configure_ns_socket( int * ns )
 	if ( have_send_timeouts ) {
 		daemon_configure_send_timeout( *ns, config_get_ioblocktimeout() );
 	}
-
-
+	/* set the nagle */
 	if ( !enable_nagle ) {
-	        on = 1;
-	        setsockopt( *ns, IPPROTO_TCP, TCP_NODELAY, (char * ) &on, sizeof(on) );
+		on = 1;
 	} else {
-	        on = 0;
-		setsockopt( *ns, IPPROTO_TCP, TCP_NODELAY, (char * ) &on, sizeof(on) );
-	} /* else (!enable_nagle) */
-
+		on = 0;
+	}
+	/* check for errors */
+	if((rc = setsockopt( *ns, IPPROTO_TCP, TCP_NODELAY, (char * ) &on, sizeof(on) ) != 0)){
+		LDAPDebug( LDAP_DEBUG_ANY,"configure_ns_socket: Failed to configure socket (%d).\n", rc, 0, 0);
+	}
 
 	return;
-
 }
 
 
diff --git a/ldap/servers/slapd/log.c b/ldap/servers/slapd/log.c
index a765001..9b3f640 100644
--- a/ldap/servers/slapd/log.c
+++ b/ldap/servers/slapd/log.c
@@ -3789,6 +3789,9 @@ log__open_errorlogfile(int logfile_state, int locked)
 	struct logfileinfo	*logp;
 	char			buffer[BUFSIZ];
 	struct passwd	*pw = NULL;
+#ifndef _WIN32
+	int rc = 0;
+#endif
 
 	slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
 
@@ -3886,7 +3889,20 @@ log__open_errorlogfile(int logfile_state, int locked)
 	 * alternate ns-slapd modes, such as db2bak, tries to log an error
 	 * at startup, it will create the logfile as root! 
 	 */
-	slapd_chown_if_not_owner(loginfo.log_error_file, pw->pw_uid, -1);
+	if((rc = slapd_chown_if_not_owner(loginfo.log_error_file, pw->pw_uid, -1)) != 0){
+		PR_snprintf(buffer, sizeof(buffer),
+				"Failed to chown log file %s: error %d (%s); Exiting...",
+				loginfo.log_error_file, errno, slapd_system_strerror(errno));
+		log__error_emergency(buffer, 1, locked);
+		if (!locked) LOG_ERROR_UNLOCK_WRITE();
+		/* failed to write to the errors log.  should not continue. */
+		g_set_shutdown( SLAPI_SHUTDOWN_EXIT );
+		/*if I have an old log file -- I should log a message
+		** that I can't open the new file. Let the caller worry
+		** about logging message.
+		*/
+		return LOG_UNABLE_TO_OPENFILE;
+	}
 #endif
 
 	loginfo.log_error_fdes = fp;
diff --git a/ldap/servers/slapd/main.c b/ldap/servers/slapd/main.c
index 84ce01d..9938c01 100644
--- a/ldap/servers/slapd/main.c
+++ b/ldap/servers/slapd/main.c
@@ -247,7 +247,10 @@ chown_dir_files(char *name, struct passwd *pw, PRBool strip_fn, PRBool both)
     while( (entry = PR_ReadDir(dir , PR_SKIP_BOTH )) !=NULL ) 
     {
       PR_snprintf(file,MAXPATHLEN+1,"%s/%s",log,entry->name);
-      slapd_chown_if_not_owner( file, pw->pw_uid, both?pw->pw_gid:-1 ); 
+      if((rc = slapd_chown_if_not_owner( file, pw->pw_uid, both?pw->pw_gid:-1 )) != 0){
+    	  LDAPDebug(LDAP_DEBUG_ANY, "chown_dir_files: file (%s) chown failed (%d) %s.\n",
+    			  file, errno, slapd_system_strerror(errno));
+      }
     }
     PR_CloseDir( dir );
   }
diff --git a/ldap/servers/slapd/ssl.c b/ldap/servers/slapd/ssl.c
index 0aab53d..f515b8e 100644
--- a/ldap/servers/slapd/ssl.c
+++ b/ldap/servers/slapd/ssl.c
@@ -360,7 +360,7 @@ _conf_setciphers(char *ciphers)
         if(t)
             ciphers = t;
     }
-    if (unsuplist && unsuplist) {
+    if (unsuplist && *unsuplist) {
         char *strsup = charray2str(suplist, ",");
         char *strunsup = charray2str(unsuplist, ",");
         slapd_SSL_warn("Security Initialization: FIPS mode is enabled - only the following "
@@ -614,9 +614,18 @@ slapd_nss_init(int init_ssl, int config_available)
 		certdb_file_name = slapi_ch_smprintf("%s/cert8.db", certdir);
 		keydb_file_name = slapi_ch_smprintf("%s/key3.db", certdir);
 		secmoddb_file_name = slapi_ch_smprintf("%s/secmod.db", certdir);
-		chmod(certdb_file_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP );
-		chmod(keydb_file_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP );
-		chmod(secmoddb_file_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP );
+		if(chmod(certdb_file_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP )){
+			LDAPDebug(LDAP_DEBUG_ANY, "slapd_nss_init: chmod failed for file %s error (%d) %s.\n",
+					certdb_file_name, errno, slapd_system_strerror(errno));
+		}
+		if(chmod(keydb_file_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP )){
+			LDAPDebug(LDAP_DEBUG_ANY, "slapd_nss_init: chmod failed for file %s error (%d) %s.\n",
+					keydb_file_name, errno, slapd_system_strerror(errno));
+		}
+		if(chmod(secmoddb_file_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP )){
+			LDAPDebug(LDAP_DEBUG_ANY, "slapd_nss_init: chmod failed for file %s error (%d) %s.\n",
+					secmoddb_file_name, errno, slapd_system_strerror(errno));
+		}
 	}
 
     /****** end of NSS Initialization ******/
diff --git a/ldap/servers/slapd/tools/ldclt/ldclt.c b/ldap/servers/slapd/tools/ldclt/ldclt.c
index 27a2412..2a45c76 100644
--- a/ldap/servers/slapd/tools/ldclt/ldclt.c
+++ b/ldap/servers/slapd/tools/ldclt/ldclt.c
@@ -1497,7 +1497,7 @@ basicInit (void)
     /*
      * Parse the deference attribute value
      */
-    mctx.attRefDef= (char *)malloc(strlen(mctx.attrpl+i+1) + 1);
+    mctx.attRefDef= (char *)malloc(strlen(mctx.attrpl + i) + 2);
     if (mctx.attRefDef== NULL) {
       printf ("Error: unable to allocate memory for attRefDef\n");
       return (-1);
@@ -1525,7 +1525,7 @@ basicInit (void)
     /*
      * Parse the attribute value
      */
-    mctx.attrplFile = (char *)malloc(strlen(mctx.attrpl+i+1) + 1);
+    mctx.attrplFile = (char *)malloc(strlen(mctx.attrpl+i) + 2);
     if (mctx.attrplFile == NULL) {
       printf ("Error: unable to allocate memory for attreplfile\n");
       return (-1);
diff --git a/ldap/servers/slapd/tools/rsearch/sdattable.c b/ldap/servers/slapd/tools/rsearch/sdattable.c
index df1c152..c0274d0 100644
--- a/ldap/servers/slapd/tools/rsearch/sdattable.c
+++ b/ldap/servers/slapd/tools/rsearch/sdattable.c
@@ -183,7 +183,7 @@ int sdt_save(SDatTable *sdt, const char *filename)
 	    PR_Write(fd, sdt->dns[i], strlen(sdt->dns[i]));
 	    PR_Write(fd, "\n", 1);
 	}
-	if (sdt->dns[i]) {
+	if (sdt->uids[i]) {
 	    PR_Write(fd, "uid: ", 5);
 	    PR_Write(fd, sdt->uids[i], strlen(sdt->uids[i]));
 	    PR_Write(fd, "\n", 1);
diff --git a/ldap/servers/slapd/util.c b/ldap/servers/slapd/util.c
index 649b3a9..0a9d23d 100644
--- a/ldap/servers/slapd/util.c
+++ b/ldap/servers/slapd/util.c
@@ -417,7 +417,7 @@ normalize_mods2bvals(const LDAPMod **mods)
                 num_values++;
             }
         } else {
-            for (x = 0; mods[w]->mod_values[x] != NULL &&
+            for (x = 0; mods[w]->mod_values != NULL &&
                     mods[w]->mod_values[x] != NULL; x++) 
             {
                 num_values++;
-- 
1.8.1.4