Blame SOURCES/aide-static-analysis.patch

1e4393
Only in b: config.log
1e4393
diff --color -ru a/contrib/sshaide.sh b/contrib/sshaide.sh
1e4393
--- a/contrib/sshaide.sh	2016-07-25 22:56:55.000000000 +0200
1e4393
+++ b/contrib/sshaide.sh	2021-05-20 11:11:24.112542472 +0200
1e4393
@@ -260,7 +260,7 @@
1e4393
     _randword=`grep -n . ${_wordlist} | grep "^${_linenum}:" | cut -d: -f2`
1e4393
  
1e4393
     # If $_randword has anything other than lower-case chars, try again
1e4393
-    (echo ${_randword} | LC_ALL=C grep '[^a-z]' 2>&1 >> /dev/null \
1e4393
+    ({ echo ${_randword} | LC_ALL=C grep '[^a-z]' 2>&1; } >> /dev/null \
1e4393
             && gen_rand_word ) || \
1e4393
  
1e4393
     # Return the word
1e4393
diff --color -ru a/src/commandconf.c b/src/commandconf.c
1e4393
--- a/src/commandconf.c	2021-05-20 10:37:53.842382143 +0200
1e4393
+++ b/src/commandconf.c	2021-05-25 14:16:43.278526146 +0200
1e4393
@@ -313,7 +313,7 @@
1e4393
       } else {
1e4393
 	/* gzread returns 0 even if uncompressed bytes were read*/
1e4393
 	error(240,"nread=%d,strlen(buf)=%lu,errno=%s,gzerr=%s\n",
1e4393
-              retval,(unsigned long)strnlen((char*)buf, max_size),
1e4393
+              retval,(unsigned long)strnlen((char*)buf, retval),
1e4393
               strerror(errno),gzerror(*db_gzp,&err));
1e4393
 	if(retval==0){
1e4393
 	  retval=strnlen((char*)buf, max_size);
1e4393
@@ -836,6 +836,11 @@
1e4393
       }
1e4393
       break;
1e4393
     }
1e4393
+    default: {
1e4393
+      error(0,"Unsupported dbtype.\n");
1e4393
+      free(u);
1e4393
+      break;
1e4393
+    }
1e4393
     }
1e4393
   }
1e4393
   free(val);
1e4393
@@ -900,7 +905,7 @@
1e4393
   } else {
1e4393
     error_init(u,0);
1e4393
   }
1e4393
-
1e4393
+  free(u->value);
1e4393
   free(u);  
1e4393
 }
1e4393
 
1e4393
diff --color -ru a/src/db_disk.c b/src/db_disk.c
1e4393
--- a/src/db_disk.c	2021-05-20 10:37:53.842382143 +0200
1e4393
+++ b/src/db_disk.c	2021-05-20 12:37:00.081493364 +0200
1e4393
@@ -125,10 +125,10 @@
1e4393
 
1e4393
 	ret = (char *) malloc (len);
1e4393
 	ret[0] = (char) 0;
1e4393
-	strncpy(ret, conf->root_prefix, conf->root_prefix_length+1);
1e4393
-	strncat (ret, r->path, len2);
1e4393
+	strcpy(ret, conf->root_prefix);
1e4393
+	strcat (ret, r->path);
1e4393
 	if (r->path[len2 - 1] != '/') {
1e4393
-		strncat (ret, "/", 1);
1e4393
+		strcat (ret, "/");
1e4393
 	}
1e4393
 	strcat (ret, s);
1e4393
 	return ret;
1e4393
@@ -207,8 +207,8 @@
1e4393
 	if (!root_handled) {
1e4393
 		root_handled = 1;
1e4393
 		fullname=malloc((conf->root_prefix_length+2)*sizeof(char));
1e4393
-		strncpy(fullname, conf->root_prefix, conf->root_prefix_length+1);
1e4393
-		strncat (fullname, "/", 1);
1e4393
+		strcpy(fullname, conf->root_prefix);
1e4393
+		strcat (fullname, "/");
1e4393
 		if (!get_file_status(&fullname[conf->root_prefix_length], &fs)) {
1e4393
 		add = check_rxtree (&fullname[conf->root_prefix_length], conf->tree, &attr, fs.st_mode);
1e4393
 		error (240, "%s match=%d, tree=%p, attr=%llu\n", &fullname[conf->root_prefix_length], add,
1e4393
@@ -346,8 +346,8 @@
1e4393
 				error (255, "r->childs %p, r->parent %p,r->checked %i\n",
1e4393
 							 r->childs, r->parent, r->checked);
1e4393
 				fullname=malloc((conf->root_prefix_length+strlen(r->path)+1)*sizeof(char));
1e4393
-				strncpy(fullname, conf->root_prefix, conf->root_prefix_length+1);
1e4393
-				strncat(fullname, r->path, strlen(r->path));
1e4393
+				strcpy(fullname, conf->root_prefix);
1e4393
+				strcat(fullname, r->path);
1e4393
 				dirh=open_dir(fullname);
1e4393
 				if (! dirh) {
1e4393
 
1e4393
@@ -441,8 +441,8 @@
1e4393
 
1e4393
 
1e4393
 	char* fullname=malloc((conf->root_prefix_length+2)*sizeof(char));
1e4393
-	strncpy(fullname, conf->root_prefix, conf->root_prefix_length+1);
1e4393
-	strncat (fullname, "/", 1);
1e4393
+	strcpy(fullname, conf->root_prefix);
1e4393
+	strcat (fullname, "/");
1e4393
 	dirh=open_dir(fullname);
1e4393
 	free(fullname);
1e4393
 
1e4393
diff --color -ru a/src/error.c b/src/error.c
1e4393
--- a/src/error.c	2021-05-20 10:37:53.836382037 +0200
1e4393
+++ b/src/error.c	2021-05-21 11:49:09.781313097 +0200
1e4393
@@ -125,7 +125,7 @@
1e4393
   fh=be_init(0,url,0);
1e4393
   if(fh!=NULL) {
1e4393
     conf->report_fd=list_append(conf->report_fd,(void*)fh);
1e4393
-    conf->report_url=list_append(conf->report_url,(void*)url);
1e4393
+    conf->report_url=list_append(conf->report_url,(void*)strdup(url));
1e4393
     return RETOK;
1e4393
   }
1e4393
   
1e4393
diff --color -ru a/src/util.c b/src/util.c
1e4393
--- a/src/util.c	2021-05-20 10:37:53.843382160 +0200
1e4393
+++ b/src/util.c	2021-05-25 11:04:39.507278771 +0200
1e4393
@@ -105,13 +105,15 @@
1e4393
       for(i=0;r[0]!='/'&&r[0]!='\0';r++,i++);
1e4393
       if(r[0]=='\0'){
1e4393
 	error(0,"Invalid file-URL,no path after hostname: file:%s\n",t);
1e4393
+        free(u);
1e4393
+        free(val_copy);
1e4393
         free(hostname);
1e4393
 	return NULL;
1e4393
       }
1e4393
       u->value=strdup(r);
1e4393
       r[0]='\0';
1e4393
       if(gethostname(hostname,MAXHOSTNAMELEN)==-1){
1e4393
-        strncpy(hostname,"localhost", 10);
1e4393
+        strncpy(hostname,"localhost",MAXHOSTNAMELEN);
1e4393
       }
1e4393
 
1e4393
       if( (strcmp(t,"localhost")==0)||(strcmp(t,hostname)==0)){
1e4393
@@ -119,6 +121,9 @@
1e4393
 	break;
1e4393
       } else {
1e4393
 	error(0,"Invalid file-URL, cannot use hostname other than localhost or %s: file:%s\n",hostname,u->value);
1e4393
+        free(u->value);
1e4393
+        free(u);
1e4393
+        free(val_copy);
1e4393
 	free(hostname);
1e4393
 	return NULL;
1e4393
       }
1e4393
@@ -229,6 +234,10 @@
1e4393
   int i=0;
1e4393
   
1e4393
   pc=(char*)malloc(sizeof(char)*11);
1e4393
+  if (!pc) {
1e4393
+    error(0, "Memory allocation failed.\n");
1e4393
+    return NULL;
1e4393
+  }
1e4393
   for(i=0;i<10;i++){
1e4393
     pc[i]='-';
1e4393
   }
1e4393
@@ -369,14 +378,17 @@
1e4393
 
1e4393
     if (path != NULL) {
1e4393
         if (path[0] == '~') {
1e4393
-            if((homedir=getenv("HOME")) != NULL) {
1e4393
+            if ((homedir=getenv("HOME")) != NULL) {
1e4393
                 path_len = strlen(path+sizeof(char));
1e4393
                 homedir_len = strlen(homedir);
1e4393
                 full_len = homedir_len+path_len;
1e4393
                 full = malloc(sizeof(char) * (full_len+1));
1e4393
-                strncpy(full, homedir, homedir_len);
1e4393
-                strncpy(full+homedir_len, path+sizeof(char), path_len);
1e4393
-                full[full_len] = '\0';
1e4393
+                if (!full) {
1e4393
+                    error(0, "Memory allocation failed.\n");
1e4393
+                    return path;
1e4393
+                }
1e4393
+                strcpy(full, homedir);
1e4393
+                strcat(full, path+sizeof(char));
1e4393
                 free(path);
1e4393
                 /* Don't free(homedir); because it is not safe on some platforms */
1e4393
                 path = full;