A few coverity patches from the queue

Volker Lendecke Volker.Lendecke at SerNet.DE
Mon Jul 22 06:17:45 MDT 2013


Hi!

Mostly trivial stuff. Please review&push.

Thanks,

Volker
-------------- next part --------------
From 53ee0ff461ec7b877c887210dd062b113a7127ed Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 22 Jun 2013 12:13:26 +0200
Subject: [PATCH 1/5] tdb: Fix CID 1034960 Uninitialized scalar variable

log_ctx.log_private was used uninitialized. Not a real bug here,
as tdb_log does not access it, but tdb_open_ex still moves around
uninitialized data. So this would show up in valgrind as well.

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 lib/tdb/tools/tdbtool.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/tdb/tools/tdbtool.c b/lib/tdb/tools/tdbtool.c
index d007796..5446de4 100644
--- a/lib/tdb/tools/tdbtool.c
+++ b/lib/tdb/tools/tdbtool.c
@@ -235,7 +235,7 @@ static void create_tdb(const char *tdbname)
 
 static void open_tdb(const char *tdbname)
 {
-	struct tdb_logging_context log_ctx;
+	struct tdb_logging_context log_ctx = { 0, };
 	log_ctx.log_fn = tdb_log;
 
 	if (tdb) tdb_close(tdb);
-- 
1.7.9.5


From 93b19ac9a6fd8621ddbc1d5d138370a8904d12d9 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 22 Jun 2013 12:13:26 +0200
Subject: [PATCH 2/5] tdb: Fix CID 1034959 Uninitialized scalar variable

log_ctx.log_private was used uninitialized. Not a real bug here,
as tdb_log does not access it, but tdb_open_ex still moves around
uninitialized data. So this would show up in valgrind as well.

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 lib/tdb/tools/tdbtool.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/tdb/tools/tdbtool.c b/lib/tdb/tools/tdbtool.c
index 5446de4..87c0f98 100644
--- a/lib/tdb/tools/tdbtool.c
+++ b/lib/tdb/tools/tdbtool.c
@@ -222,7 +222,7 @@ static void terror(const char *why)
 
 static void create_tdb(const char *tdbname)
 {
-	struct tdb_logging_context log_ctx;
+	struct tdb_logging_context log_ctx = { 0, };
 	log_ctx.log_fn = tdb_log;
 
 	if (tdb) tdb_close(tdb);
-- 
1.7.9.5


From f690f8a2664698dbd5364e5a079553bd415dda2b Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 22 Jun 2013 13:06:34 +0200
Subject: [PATCH 3/5] smbd: Fix CID 1035538 Uninitialized pointer read

rpc_pipe_open_interface just returns okay if the pipe in question is
already open. For this, it needs to read the value.

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 source3/smbd/lanman.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c
index b5598a4..a21e715 100644
--- a/source3/smbd/lanman.c
+++ b/source3/smbd/lanman.c
@@ -2715,7 +2715,7 @@ static bool api_RNetUserEnum(struct smbd_server_connection *sconn,
 	int i, resume_context, cli_buf_size;
 	uint32_t resume_handle;
 
-	struct rpc_pipe_client *samr_pipe;
+	struct rpc_pipe_client *samr_pipe = NULL;
 	struct policy_handle samr_handle, domain_handle;
 	NTSTATUS status, result;
 
-- 
1.7.9.5


From 05550ea72730dba76bc7886ebb341f50e9af63c7 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 22 Jun 2013 13:06:34 +0200
Subject: [PATCH 4/5] smbd: Fix CID 1035537 Uninitialized pointer read

rpc_pipe_open_interface just returns okay if the pipe in question is
already open. For this, it needs to read the value.

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 source3/smbd/lanman.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c
index a21e715..76b644c 100644
--- a/source3/smbd/lanman.c
+++ b/source3/smbd/lanman.c
@@ -2341,7 +2341,7 @@ static bool api_RNetGroupEnum(struct smbd_server_connection *sconn,
 
 	uint32_t num_groups;
 	uint32_t resume_handle;
-	struct rpc_pipe_client *samr_pipe;
+	struct rpc_pipe_client *samr_pipe = NULL;
 	struct policy_handle samr_handle, domain_handle;
 	NTSTATUS status, result;
 	struct dcerpc_binding_handle *b;
-- 
1.7.9.5


From 081d2a40aee0e5dc415df8671d6c9e055adbc8ab Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 22 Jun 2013 13:06:34 +0200
Subject: [PATCH 5/5] smbd: Fix CID 1035536 Uninitialized pointer read

rpc_pipe_open_interface just returns okay if the pipe in question is
already open. For this, it needs to read the value.

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 source3/smbd/lanman.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c
index 76b644c..9278a3f 100644
--- a/source3/smbd/lanman.c
+++ b/source3/smbd/lanman.c
@@ -2525,7 +2525,7 @@ static bool api_NetUserGetGroups(struct smbd_server_connection *sconn,
 	uint32_t i;
 	char *endp = NULL;
 
-	struct rpc_pipe_client *samr_pipe;
+	struct rpc_pipe_client *samr_pipe = NULL;
 	struct policy_handle samr_handle, domain_handle, user_handle;
 	struct lsa_String name;
 	struct lsa_Strings names;
-- 
1.7.9.5



More information about the samba-technical mailing list