[PATCH] Fix new coverity findings
Jeremy Allison
jra at samba.org
Tue Jan 30 21:03:27 UTC 2018
On Tue, Jan 30, 2018 at 12:38:56PM +0100, Volker Lendecke via samba-technical wrote:
> Hi!
>
> Review appreciated!
>
> Thanks, Volker
LGTM. RB+ and pushed - thanks !
Jeremy.
> --
> Besuchen Sie die verinice.XP 2018 in Berlin,
> Anwenderkonferenz für Informationssicherheit
> vom 21.-23.03.2018 im Sofitel Kurfürstendamm
> Info & Anmeldung hier: http://veriniceXP.org
>
> SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
> phone: +49-551-370000-0, fax: +49-551-370000-9
> AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
> http://www.sernet.de, mailto:kontakt at sernet.de
> From ee4d33098b9162e514be0b10e2c7a4f699e3b923 Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Tue, 30 Jan 2018 12:34:11 +0100
> Subject: [PATCH 1/3] vfs_virusfilter: Fix CID 1428739 Buffer not null
> terminated
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> source3/modules/vfs_virusfilter_utils.c | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
> diff --git a/source3/modules/vfs_virusfilter_utils.c b/source3/modules/vfs_virusfilter_utils.c
> index 628e0aef99a..d2616f058d5 100644
> --- a/source3/modules/vfs_virusfilter_utils.c
> +++ b/source3/modules/vfs_virusfilter_utils.c
> @@ -148,10 +148,16 @@ bool virusfilter_io_connect_path(
> struct sockaddr_un addr;
> NTSTATUS status;
> int socket, bes_result, flags, ret;
> + size_t len;
>
> ZERO_STRUCT(addr);
> addr.sun_family = AF_UNIX;
> - strncpy(addr.sun_path, path, sizeof(addr.sun_path));
> +
> + len = strlcpy(addr.sun_path, path, sizeof(addr.sun_path));
> + if (len >= sizeof(addr.sun_path)) {
> + io_h->stream = NULL;
> + return false;
> + }
>
> status = open_socket_out((struct sockaddr_storage *)&addr, 0,
> io_h->connect_timeout,
> --
> 2.11.0
>
>
> From 7ba112652f78e6d41f5ac05613484648106bc90d Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Tue, 30 Jan 2018 12:36:14 +0100
> Subject: [PATCH 2/3] vfs_virusfilter: Fix CID 1428740 Macro compares unsigned
> to 0
>
> vsnprintf returns "int" and not "size_t"
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> source3/modules/vfs_virusfilter_utils.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/source3/modules/vfs_virusfilter_utils.c b/source3/modules/vfs_virusfilter_utils.c
> index d2616f058d5..55d00f715d6 100644
> --- a/source3/modules/vfs_virusfilter_utils.c
> +++ b/source3/modules/vfs_virusfilter_utils.c
> @@ -417,7 +417,7 @@ bool virusfilter_io_vwritefl(
> const char *data_fmt, va_list ap)
> {
> char data[VIRUSFILTER_IO_BUFFER_SIZE + VIRUSFILTER_IO_EOL_SIZE];
> - size_t data_size;
> + int data_size;
>
> data_size = vsnprintf(data, VIRUSFILTER_IO_BUFFER_SIZE, data_fmt, ap);
>
> --
> 2.11.0
>
>
> From 78f83c9f6ca4b4ecb1e079cb0c11a9bf31d9fdca Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Tue, 30 Jan 2018 12:37:30 +0100
> Subject: [PATCH 3/3] vfs_virusfilter: Fix CID 1428738 Macro compares unsigned
> to 0
>
> vsnprintf returns "int" and not "size_t"
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> source3/modules/vfs_virusfilter_utils.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/source3/modules/vfs_virusfilter_utils.c b/source3/modules/vfs_virusfilter_utils.c
> index 55d00f715d6..90ae427023b 100644
> --- a/source3/modules/vfs_virusfilter_utils.c
> +++ b/source3/modules/vfs_virusfilter_utils.c
> @@ -395,7 +395,7 @@ bool virusfilter_io_writefl(
> {
> va_list ap;
> char data[VIRUSFILTER_IO_BUFFER_SIZE + VIRUSFILTER_IO_EOL_SIZE];
> - size_t data_size;
> + int data_size;
>
> va_start(ap, data_fmt);
> data_size = vsnprintf(data, VIRUSFILTER_IO_BUFFER_SIZE, data_fmt, ap);
> --
> 2.11.0
>
More information about the samba-technical
mailing list