[PATCH] Some coverity fixes

Volker Lendecke Volker.Lendecke at SerNet.DE
Wed May 6 00:24:03 MDT 2015 

Hi!

Review&push appreciated!

Thanks,

Volker

-- 
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de
-------------- next part --------------
From d0a8091bf7d0114586498314f7919a715519c565 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sun, 3 May 2015 10:12:23 +0000
Subject: [PATCH 1/7] lib: Fix a typo

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 source3/lib/util_str.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source3/lib/util_str.c b/source3/lib/util_str.c
index a2d5997..fc87802 100644
--- a/source3/lib/util_str.c
+++ b/source3/lib/util_str.c
@@ -566,7 +566,7 @@ bool strupper_m(char *s)
 	if (!*s)
 		return true;
 
-	/* I assume that lowercased string takes the same number of bytes
+	/* I assume that uppercased string takes the same number of bytes
 	 * as source string even in multibyte encoding. (VIV) */
 	len = strlen(s) + 1;
 	ret = unix_strupper(s,len,s,len);
-- 
1.9.1


From c51c50561c3ff648cf3b9f85ddfc2f2d69998083 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sun, 3 May 2015 09:45:33 +0000
Subject: [PATCH 2/7] lib: Fix CID 1034836 Resource leak

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 lib/replace/test/testsuite.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lib/replace/test/testsuite.c b/lib/replace/test/testsuite.c
index 017b8ed..961b77d 100644
--- a/lib/replace/test/testsuite.c
+++ b/lib/replace/test/testsuite.c
@@ -69,19 +69,23 @@ static int test_ftruncate(void)
 	}
 	if (ftruncate(fd, size) != 0) {
 		printf("failure: ftruncate [\n%s\n]\n", strerror(errno));
+		close(fd);
 		return false;
 	}
 	if (fstat(fd, &st) != 0) {
 		printf("failure: ftruncate [\nfstat failed - %s\n]\n", strerror(errno));
+		close(fd);
 		return false;
 	}
 	if (st.st_size != size) {
 		printf("failure: ftruncate [\ngave wrong size %d - expected %d\n]\n",
 		       (int)st.st_size, size);
+		close(fd);
 		return false;
 	}
 	unlink(TESTFILE);
 	printf("success: ftruncate\n");
+	close(fd);
 	return true;
 }
 
-- 
1.9.1


From 782bba74ca9eb9a42fca90a3b2afdefa92bdb068 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sun, 3 May 2015 09:34:41 +0000
Subject: [PATCH 3/7] ping_pong: Fix CID 1273087 Resource leak

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 ctdb/utils/ping_pong/ping_pong.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ctdb/utils/ping_pong/ping_pong.c b/ctdb/utils/ping_pong/ping_pong.c
index 1d134a1..fdb575d 100644
--- a/ctdb/utils/ping_pong/ping_pong.c
+++ b/ctdb/utils/ping_pong/ping_pong.c
@@ -141,6 +141,7 @@ static void ping_pong(int fd, int num_locks)
 	val = (unsigned char *)calloc(num_locks+1, sizeof(unsigned char));
 	if (val == NULL) {
 		printf("calloc failed\n");
+		munmap(p, num_locks+1);
 		return;
 	}
 
-- 
1.9.1


From 18b8bdbb72bde2fb9671eb0dfd221939ee434589 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sun, 3 May 2015 09:29:51 +0000
Subject: [PATCH 4/7] heimdal: Fix CID 240793 Uninitialized scalar variable

tmp.data is uninitialized in the fwrite call

Hopefully I don't create a problem here: If tmp.data is supposed to be randomly
set, I think the right fix would have been to explicitly call a random function
initializing it.

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 source4/heimdal/lib/krb5/replay.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/source4/heimdal/lib/krb5/replay.c b/source4/heimdal/lib/krb5/replay.c
index 965dd44..d85424d 100644
--- a/source4/heimdal/lib/krb5/replay.c
+++ b/source4/heimdal/lib/krb5/replay.c
@@ -129,7 +129,7 @@ krb5_rc_initialize(krb5_context context,
 		   krb5_deltat auth_lifespan)
 {
     FILE *f = fopen(id->name, "w");
-    struct rc_entry tmp;
+    struct rc_entry tmp = { .stamp = auth_lifespan };
     int ret;
 
     if(f == NULL) {
@@ -139,7 +139,6 @@ krb5_rc_initialize(krb5_context context,
 	krb5_set_error_message(context, ret, "open(%s): %s", id->name, buf);
 	return ret;
     }
-    tmp.stamp = auth_lifespan;
     fwrite(&tmp, 1, sizeof(tmp), f);
     fclose(f);
     return 0;
-- 
1.9.1


From 2339350a439f0727b9964564a097e9d8220ac09d Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sun, 3 May 2015 09:27:16 +0000
Subject: [PATCH 5/7] smbd: Fix CID 703870 Uninitialized scalar variable

msg.msg_flags was uninitialized in the recvmsg call

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 source3/modules/vfs_aio_fork.c | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/source3/modules/vfs_aio_fork.c b/source3/modules/vfs_aio_fork.c
index 06f38c2..dea8107 100644
--- a/source3/modules/vfs_aio_fork.c
+++ b/source3/modules/vfs_aio_fork.c
@@ -154,21 +154,16 @@ static void free_aio_children(void **p)
 
 static ssize_t read_fd(int fd, void *ptr, size_t nbytes, int *recvfd)
 {
-	struct msghdr msg;
 	struct iovec iov[1];
+	struct msghdr msg = { .msg_iov = iov, .msg_iovlen = 1 };
 	ssize_t n;
 	size_t bufsize = msghdr_prep_recv_fds(NULL, NULL, 0, 1);
 	uint8_t buf[bufsize];
 
 	msghdr_prep_recv_fds(&msg, buf, bufsize, 1);
 
-	msg.msg_name = NULL;
-	msg.msg_namelen = 0;
-
 	iov[0].iov_base = (void *)ptr;
 	iov[0].iov_len = nbytes;
-	msg.msg_iov = iov;
-	msg.msg_iovlen = 1;
 
 	do {
 		n = recvmsg(fd, &msg, 0);
-- 
1.9.1


From 83146b0eab5f0bf29c4dc34c9412a88d4e5e74f8 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sun, 3 May 2015 09:20:42 +0000
Subject: [PATCH 6/7] winbind: Fix CID 1035544 Uninitialized scalar variable

In rpc_sequence_number() we always look at *pseq

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 source3/winbindd/winbindd_msrpc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source3/winbindd/winbindd_msrpc.c b/source3/winbindd/winbindd_msrpc.c
index 7cd904b..4080b12 100644
--- a/source3/winbindd/winbindd_msrpc.c
+++ b/source3/winbindd/winbindd_msrpc.c
@@ -862,7 +862,7 @@ static NTSTATUS msrpc_sequence_number(struct winbindd_domain *domain,
 {
 	struct rpc_pipe_client *samr_pipe;
 	struct policy_handle dom_pol;
-	uint32_t seq;
+	uint32_t seq = DOM_SEQUENCE_NONE;
 	TALLOC_CTX *tmp_ctx;
 	NTSTATUS status;
 
-- 
1.9.1


From 0d61489491800e427d0dd8fd0b84ce8b6aa5689e Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sun, 3 May 2015 09:20:42 +0000
Subject: [PATCH 7/7] winbind: Fix CID 1035545 Uninitialized scalar variable

In rpc_sequence_number() we always look at *pseq

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 source3/winbindd/winbindd_samr.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source3/winbindd/winbindd_samr.c b/source3/winbindd/winbindd_samr.c
index b94dfc8..3d0914a 100644
--- a/source3/winbindd/winbindd_samr.c
+++ b/source3/winbindd/winbindd_samr.c
@@ -983,7 +983,7 @@ static NTSTATUS sam_sequence_number(struct winbindd_domain *domain,
 {
 	struct rpc_pipe_client *samr_pipe;
 	struct policy_handle dom_pol;
-	uint32_t seq;
+	uint32_t seq = DOM_SEQUENCE_NONE;
 	TALLOC_CTX *tmp_ctx;
 	NTSTATUS status, result;
 	struct dcerpc_binding_handle *b = NULL;
-- 
1.9.1

More information about the samba-technical mailing list