summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGlenn Strauss <gstrauss@gluelogic.com>2017-08-12 21:43:04 -0400
committerGlenn Strauss <gstrauss@gluelogic.com>2017-08-12 21:43:04 -0400
commitdadfb5fcf502ae338df0a69d4713fabf774a9672 (patch)
treedfa52460352e4e37f47aac571ed1b297a91619b1
parent9bc61f16cbb2a14e8225d847bbef24ace21f67c6 (diff)
downloadlighttpd1.4-dadfb5fcf502ae338df0a69d4713fabf774a9672.tar.gz
lighttpd1.4-dadfb5fcf502ae338df0a69d4713fabf774a9672.zip
[core] attempt to quiet coverity false positives
-rw-r--r--src/buffer.c9
-rw-r--r--src/lighttpd-angel.c11
-rw-r--r--src/mod_auth.c19
-rw-r--r--src/mod_extforward.c11
-rw-r--r--src/server.c3
5 files changed, 31 insertions, 22 deletions
diff --git a/src/buffer.c b/src/buffer.c
index 7d95ed50..d4caae47 100644
--- a/src/buffer.c
+++ b/src/buffer.c
@@ -234,20 +234,19 @@ void buffer_append_string_buffer(buffer *b, const buffer *src) {
void buffer_append_uint_hex(buffer *b, uintmax_t value) {
char *buf;
- int shift = 0;
+ unsigned int shift = 0;
{
uintmax_t copy = value;
do {
copy >>= 8;
- shift += 2; /* counting nibbles (4 bits) */
+ shift += 8; /* counting bits */
} while (0 != copy);
}
- buf = buffer_string_prepare_append(b, shift);
- buffer_commit(b, shift); /* will fill below */
+ buf = buffer_string_prepare_append(b, shift >> 2); /*nibbles (4 bits)*/
+ buffer_commit(b, shift >> 2); /* will fill below */
- shift *= 4; /* count bits now */
while (shift > 0) {
shift -= 4;
*(buf++) = hex_chars[(value >> shift) & 0x0F];
diff --git a/src/lighttpd-angel.c b/src/lighttpd-angel.c
index b97f519f..189c1b92 100644
--- a/src/lighttpd-angel.c
+++ b/src/lighttpd-angel.c
@@ -68,6 +68,10 @@ int main(int argc, char **argv) {
struct sigaction act;
UNUSED(argc);
+ *(const char **)&argv[0] = BINPATH;
+ #ifdef __COVERITY__
+ __coverity_tainted_data_sanitize__(argv);
+ #endif
/**
* we are running as root BEWARE
@@ -103,13 +107,10 @@ int main(int argc, char **argv) {
if (0 == pid) {
/* i'm the child */
- argv[0] = BINPATH;
-
/* intentionally pass argv params */
/* coverity[tainted_string : FALSE] */
- execvp(BINPATH, argv);
-
- exit(1);
+ execvp(argv[0], argv);
+ _exit(1);
} else if (-1 == pid) {
/** error */
diff --git a/src/mod_auth.c b/src/mod_auth.c
index 33b8babd..1cb6a22f 100644
--- a/src/mod_auth.c
+++ b/src/mod_auth.c
@@ -619,16 +619,17 @@ static handler_t mod_auth_check_digest(server *srv, connection *con, void *p_d,
if (0 != strncasecmp(ds->value->ptr, "Digest ", sizeof("Digest ")-1)) {
return mod_auth_send_400_bad_request(srv, con);
+ } else {
+ size_t n = buffer_string_length(ds->value);
+ #ifdef __COVERITY__
+ if (n < sizeof("Digest ")-1) {
+ return mod_auth_send_400_bad_request(srv, con);
+ }
+ #endif
+ n -= (sizeof("Digest ")-1);
+ b = buffer_init();
+ buffer_copy_string_len(b,ds->value->ptr+sizeof("Digest ")-1,n);
}
- #ifdef __COVERITY__
- if (buffer_string_length(ds->value) < sizeof("Digest ")-1) {
- return mod_auth_send_400_bad_request(srv, con);
- }
- #endif
-
- b = buffer_init();
- /* coverity[overflow_sink : FALSE] */
- buffer_copy_string_len(b, ds->value->ptr+sizeof("Digest ")-1, buffer_string_length(ds->value)-(sizeof("Digest ")-1));
/* parse credentials from client */
for (c = b->ptr; *c; c++) {
diff --git a/src/mod_extforward.c b/src/mod_extforward.c
index 4be99fc1..0364f31f 100644
--- a/src/mod_extforward.c
+++ b/src/mod_extforward.c
@@ -1285,6 +1285,10 @@ static int hap_PROXY_recv (const int fd, union hap_PROXY_hdr * const hdr)
static int mod_extforward_hap_PROXY_v1 (connection * const con,
union hap_PROXY_hdr * const hdr)
{
+ #ifdef __COVERITY__
+ __coverity_tainted_data_sink__(hdr);
+ #endif
+
/* samples
* "PROXY TCP4 255.255.255.255 255.255.255.255 65535 65535\r\n"
* "PROXY TCP6 ffff:f...f:ffff ffff:f...f:ffff 65535 65535\r\n"
@@ -1351,6 +1355,10 @@ static int mod_extforward_hap_PROXY_v1 (connection * const con,
static int mod_extforward_hap_PROXY_v2 (connection * const con,
union hap_PROXY_hdr * const hdr)
{
+ #ifdef __COVERITY__
+ __coverity_tainted_data_sink__(hdr);
+ #endif
+
/* If HAProxy-PROXY protocol used, then lighttpd acts as transparent proxy,
* masquerading as servicing the client IP provided in by HAProxy-PROXY hdr.
* The connecting con->dst_addr and con->dst_addr_buf are not saved here,
@@ -1539,9 +1547,6 @@ static int mod_extforward_network_read (server *srv, connection *con,
union hap_PROXY_hdr hdr;
int rc = hap_PROXY_recv(con->fd, &hdr);
- #ifdef __COVERITY__
- __coverity_tainted_data_sanitize__(&hdr);
- #endif /*(mod_extforward_hap_PROXY_v*() parse the tainted data)*/
switch (rc) {
case 2: rc = mod_extforward_hap_PROXY_v2(con, &hdr); break;
case 1: rc = mod_extforward_hap_PROXY_v1(con, &hdr); break;
diff --git a/src/server.c b/src/server.c
index 0b6579ef..9ab622dd 100644
--- a/src/server.c
+++ b/src/server.c
@@ -1172,6 +1172,9 @@ static int server_main (server * const srv, int argc, char **argv) {
do {
/* coverity[overwrite_var : FALSE] */
devnull = fdevent_open_devnull();
+ #ifdef __COVERITY__
+ __coverity_escape__(devnull);
+ #endif
} while (-1 != devnull && devnull <= STDERR_FILENO);
if (-1 == devnull) {
log_error_write(srv, __FILE__, __LINE__, "ss",