fix errors detected by Coverity Scan
fd leak in mod_dirlisting.c use after free in error condition in mod_proxy.c NULL pointer dereference in error message in chunk.c additional minor code changes made to quiet other coverity warningspersonal/stbuehler/mod-csrf-old
parent
b14e1f16f0
commit
879a282de7
|
|
@ -422,7 +422,7 @@ void chunkqueue_steal(chunkqueue *dest, chunkqueue *src, off_t len) {
|
|||
static chunk *chunkqueue_get_append_tempfile(chunkqueue *cq) {
|
||||
chunk *c;
|
||||
buffer *template = buffer_init_string("/var/tmp/lighttpd-upload-XXXXXX");
|
||||
int fd;
|
||||
int fd = -1;
|
||||
|
||||
if (cq->tempdirs && cq->tempdirs->used) {
|
||||
/* we have several tempdirs, only if all of them fail we jump out */
|
||||
|
|
@ -488,13 +488,13 @@ int chunkqueue_append_mem_to_tempfile(server *srv, chunkqueue *dest, const char
|
|||
/* the chunk is too large now, close it */
|
||||
int rc = close(dst_c->file.fd);
|
||||
dst_c->file.fd = -1;
|
||||
dst_c = NULL;
|
||||
if (0 != rc) {
|
||||
log_error_write(srv, __FILE__, __LINE__, "sbss",
|
||||
"close() temp-file", dst_c->file.name, "failed:",
|
||||
strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
dst_c = NULL;
|
||||
}
|
||||
} else {
|
||||
dst_c = NULL;
|
||||
|
|
|
|||
|
|
@ -279,7 +279,7 @@ static int config_addrstr_eq_remote_ip_mask(server *srv, const char *addrstr, in
|
|||
&& IN6_IS_ADDR_V4MAPPED(&val.ipv6.sin6_addr)) {
|
||||
in_addr_t x = *(in_addr_t *)(val.ipv6.sin6_addr.s6_addr+12);
|
||||
uint32_t nm =
|
||||
htonl(~((1u << (32 - (0 != nm_bits ? (nm_bits > 96 ? nm_bits - 96 : 0) : 32))) - 1));
|
||||
nm_bits < 128 ? htonl(~(~0u >> (nm_bits > 96 ? nm_bits - 96 : 0))) : ~0u;
|
||||
return ((x & nm) == (rmt->ipv4.sin_addr.s_addr & nm));
|
||||
} else {
|
||||
return 0;
|
||||
|
|
|
|||
|
|
@ -290,7 +290,7 @@ static int connection_handle_write_prepare(server *srv, connection *con) {
|
|||
"</html>\n"
|
||||
));
|
||||
|
||||
http_chunk_append_buffer(srv, con, b);
|
||||
(void)http_chunk_append_buffer(srv, con, b);
|
||||
buffer_free(b);
|
||||
|
||||
response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_STR_LEN("text/html"));
|
||||
|
|
|
|||
|
|
@ -181,7 +181,7 @@ int fdevent_reset(fdevents *ev); /* "init" after fork() */
|
|||
void fdevent_free(fdevents *ev);
|
||||
|
||||
#define fdevent_event_get_interest(ev, fd) \
|
||||
(-1 != (fd) ? (ev)->fdarray[(fd)]->events : 0)
|
||||
((fd) >= 0 ? (ev)->fdarray[(fd)]->events : 0)
|
||||
void fdevent_event_set(fdevents *ev, int *fde_ndx, int fd, int events); /* events can be FDEVENT_IN, FDEVENT_OUT or FDEVENT_IN | FDEVENT_OUT */
|
||||
void fdevent_event_add(fdevents *ev, int *fde_ndx, int fd, int event); /* events can be FDEVENT_IN or FDEVENT_OUT */
|
||||
void fdevent_event_clr(fdevents *ev, int *fde_ndx, int fd, int event); /* events can be FDEVENT_IN or FDEVENT_OUT */
|
||||
|
|
|
|||
|
|
@ -504,6 +504,7 @@ static void http_list_directory_include_file(buffer *out, buffer *path, const ch
|
|||
buffer_append_string_len(out, buf, (size_t)rd);
|
||||
}
|
||||
}
|
||||
close(fd);
|
||||
|
||||
if (encode) {
|
||||
buffer_append_string_len(out, CONST_STR_LEN("</pre>"));
|
||||
|
|
|
|||
|
|
@ -916,6 +916,7 @@ static handler_t proxy_send_request(server *srv, handler_ctx *hctx) {
|
|||
} else {
|
||||
data_proxy *host = hctx->host;
|
||||
connection *con = hctx->remote_conn;
|
||||
plugin_data *p = hctx->plugin_data;
|
||||
log_error_write(srv, __FILE__, __LINE__, "sbdd", "proxy-server disabled:",
|
||||
host->host,
|
||||
host->port,
|
||||
|
|
@ -928,7 +929,7 @@ static handler_t proxy_send_request(server *srv, handler_ctx *hctx) {
|
|||
/* reset the enviroment and restart the sub-request */
|
||||
con->mode = DIRECT;/*(avoid changing con->state, con->http_status)*/
|
||||
proxy_connection_close(srv, hctx);
|
||||
con->mode = hctx->plugin_data->id; /* p->id */
|
||||
con->mode = p->id;
|
||||
|
||||
return HANDLER_COMEBACK;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -344,6 +344,7 @@ static int network_server_init(server *srv, buffer *host_token, specific_config
|
|||
#ifdef HAVE_SYS_UN_H
|
||||
if (AF_UNIX == srv_socket->addr.plain.sa_family) {
|
||||
/* check if the socket exists and try to connect to it. */
|
||||
force_assert(host); /*(static analysis hint)*/
|
||||
if (-1 == (srv_socket->fd = socket(srv_socket->addr.plain.sa_family, SOCK_STREAM, 0))) {
|
||||
log_error_write(srv, __FILE__, __LINE__, "ss", "socket failed:", strerror(errno));
|
||||
goto error_free_socket;
|
||||
|
|
|
|||
|
|
@ -279,7 +279,7 @@ int http_request_host_normalize(buffer *b) {
|
|||
char *bracket = b->ptr+blen-1;
|
||||
int rc;
|
||||
char buf[INET6_ADDRSTRLEN];
|
||||
if (blen == 2) return -1; /*(invalid "[]")*/
|
||||
if (blen <= 2) return -1; /*(invalid "[]")*/
|
||||
if (*bracket != ']') {
|
||||
bracket = (char *)memchr(b->ptr+1, ']', blen-1);
|
||||
if (NULL == bracket || bracket[1] != ':' || bracket - b->ptr == 1){
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
#include "configfile-glue.c"
|
||||
|
||||
#include <assert.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
|
||||
|
|
@ -42,6 +43,7 @@ const struct {
|
|||
static void test_configfile_addrbuf_eq_remote_ip_mask (void) {
|
||||
int i, m;
|
||||
buffer * const s = buffer_init();
|
||||
char *slash;
|
||||
sock_addr rmt;
|
||||
|
||||
for (i = 0; i < (int)(sizeof(rmtmask)/sizeof(rmtmask[0])); ++i) {
|
||||
|
|
@ -62,7 +64,8 @@ static void test_configfile_addrbuf_eq_remote_ip_mask (void) {
|
|||
}
|
||||
#endif
|
||||
buffer_copy_string(s, rmtmask[i].string);
|
||||
m = config_addrbuf_eq_remote_ip_mask(NULL,s,strchr(s->ptr,'/'),&rmt);
|
||||
slash = strchr(s->ptr,'/'); assert(slash);
|
||||
m = config_addrbuf_eq_remote_ip_mask(NULL, s, slash, &rmt);
|
||||
if (m != rmtmask[i].expect) {
|
||||
fprintf(stderr, "failed assertion: %s %s %s\n",
|
||||
rmtmask[i].string,
|
||||
|
|
|
|||
Loading…
Reference in New Issue