Browse Source

[core] attempt to quiet coverity false positives

personal/stbuehler/mod-csrf
Glenn Strauss 4 years ago
parent
commit
dadfb5fcf5
  1. 9
      src/buffer.c
  2. 11
      src/lighttpd-angel.c
  3. 19
      src/mod_auth.c
  4. 11
      src/mod_extforward.c
  5. 3
      src/server.c

9
src/buffer.c

@ -234,20 +234,19 @@ void buffer_append_string_buffer(buffer *b, const buffer *src) {
void buffer_append_uint_hex(buffer *b, uintmax_t value) {
char *buf;
int shift = 0;
unsigned int shift = 0;
{
uintmax_t copy = value;
do {
copy >>= 8;
shift += 2; /* counting nibbles (4 bits) */
shift += 8; /* counting bits */
} while (0 != copy);
}
buf = buffer_string_prepare_append(b, shift);
buffer_commit(b, shift); /* will fill below */
buf = buffer_string_prepare_append(b, shift >> 2); /*nibbles (4 bits)*/
buffer_commit(b, shift >> 2); /* will fill below */
shift *= 4; /* count bits now */
while (shift > 0) {
shift -= 4;
*(buf++) = hex_chars[(value >> shift) & 0x0F];

11
src/lighttpd-angel.c

@ -68,6 +68,10 @@ int main(int argc, char **argv) {
struct sigaction act;
UNUSED(argc);
*(const char **)&argv[0] = BINPATH;
#ifdef __COVERITY__
__coverity_tainted_data_sanitize__(argv);
#endif
/**
* we are running as root BEWARE
@ -103,13 +107,10 @@ int main(int argc, char **argv) {
if (0 == pid) {
/* i'm the child */
argv[0] = BINPATH;
/* intentionally pass argv params */
/* coverity[tainted_string : FALSE] */
execvp(BINPATH, argv);
exit(1);
execvp(argv[0], argv);
_exit(1);
} else if (-1 == pid) {
/** error */

19
src/mod_auth.c

@ -619,16 +619,17 @@ static handler_t mod_auth_check_digest(server *srv, connection *con, void *p_d,
if (0 != strncasecmp(ds->value->ptr, "Digest ", sizeof("Digest ")-1)) {
return mod_auth_send_400_bad_request(srv, con);
} else {
size_t n = buffer_string_length(ds->value);
#ifdef __COVERITY__
if (n < sizeof("Digest ")-1) {
return mod_auth_send_400_bad_request(srv, con);
}
#endif
n -= (sizeof("Digest ")-1);
b = buffer_init();
buffer_copy_string_len(b,ds->value->ptr+sizeof("Digest ")-1,n);
}
#ifdef __COVERITY__
if (buffer_string_length(ds->value) < sizeof("Digest ")-1) {
return mod_auth_send_400_bad_request(srv, con);
}
#endif
b = buffer_init();
/* coverity[overflow_sink : FALSE] */
buffer_copy_string_len(b, ds->value->ptr+sizeof("Digest ")-1, buffer_string_length(ds->value)-(sizeof("Digest ")-1));
/* parse credentials from client */
for (c = b->ptr; *c; c++) {

11
src/mod_extforward.c

@ -1285,6 +1285,10 @@ static int hap_PROXY_recv (const int fd, union hap_PROXY_hdr * const hdr)
static int mod_extforward_hap_PROXY_v1 (connection * const con,
union hap_PROXY_hdr * const hdr)
{
#ifdef __COVERITY__
__coverity_tainted_data_sink__(hdr);
#endif
/* samples
* "PROXY TCP4 255.255.255.255 255.255.255.255 65535 65535\r\n"
* "PROXY TCP6 ffff:f...f:ffff ffff:f...f:ffff 65535 65535\r\n"
@ -1351,6 +1355,10 @@ static int mod_extforward_hap_PROXY_v1 (connection * const con,
static int mod_extforward_hap_PROXY_v2 (connection * const con,
union hap_PROXY_hdr * const hdr)
{
#ifdef __COVERITY__
__coverity_tainted_data_sink__(hdr);
#endif
/* If HAProxy-PROXY protocol used, then lighttpd acts as transparent proxy,
* masquerading as servicing the client IP provided in by HAProxy-PROXY hdr.
* The connecting con->dst_addr and con->dst_addr_buf are not saved here,
@ -1539,9 +1547,6 @@ static int mod_extforward_network_read (server *srv, connection *con,
union hap_PROXY_hdr hdr;
int rc = hap_PROXY_recv(con->fd, &hdr);
#ifdef __COVERITY__
__coverity_tainted_data_sanitize__(&hdr);
#endif /*(mod_extforward_hap_PROXY_v*() parse the tainted data)*/
switch (rc) {
case 2: rc = mod_extforward_hap_PROXY_v2(con, &hdr); break;
case 1: rc = mod_extforward_hap_PROXY_v1(con, &hdr); break;

3
src/server.c

@ -1172,6 +1172,9 @@ static int server_main (server * const srv, int argc, char **argv) {
do {
/* coverity[overwrite_var : FALSE] */
devnull = fdevent_open_devnull();
#ifdef __COVERITY__
__coverity_escape__(devnull);
#endif
} while (-1 != devnull && devnull <= STDERR_FILENO);
if (-1 == devnull) {
log_error_write(srv, __FILE__, __LINE__, "ss",

Loading…
Cancel
Save