[ntp:bk-ntp-dev-send] BitKeeper diffs

Harlan Stenn stenn at deacon.udel.edu
Sat Apr 16 04:07:53 UTC 2011


#### ChangeSet ####
2011-04-15 19:53:04+00:00, davehart at shiny.ad.hartbrothers.com
  A few more Coverity Scan cleanups.

==== ChangeLog ====
2011-04-15 19:53:02+00:00, davehart at shiny.ad.hartbrothers.com +1 -0
  A few more Coverity Scan cleanups.

--- 1.850/ChangeLog	2011-04-15 04:46:46 -04:00
+++ 1.851/ChangeLog	2011-04-15 15:53:02 -04:00
@@ -1,3 +1,4 @@
+* A few more Coverity Scan cleanups.
 (4.2.7p152) 2011/04/15 Released by Harlan Stenn <stenn at ntp.org>
 * Update embedded libevent to current 2.1 git HEAD.
 (4.2.7p151) 2011/04/14 Released by Harlan Stenn <stenn at ntp.org>

==== lib/isc/inet_ntop.c ====
2011-04-15 19:53:02+00:00, davehart at shiny.ad.hartbrothers.com +6 -5
  strcpy() -> memcpy()
  sprintf() -> snprintf()

--- 1.10/lib/isc/inet_ntop.c	2011-04-12 21:02:30 -04:00
+++ 1.11/lib/isc/inet_ntop.c	2011-04-15 15:53:02 -04:00
@@ -89,14 +89,15 @@ inet_ntop4(const unsigned char *src, cha
 {
 	static const char *fmt = "%u.%u.%u.%u";
 	char tmp[sizeof("255.255.255.255")];
+	int len;
 
-	if (snprintf(tmp, sizeof(tmp), fmt, src[0], src[1], src[2],
-		     src[3]) >= size)
+	len = snprintf(tmp, sizeof(tmp), fmt, src[0], src[1], src[2], src[3]);
+	if (len < 0 || len >= size)
 	{
 		errno = ENOSPC;
 		return (NULL);
 	}
-	strcpy(dst, tmp);
+	memcpy(dst, tmp, 1 + len);
 
 	return (dst);
 }
@@ -178,7 +179,7 @@ inet_ntop6(const unsigned char *src, cha
 			tp += strlen(tp);
 			break;
 		}
-		tp += sprintf(tp, "%x", words[i]);
+		tp += snprintf(tp, sizeof(tmp) - (tp - tmp), "%x", words[i]);
 	}
 	/* Was it a trailing run of 0x00's? */
 	if (best.base != -1 && (best.base + best.len) ==
@@ -193,7 +194,7 @@ inet_ntop6(const unsigned char *src, cha
 		errno = ENOSPC;
 		return (NULL);
 	}
-	strcpy(dst, tmp);
+	memcpy(dst, tmp, (size_t)(tp - tmp));
 	return (dst);
 }
 #endif /* AF_INET6 */

==== lib/isc/log.c ====
2011-04-15 19:53:03+00:00, davehart at shiny.ad.hartbrothers.com +5 -2
  strcpy() -> strlcpy()

--- 1.3/lib/isc/log.c	2009-09-24 11:50:35 -04:00
+++ 1.4/lib/isc/log.c	2011-04-15 15:53:03 -04:00
@@ -41,6 +41,7 @@
 #include <isc/string.h>
 #include <isc/time.h>
 #include <isc/util.h>
+#include "l_stdlib.h"		/* NTP change for strlcpy, strlcat */
 
 #define LCTX_MAGIC		ISC_MAGIC('L', 'c', 't', 'x')
 #define VALID_CONTEXT(lctx)	ISC_MAGIC_VALID(lctx, LCTX_MAGIC)
@@ -1408,6 +1409,7 @@ isc_log_doit(isc_log_t *lctx, isc_logcat
 	int syslog_level;
 	char time_string[64];
 	char level_string[24];
+	size_t octets;
 	const char *iformat;
 	struct stat statbuf;
 	isc_boolean_t matched = ISC_FALSE;
@@ -1618,16 +1620,17 @@ isc_log_doit(isc_log_t *lctx, isc_logcat
 				 * It wasn't in the duplicate interval,
 				 * so add it to the message list.
 				 */
+				octets = strlen(lctx->buffer) + 1;
 				new = isc_mem_get(lctx->mctx,
 						  sizeof(isc_logmessage_t) +
-						  strlen(lctx->buffer) + 1);
+						  octets);
 				if (new != NULL) {
 					/*
 					 * Put the text immediately after
 					 * the struct.  The strcpy is safe.
 					 */
 					new->text = (char *)(new + 1);
-					strcpy(new->text, lctx->buffer);
+					strlcpy(new->text, lctx->buffer, octets);
 
 					TIME_NOW(&new->time);
 

==== lib/isc/netaddr.c ====
2011-04-15 19:53:03+00:00, davehart at shiny.ad.hartbrothers.com +2 -1
  strcpy() -> strlcpy()

--- 1.9/lib/isc/netaddr.c	2010-12-05 21:14:02 -05:00
+++ 1.10/lib/isc/netaddr.c	2011-04-15 15:53:03 -04:00
@@ -31,6 +31,7 @@
 #include <isc/sockaddr.h>
 #include <isc/string.h>
 #include <isc/util.h>
+#include "l_stdlib.h"		/* NTP change for strlcpy, strlcat */
 
 isc_boolean_t
 isc_netaddr_equal(const isc_netaddr_t *a, const isc_netaddr_t *b) {
@@ -308,7 +309,7 @@ isc_netaddr_frompath(isc_netaddr_t *neta
 
         memset(netaddr, 0, sizeof(*netaddr));
         netaddr->family = AF_UNIX;
-        strcpy(netaddr->type.un, path);
+	strlcpy(netaddr->type.un, path, sizeof(netaddr->type.un));
         netaddr->zone = 0;
         return (ISC_R_SUCCESS);
 #else 

==== lib/isc/task.c ====
2011-04-15 19:53:03+00:00, davehart at shiny.ad.hartbrothers.com +3 -1
  Lock manager object during destruction to keep Coverity Scan lock
    analysis on track.

--- 1.4/lib/isc/task.c	2011-04-03 15:25:30 -04:00
+++ 1.5/lib/isc/task.c	2011-04-15 15:53:03 -04:00
@@ -1019,14 +1019,16 @@ static void
 manager_free(isc_taskmgr_t *manager) {
 	isc_mem_t *mctx;
 
+	LOCK(&manager->lock);
 #ifdef ISC_PLATFORM_USETHREADS
 	(void)isc_condition_destroy(&manager->exclusive_granted);
 	(void)isc_condition_destroy(&manager->work_available);
 	isc_mem_free(manager->mctx, manager->threads);
 #endif /* ISC_PLATFORM_USETHREADS */
 	manager->magic = 0;
-	DESTROYLOCK(&manager->lock);
 	mctx = manager->mctx;
+	UNLOCK(&manager->lock);
+	DESTROYLOCK(&manager->lock);
 	isc_mem_put(mctx, manager, sizeof(*manager));
 	isc_mem_detach(&mctx);
 }

==== lib/isc/unix/dir.c ====
2011-04-15 19:53:03+00:00, davehart at shiny.ad.hartbrothers.com +10 -5
  strcpy() -> strlcpy()

--- 1.1/lib/isc/unix/dir.c	2009-09-24 11:50:43 -04:00
+++ 1.2/lib/isc/unix/dir.c	2011-04-15 15:53:03 -04:00
@@ -35,6 +35,7 @@
 #include <isc/util.h>
 
 #include "errno2result.h"
+#include "l_stdlib.h"		/* NTP change for strlcpy, strlcat */
 
 #define ISC_DIR_MAGIC		ISC_MAGIC('D', 'I', 'R', '*')
 #define VALID_DIR(dir)		ISC_MAGIC_VALID(dir, ISC_DIR_MAGIC)
@@ -58,6 +59,7 @@ isc_dir_init(isc_dir_t *dir) {
 isc_result_t
 isc_dir_open(isc_dir_t *dir, const char *dirname) {
 	char *p;
+	size_t octets;
 	isc_result_t result = ISC_R_SUCCESS;
 
 	REQUIRE(VALID_DIR(dir));
@@ -67,10 +69,11 @@ isc_dir_open(isc_dir_t *dir, const char 
 	 * Copy directory name.  Need to have enough space for the name,
 	 * a possible path separator, the wildcard, and the final NUL.
 	 */
-	if (strlen(dirname) + 3 > sizeof(dir->dirname))
+	octets = strlen(dirname) + 1;
+	if (octets + 2 > sizeof(dir->dirname))
 		/* XXXDCL ? */
 		return (ISC_R_NOSPACE);
-	strcpy(dir->dirname, dirname);
+	strlcpy(dir->dirname, dirname, octets);
 
 	/*
 	 * Append path separator, if needed, and "*".
@@ -102,6 +105,7 @@ isc_dir_open(isc_dir_t *dir, const char 
 isc_result_t
 isc_dir_read(isc_dir_t *dir) {
 	struct dirent *entry;
+	size_t octets;
 
 	REQUIRE(VALID_DIR(dir) && dir->handle != NULL);
 
@@ -116,10 +120,11 @@ isc_dir_read(isc_dir_t *dir) {
 	/*
 	 * Make sure that the space for the name is long enough.
 	 */
-	if (sizeof(dir->entry.name) <= strlen(entry->d_name))
-	    return (ISC_R_UNEXPECTED);
+	octets = strlen(entry->d_name) + 1;
+	if (sizeof(dir->entry.name) < octets)
+		return (ISC_R_UNEXPECTED);
 
-	strcpy(dir->entry.name, entry->d_name);
+	strlcpy(dir->entry.name, entry->d_name, octets);
 
 	/*
 	 * Some dirents have d_namlen, but it is not portable.

==== lib/isc/unix/file.c ====
2011-04-15 19:53:03+00:00, davehart at shiny.ad.hartbrothers.com +6 -5
  strncpy() -> strlcpy()
  strcat() -> strlcat()

--- 1.1/lib/isc/unix/file.c	2009-09-24 11:50:44 -04:00
+++ 1.2/lib/isc/unix/file.c	2011-04-15 15:53:03 -04:00
@@ -74,6 +74,7 @@
 #include <isc/util.h>
 
 #include "errno2result.h"
+#include "l_stdlib.h"		/* NTP change for strlcpy, strlcat */
 
 /*
  * XXXDCL As the API for accessing file statistics undoubtedly gets expanded,
@@ -183,14 +184,14 @@ isc_file_template(const char *path, cons
 		if ((s - path + 1 + strlen(templet) + 1) > buflen)
 			return (ISC_R_NOSPACE);
 
-		strncpy(buf, path, s - path + 1);
+		strlcpy(buf, path, buflen);
 		buf[s - path + 1] = '\0';
-		strcat(buf, templet);
+		strlcat(buf, templet, buflen);
 	} else {
 		if ((strlen(templet) + 1) > buflen)
 			return (ISC_R_NOSPACE);
 
-		strcpy(buf, templet);
+		strlcpy(buf, templet, buflen);
 	}
 
 	return (ISC_R_SUCCESS);
@@ -416,7 +417,7 @@ dir_current(char *dirname, size_t length
 		if (strlen(dirname) + 1 == length)
 			result = ISC_R_NOSPACE;
 		else if (dirname[1] != '\0')
-			strcat(dirname, "/");
+			strlcat(dirname, "/", length);
 	}
 
 	return (result);
@@ -430,7 +431,7 @@ isc_file_absolutepath(const char *filena
 		return (result);
 	if (strlen(path) + strlen(filename) + 1 > pathlen)
 		return (ISC_R_NOSPACE);
-	strcat(path, filename);
+	strlcat(path, filename, pathlen);
 	return (ISC_R_SUCCESS);
 }
 

==== libntp/icom.c ====
2011-04-15 19:53:03+00:00, davehart at shiny.ad.hartbrothers.com +1 -1
  Add missed assignment in tcsetattr() error check.

--- 1.15/libntp/icom.c	2011-04-09 02:20:31 -04:00
+++ 1.16/libntp/icom.c	2011-04-15 15:53:03 -04:00
@@ -151,7 +151,7 @@ icom_init(
 	ttyb.c_cc[VTIME] = 5;	/* receive timeout */
 	cfsetispeed(&ttyb, (u_int)speed);
 	cfsetospeed(&ttyb, (u_int)speed);
-	tcsetattr(fd, TCSANOW, &ttyb);
+	rc = tcsetattr(fd, TCSANOW, &ttyb);
 	if (rc < 0) {
 		saved_errno = errno;
 		close(fd);

==== libntp/work_thread.c ====
2011-04-15 19:53:03+00:00, davehart at shiny.ad.hartbrothers.com +3 -1
  Another attempt at convincing Coverity sizeof(*hdr) - hdr->octets is
    always positive.

--- 1.7/libntp/work_thread.c	2011-04-03 15:25:30 -04:00
+++ 1.8/libntp/work_thread.c	2011-04-15 15:53:03 -04:00
@@ -205,9 +205,11 @@ send_blocking_req_internal(
 	blocking_pipe_header *	threadcopy;
 
 	REQUIRE(hdr != NULL);
-	REQUIRE(hdr->octets > sizeof(*hdr));
 	REQUIRE(data != NULL);
 	DEBUG_REQUIRE(BLOCKING_REQ_MAGIC == hdr->magic_sig);
+
+	if (sizeof(*hdr) < hdr->octets)
+		return 1;	/* failure */
 
 	ensure_workitems_empty_slot(c);
 	if (NULL == c->thread_ref) {

==== ntpd/refclock_datum.c ====
2011-04-15 19:53:03+00:00, davehart at shiny.ad.hartbrothers.com +7 -1
  Check tcsetattr() return value.

--- 1.17/ntpd/refclock_datum.c	2011-03-20 16:39:41 -04:00
+++ 1.18/ntpd/refclock_datum.c	2011-04-15 15:53:03 -04:00
@@ -220,6 +220,7 @@ datum_pts_start(
 	struct datum_pts_unit *datum_pts;
 	int fd;
 #ifdef HAVE_TERMIOS
+	int rc;
 	struct termios arg;
 #endif
 
@@ -273,7 +274,12 @@ datum_pts_start(
 	arg.c_cc[VMIN] = 0;		/* start timeout timer right away (not used) */
 	arg.c_cc[VTIME] = 30;		/* 3 second timout on reads (not used) */
 
-	tcsetattr(datum_pts->PTS_fd, TCSANOW, &arg);
+	rc = tcsetattr(datum_pts->PTS_fd, TCSANOW, &arg);
+	if (rc < 0) {
+		msyslog(LOG_ERR, "Datum_PTS: tcsetattr(\"%s\") failed: %m", DATUM_DEV);
+		close(datum_pts->PTS_fd);
+		return 0;
+	}
 
 	/*
 	** Initialize the ntpd IO structure

#### ChangeSet ####
2011-04-15 11:33:32+00:00, davehart at shiny.ad.hartbrothers.com
  libevent HEAD 20110415 11:33 UTC d28fc52815023113840fb9e108ada0126964a799

==== sntp/libevent/CommitLog ====
2011-04-15 11:33:31+00:00, davehart at shiny.ad.hartbrothers.com +19 -0
  libevent HEAD 20110415 11:33 UTC d28fc52815023113840fb9e108ada0126964a799

--- 1.1/sntp/libevent/CommitLog	2011-04-14 15:54:05 -04:00
+++ 1.2/sntp/libevent/CommitLog	2011-04-15 07:33:31 -04:00
@@ -1,3 +1,22 @@
+commit d28fc52815023113840fb9e108ada0126964a799
+Merge: bfdda26 2e9f665
+Author: Nick Mathewson <nickm at torproject.org>
+Date:   Thu Apr 14 14:20:09 2011 -0400
+
+    Merge remote-tracking branch 'origin/patches-2.0'
+
+commit 2e9f66554897279f9aae2ce5a3933b99b6e08e38
+Author: Nick Mathewson <nickm at torproject.org>
+Date:   Thu Apr 14 14:15:13 2011 -0400
+
+    Fix a couple of memory leaks in samples/http-server.c. Found by Dave Hart.
+
+commit 3417f6808d4c86b02148cde4f7a32b18d8d260b4
+Author: Nick Mathewson <nickm at torproject.org>
+Date:   Wed Apr 13 11:20:30 2011 -0400
+
+    Avoid a free(NULL) if out-of-memory in evdns_getaddrinfo. Found by Dave Hart
+
 commit bfdda26534ea66b847760720260a4b4d8fcefe58
 Merge: d7c0ffa 1a21d7b
 Author: Nick Mathewson <nickm at torproject.org>

==== sntp/libevent/evdns.c ====
2011-04-15 11:33:31+00:00, davehart at shiny.ad.hartbrothers.com +2 -1
  libevent HEAD 20110415 11:33 UTC d28fc52815023113840fb9e108ada0126964a799

--- 1.1.1.1/sntp/libevent/evdns.c	2011-04-14 15:55:04 -04:00
+++ 1.1.1.2/sntp/libevent/evdns.c	2011-04-15 07:33:31 -04:00
@@ -4312,7 +4312,8 @@ evdns_getaddrinfo_gotresolve(int result,
 				evdns_cancel_request(NULL, other_req->r);
 			}
 			data->user_cb(EVUTIL_EAI_MEMORY, NULL, data->user_data);
-			evutil_freeaddrinfo(res);
+			if (res)
+				evutil_freeaddrinfo(res);
 
 			if (other_req->r == NULL)
 				free_getaddrinfo_request(data);

==== sntp/libevent/sample/http-server.c ====
2011-04-15 11:33:31+00:00, davehart at shiny.ad.hartbrothers.com +5 -4
  libevent HEAD 20110415 11:33 UTC d28fc52815023113840fb9e108ada0126964a799

--- 1.1.1.1/sntp/libevent/sample/http-server.c	2011-04-14 15:55:07 -04:00
+++ 1.1.1.2/sntp/libevent/sample/http-server.c	2011-04-15 07:33:31 -04:00
@@ -144,7 +144,7 @@ dump_request_cb(struct evhttp_request *r
 static void
 send_document_cb(struct evhttp_request *req, void *arg)
 {
-	struct evbuffer *evb;
+	struct evbuffer *evb = NULL;
 	const char *docroot = arg;
 	const char *uri = evhttp_request_get_uri(req);
 	struct evhttp_uri *decoded = NULL;
@@ -229,7 +229,6 @@ send_document_cb(struct evhttp_request *
 		if (!(d = opendir(whole_path)))
 			goto err;
 #endif
-		close(fd);
 
 		evbuffer_add_printf(evb, "<html>\n <head>\n"
 		    "  <title>%s</title>\n"
@@ -286,18 +285,20 @@ send_document_cb(struct evhttp_request *
 	}
 
 	evhttp_send_reply(req, 200, "OK", evb);
-	evbuffer_free(evb);
-	return;
+	goto done;
 err:
 	evhttp_send_error(req, 404, "Document was not found");
 	if (fd>=0)
 		close(fd);
+done:
 	if (decoded)
 		evhttp_uri_free(decoded);
 	if (decoded_path)
 		free(decoded_path);
 	if (whole_path)
 		free(whole_path);
+	if (evb)
+		evbuffer_free(evb);
 }
 
 static void


More information about the bk-ntp-dev-send mailing list