coverity run fixes.

git-svn-id: file:///svn/unbound/trunk@803 be551aaa-1e26-0410-a405-d3ace91eadb9
2025-12-20 23:00:56 -05:00 · 2007-12-04 17:54:14 +00:00 · 2007-12-04 17:54:14 +00:00 · fcac316d63
commit fcac316d63
parent 43a2640a9c
17 changed files with 42 additions and 16 deletions
--- a/daemon/unbound.c
+++ b/daemon/unbound.c
@ -264,8 +264,8 @@ do_chroot(struct daemon* daemon, struct config_file* cfg, int debug_mode)
 	uid_t uid;
 	gid_t gid;
 	/* initialize, but not to 0 (root) */
-	memset(&uid, -12, sizeof(uid));
-	memset(&gid, -12, sizeof(gid));
+	memset(&uid, 112, sizeof(uid));
+	memset(&gid, 112, sizeof(gid));
 	log_assert(cfg);

 	/* daemonize last to be able to print error to user */
--- a/doc/CREDITS
+++ b/doc/CREDITS
@ -7,3 +7,5 @@ was made in further cooperation with Geoff Sisson and Roy Arends from Nominet.
 At NLnet Labs, Jelte Jansen and Mark Santcroos reviewed the unbound C sources.

 Jakob Schlyter - for advice on secure settings, random numbers and blacklists.
+
+Ondřej Surý - running coverity analysis tool on 0.9 dev version.
--- a/doc/Changelog
+++ b/doc/Changelog
@ -4,6 +4,18 @@
 	  preparing for code-reuse.
 	- move context into own header file.
 	- context query structure.
+	- removed unused variable pwd from checkconf.
+	- removed unused assignment from outside netw.
+	- check timeval length of string.
+	- fixup error in val_utils getsigner.
+	- fixup same (*var) error in netblocktostr.
+	- fixup memleak on parse error in localzone.
+	- fixup memleak on packet parse error.
+	- put ; after union in parser.y.
+	- small hardening in iter_operate against iq==NULL.
+	- hardening, if error reply with rcode=0 (noerror) send servfail.
+	- fixup same (*var) error in find_rrset in msgparse, was harmless.
+	- check return value of evtimer_add().

 3 December 2007: Wouter
 	- changed checkconf/ to smallapp/ to make room for more support tools.
--- a/iterator/iterator.c
+++ b/iterator/iterator.c
@ -80,7 +80,7 @@ void
 iter_deinit(struct module_env* env, int id)
 {
 	struct iter_env* iter_env;
-	if(!env || !env->modinfo || !env->modinfo[id])
+	if(!env || !env->modinfo[id])
 		return;
 	iter_env = (struct iter_env*)env->modinfo[id];
 	free(iter_env->target_fetch_policy);
@ -188,7 +188,8 @@ error_supers(struct module_qstate* qstate, int id, struct module_qstate* super)
 			/* not interested */
 			verbose(VERB_ALGO, "subq error, but not interested");
 			log_query_info(VERB_ALGO, "superq", &super->qinfo);
-			delegpt_log(VERB_ALGO, super_iq->dp);
+			if(super_iq->dp)
+				delegpt_log(VERB_ALGO, super_iq->dp);
 			log_assert(0);
 			return;
 		}
@ -1762,11 +1763,11 @@ iter_operate(struct module_qstate* qstate, enum module_ev event, int id,
 		process_request(qstate, iq, ie, id);
 		return;
 	}
-	if(event == module_event_pass) {
+	if(iq && event == module_event_pass) {
 		iter_handle(qstate, iq, ie, id);
 		return;
 	}
-	if(outbound) {
+	if(iq && outbound) {
 		process_response(qstate, iq, ie, id, outbound, event);
 		return;
 	}
--- a/services/cache/rrset.c
+++ b/services/cache/rrset.c
@ -65,6 +65,7 @@ void rrset_cache_delete(struct rrset_cache* r)
 	if(!r) 
 		return;
 	slabhash_delete(&r->table);
+	/* slabhash delete also does free(r), since table is first in struct*/
 }

 struct rrset_cache* rrset_cache_adjust(struct rrset_cache *r, 
--- a/services/localzone.c
+++ b/services/localzone.c
@ -195,6 +195,7 @@ lz_enter_zone(struct local_zones* zones, const char* name, const char* type,
 		t = local_zone_redirect;
 	else {
 		log_err("bad lz_enter_zone type %s %s", name, type);
+		free(nm);
 		return NULL;
 	}
 	if(!(z=lz_enter_zone_dname(zones, nm, len, labs, t, dclass))) {
@ -234,6 +235,8 @@ get_rr_content(const char* str, uint8_t** nm, uint16_t* type,
        if(status != LDNS_STATUS_OK) {
                log_err("error converting RR '%s' to wireformat: %s",
                        str, ldns_get_errorstr_by_id(status));
+		free(*nm);
+		*nm = NULL;
                return 0;
        }
        ldns_buffer_flip(rdata);
@ -434,6 +437,7 @@ lz_enter_rr_into_zone(struct local_zone* z, ldns_buffer* buf,
 		query_dname_compare(z->name, nm) != 0) {
 		log_err("local-data in redirect zone must reside at top of zone"
 			", not at %s", rrstr);
+		free(nm);
 		return 0;
 	}
 	nmlabs = dname_count_size_labels(nm, &nmlen);
--- a/services/mesh.c
+++ b/services/mesh.c
@ -434,6 +434,8 @@ mesh_send_reply(struct mesh_state* m, int rcode, struct reply_info* rep,
 	if(rep && rep->security == sec_status_secure)
 		secure = 1;
 	else	secure = 0;
+	if(!rep && rcode == LDNS_RCODE_NOERROR)
+		rcode = LDNS_RCODE_SERVFAIL;
 	/* send the reply */
 	if(rcode) {
 		error_encode(r->query_reply.c->buffer, rcode, &m->s.qinfo,
--- a/services/outside_network.c
+++ b/services/outside_network.c
@ -1172,7 +1172,7 @@ outnet_serviced_query(struct outside_network* outnet,
 	sq = lookup_serviced(outnet, buff, dnssec, addr, addrlen);
 	if(sq) {
 		/* see if it is a duplicate notification request for cb_arg */
-		if((cb = callback_list_find(sq, callback_arg, arg_compare))) {
+		if(callback_list_find(sq, callback_arg, arg_compare)) {
 			return sq;
 		}
 	}
--- a/smallapp/unbound-checkconf.c
+++ b/smallapp/unbound-checkconf.c
@ -147,8 +147,7 @@ morechecks(struct config_file* cfg)
 	}

 	if(cfg->username && cfg->username[0]) {
-		struct passwd *pwd;
-		if((pwd = getpwnam(cfg->username)) == NULL)
+		if(getpwnam(cfg->username) == NULL)
 			fatal_exit("user '%s' does not exist.", cfg->username);
 		endpwent();
 	}
--- a/util/config_file.c
+++ b/util/config_file.c
@ -323,6 +323,8 @@ cfg_convert_timeval(const char* str)
 	uint32_t t;
 	struct tm tm;
 	memset(&tm, 0, sizeof(tm));
+	if(strlen(str) < 14)
+		return 0;
 	if(sscanf(str, "%4d%2d%2d%2d%2d%2d", &tm.tm_year, &tm.tm_mon, 
 		&tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec) != 6)
 		return 0;
--- a/util/configparser.y
+++ b/util/configparser.y
@ -63,7 +63,7 @@ extern struct config_parser_state* cfg_parser;
 %}
 %union {
 	char*	str;
-}
+};

 %token SPACE LETTER NEWLINE COMMENT COLON ANY ZONESTR
 %token <str> STRING
--- a/util/data/msgparse.c
+++ b/util/data/msgparse.c
@ -424,7 +424,7 @@ find_rrset(struct msg_parse* msg, ldns_buffer* pkt, uint8_t* dname,
 	ldns_pkt_section section, struct regional* region)
 {
 	uint16_t covtype;
-	if(rrset_prev) {
+	if(*rrset_prev) {
 		/* check if equal to previous item */
 		if(type == *prev_type && dclass == *prev_dclass &&
 			dnamelen == *prev_dnamelen &&
--- a/util/data/msgreply.c
+++ b/util/data/msgreply.c
@ -279,8 +279,10 @@ parse_create_rrset(ldns_buffer* pkt, struct rrset_parse* pset,
 	if(!*data)
 		return 0;
 	/* copy & decompress */
-	if(!parse_rr_copy(pkt, pset, *data))
+	if(!parse_rr_copy(pkt, pset, *data)) {
+		if(!region) free(*data);
 		return 0;
+	}
 	return 1;
 }

--- a/util/net_help.c
+++ b/util/net_help.c
@ -240,7 +240,7 @@ int netblockstrtoaddr(const char* str, int port, struct sockaddr_storage* addr,
 			return 0;
 		}
 		*net = atoi(s+1);
-		if(net == 0 && strcmp(s+1, "0") != 0) {
+		if(*net == 0 && strcmp(s+1, "0") != 0) {
 			log_err("cannot parse netblock: '%s'", str);
 			return 0;
 		}
--- a/util/netevent.c
+++ b/util/netevent.c
@ -1024,7 +1024,8 @@ comm_timer_set(struct comm_timer* timer, struct timeval* tv)
 	log_assert(tv);
 	if(timer->ev_timer->enabled)
 		comm_timer_disable(timer);
-	evtimer_add(&timer->ev_timer->ev, tv);
+	if(evtimer_add(&timer->ev_timer->ev, tv) != 0)
+		log_err("comm_timer_set: evtimer_add failed.");
 	timer->ev_timer->enabled = 1;
 }

--- a/validator/val_utils.c
+++ b/validator/val_utils.c
@ -230,7 +230,7 @@ val_find_signer(enum val_classification subtype, struct query_info* qinf,
 		for(i=skip; i<rep->an_numrrsets; i++) {
 			val_find_rrset_signer(rep->rrsets[i], 
 				signer_name, signer_len);
-			if(signer_name)
+			if(*signer_name)
 				return;
 		}
 		*signer_name = NULL;
--- a/validator/validator.c
+++ b/validator/validator.c
@ -158,7 +158,7 @@ void
 val_deinit(struct module_env* env, int id)
 {
 	struct val_env* val_env;
-	if(!env || !env->modinfo || !env->modinfo[id])
+	if(!env || !env->modinfo[id])
 		return;
 	val_env = (struct val_env*)env->modinfo[id];
 	anchors_delete(env->anchors);