The Samba-Bugzilla – Attachment 12329 Details for
Bug 12110
Coverity (and other resource issue) fixes
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for 4.5rc
BZ12110-v4-5.patch (text/plain), 13.94 KB, created by
Martin Schwenke
on 2016-08-09 03:18:01 UTC
(
hide
)
Description:
Patch for 4.5rc
Filename:
MIME Type:
Creator:
Martin Schwenke
Created:
2016-08-09 03:18:01 UTC
Size:
13.94 KB
patch
obsolete
>From be1e844778b3698c94fbab641c51c7f2fd1d8967 Mon Sep 17 00:00:00 2001 >From: Martin Schwenke <martin@meltin.net> >Date: Wed, 27 Jul 2016 16:22:36 +1000 >Subject: [PATCH 01/12] ctdb-common: Fix CID 1125553 Buffer not null terminated > (BUFFER_SIZE_WARNING) > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110 > >Signed-off-by: Martin Schwenke <martin@meltin.net> >Reviewed-by: Amitay Isaacs <amitay@gmail.com> >(cherry picked from commit 763f9c13f2998a8858e8a3ec013d166a3d429835) >--- > ctdb/common/system_linux.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > >diff --git a/ctdb/common/system_linux.c b/ctdb/common/system_linux.c >index ef78df8..8bb18f8 100644 >--- a/ctdb/common/system_linux.c >+++ b/ctdb/common/system_linux.c >@@ -202,7 +202,7 @@ int ctdb_sys_send_arp(const ctdb_sock_addr *addr, const char *iface) > } > > DEBUG(DEBUG_DEBUG, (__location__ " Created SOCKET FD:%d for sending arp\n", s)); >- strncpy(ifr.ifr_name, iface, sizeof(ifr.ifr_name)); >+ strlcpy(ifr.ifr_name, iface, sizeof(ifr.ifr_name)); > if (ioctl(s, SIOCGIFINDEX, &ifr) < 0) { > DEBUG(DEBUG_CRIT,(__location__ " interface '%s' not found\n", iface)); > close(s); >-- >2.8.1 > > >From cd4ff35e2837bc9097792c6cf6e88f3ceca25bb1 Mon Sep 17 00:00:00 2001 >From: Martin Schwenke <martin@meltin.net> >Date: Mon, 1 Aug 2016 15:03:56 +1000 >Subject: [PATCH 02/12] ctdb-common: Consistently use strlcpy() on interface > names > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110 > >Signed-off-by: Martin Schwenke <martin@meltin.net> >Reviewed-by: Amitay Isaacs <amitay@gmail.com> >(cherry picked from commit aff33a59479cafcb1f24a07ff76383d47bb196b3) >--- > ctdb/common/system_linux.c | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) > >diff --git a/ctdb/common/system_linux.c b/ctdb/common/system_linux.c >index 8bb18f8..b66ce67 100644 >--- a/ctdb/common/system_linux.c >+++ b/ctdb/common/system_linux.c >@@ -116,7 +116,7 @@ int ctdb_sys_send_arp(const ctdb_sock_addr *addr, const char *iface) > } > > /* get the mac address */ >- strncpy(if_hwaddr.ifr_name, iface, sizeof(if_hwaddr.ifr_name)-1); >+ strlcpy(if_hwaddr.ifr_name, iface, sizeof(if_hwaddr.ifr_name)); > ret = ioctl(s, SIOCGIFHWADDR, &if_hwaddr); > if ( ret < 0 ) { > close(s); >@@ -210,7 +210,7 @@ int ctdb_sys_send_arp(const ctdb_sock_addr *addr, const char *iface) > } > > /* get the mac address */ >- strncpy(if_hwaddr.ifr_name, iface, sizeof(if_hwaddr.ifr_name)-1); >+ strlcpy(if_hwaddr.ifr_name, iface, sizeof(if_hwaddr.ifr_name)); > ret = ioctl(s, SIOCGIFHWADDR, &if_hwaddr); > if ( ret < 0 ) { > close(s); >@@ -602,7 +602,7 @@ bool ctdb_sys_check_iface_exists(const char *iface) > return true; > } > >- strncpy(ifr.ifr_name, iface, sizeof(ifr.ifr_name)-1); >+ strlcpy(ifr.ifr_name, iface, sizeof(ifr.ifr_name)); > if (ioctl(s, SIOCGIFINDEX, &ifr) < 0 && errno == ENODEV) { > DEBUG(DEBUG_CRIT,(__location__ " interface '%s' not found\n", iface)); > close(s); >-- >2.8.1 > > >From 56d32656314ef5d87a12f04235d079738ded3dbe Mon Sep 17 00:00:00 2001 >From: Martin Schwenke <martin@meltin.net> >Date: Wed, 27 Jul 2016 17:43:34 +1000 >Subject: [PATCH 03/12] ctdb-utils: Fix CID 1297451 Explicit null dereferenced > (FORWARD_NULL) > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110 > >Signed-off-by: Martin Schwenke <martin@meltin.net> >Reviewed-by: Amitay Isaacs <amitay@gmail.com> >(cherry picked from commit d46960f20e795cd4abc1c727705f77b2f0e0e564) >--- > ctdb/utils/ping_pong/ping_pong.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > >diff --git a/ctdb/utils/ping_pong/ping_pong.c b/ctdb/utils/ping_pong/ping_pong.c >index be43a1d..f7f2eb1 100644 >--- a/ctdb/utils/ping_pong/ping_pong.c >+++ b/ctdb/utils/ping_pong/ping_pong.c >@@ -142,7 +142,9 @@ static void ping_pong(int fd, int num_locks) > val = (unsigned char *)calloc(num_locks+1, sizeof(unsigned char)); > if (val == NULL) { > printf("calloc failed\n"); >- munmap(p, num_locks+1); >+ if (use_mmap) { >+ munmap(p, num_locks+1); >+ } > return; > } > >-- >2.8.1 > > >From 6e8c6acce8521fb20cab329123d8252d665c1c55 Mon Sep 17 00:00:00 2001 >From: Martin Schwenke <martin@meltin.net> >Date: Thu, 28 Jul 2016 12:00:27 +1000 >Subject: [PATCH 04/12] ctdb-daemon: Fix CID 1363233 Resource leak > (RESOURCE_LEAK) > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110 > >Signed-off-by: Martin Schwenke <martin@meltin.net> >Reviewed-by: Amitay Isaacs <amitay@gmail.com> >(cherry picked from commit 74aca5f4c671d9f15ae6c3a901978a1cf247dd6f) >--- > ctdb/server/ctdb_recover.c | 1 + > 1 file changed, 1 insertion(+) > >diff --git a/ctdb/server/ctdb_recover.c b/ctdb/server/ctdb_recover.c >index 48f822c..b42f001 100644 >--- a/ctdb/server/ctdb_recover.c >+++ b/ctdb/server/ctdb_recover.c >@@ -1299,6 +1299,7 @@ int32_t ctdb_control_try_delete_records(struct ctdb_context *ctdb, TDB_DATA inda > > if (data.dsize < sizeof(struct ctdb_ltdb_header)) { > DEBUG(DEBUG_CRIT,(__location__ " bad ltdb record in indata\n")); >+ talloc_free(records); > return -1; > } > >-- >2.8.1 > > >From a47f8d14e8ee037e30451b24f115bc453f61972d Mon Sep 17 00:00:00 2001 >From: Martin Schwenke <martin@meltin.net> >Date: Thu, 28 Jul 2016 12:06:23 +1000 >Subject: [PATCH 05/12] ctdb-daemon: Fix CID 1363067 Resource leak > (RESOURCE_LEAK) > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110 > >Signed-off-by: Martin Schwenke <martin@meltin.net> >Reviewed-by: Amitay Isaacs <amitay@gmail.com> >(cherry picked from commit c6a7f680ce74d4a630fa9305d0a926cc1a4b3d2c) >--- > ctdb/server/ctdb_recover.c | 1 + > 1 file changed, 1 insertion(+) > >diff --git a/ctdb/server/ctdb_recover.c b/ctdb/server/ctdb_recover.c >index b42f001..6bed61c 100644 >--- a/ctdb/server/ctdb_recover.c >+++ b/ctdb/server/ctdb_recover.c >@@ -1492,6 +1492,7 @@ int32_t ctdb_control_receive_records(struct ctdb_context *ctdb, > if (data.dsize < sizeof(struct ctdb_ltdb_header)) { > DEBUG(DEBUG_CRIT, (__location__ " bad ltdb record " > "in indata\n")); >+ talloc_free(records); > return -1; > } > >-- >2.8.1 > > >From 6f36c90c6538085b846ccc9db994a03ed13f4767 Mon Sep 17 00:00:00 2001 >From: Martin Schwenke <martin@meltin.net> >Date: Thu, 28 Jul 2016 14:04:23 +1000 >Subject: [PATCH 06/12] ctdb-mutex: Fix CID 1359217 Resource leak > (RESOURCE_LEAK) > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110 > >Signed-off-by: Martin Schwenke <martin@meltin.net> >Reviewed-by: Amitay Isaacs <amitay@gmail.com> > >Autobuild-User(master): Amitay Isaacs <amitay@samba.org> >Autobuild-Date(master): Wed Aug 3 09:13:55 CEST 2016 on sn-devel-144 > >(cherry picked from commit 24e28c0aa52399f03acf830a1ad72af0139b0606) >--- > ctdb/server/ctdb_mutex_fcntl_helper.c | 11 +++++++++-- > 1 file changed, 9 insertions(+), 2 deletions(-) > >diff --git a/ctdb/server/ctdb_mutex_fcntl_helper.c b/ctdb/server/ctdb_mutex_fcntl_helper.c >index 93c7f62..06c2205 100644 >--- a/ctdb/server/ctdb_mutex_fcntl_helper.c >+++ b/ctdb/server/ctdb_mutex_fcntl_helper.c >@@ -27,7 +27,7 @@ > > static char *progname = NULL; > >-static char fcntl_lock(const char *file) >+static char fcntl_lock(const char *file, int *outfd) > { > int fd; > struct flock lock; >@@ -62,6 +62,8 @@ static char fcntl_lock(const char *file) > return '3'; > } > >+ *outfd = fd; >+ > return '0'; > } > >@@ -70,6 +72,7 @@ int main(int argc, char *argv[]) > char result; > int ppid; > const char *file = NULL; >+ int fd = -1; > > progname = argv[0]; > >@@ -81,10 +84,14 @@ int main(int argc, char *argv[]) > ppid = getppid(); > file = argv[1]; > >- result = fcntl_lock(file); >+ result = fcntl_lock(file, &fd); > sys_write(STDOUT_FILENO, &result, 1); > > ctdb_wait_for_process_to_exit(ppid); > >+ if (fd != -1) { >+ close(fd); >+ } >+ > return 0; > } >-- >2.8.1 > > >From 39b4110b290193917614fcacaf73b66eae06dbe7 Mon Sep 17 00:00:00 2001 >From: Martin Schwenke <martin@meltin.net> >Date: Thu, 4 Aug 2016 15:50:12 +1000 >Subject: [PATCH 07/12] ctdb-common: Fix CID 1363227 Resource leak > (RESOURCE_LEAK) > >Occurs on an invalid line that isn't the first. Isn't really a leak >because it is allocated off mem_ctx, which should be freed by the >caller. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110 > >Signed-off-by: Martin Schwenke <martin@meltin.net> >Reviewed-by: Amitay Isaacs <amitay@gmail.com> >(cherry picked from commit 4541301d92e3c140adb6444143ad697d35926179) >--- > ctdb/common/system_util.c | 1 + > 1 file changed, 1 insertion(+) > >diff --git a/ctdb/common/system_util.c b/ctdb/common/system_util.c >index ea53f5d..9fc6c44 100644 >--- a/ctdb/common/system_util.c >+++ b/ctdb/common/system_util.c >@@ -420,6 +420,7 @@ int ctdb_parse_connections(FILE *fp, TALLOC_CTX *mem_ctx, > if (ret != 2) { > DEBUG(DEBUG_ERR, ("Bad line [%d]: %s\n", > line_num, line)); >+ talloc_free(conn); > return EINVAL; > } > >-- >2.8.1 > > >From 664e1f0ca9d6f9833afd4026c854e809f1d188f8 Mon Sep 17 00:00:00 2001 >From: Martin Schwenke <martin@meltin.net> >Date: Thu, 4 Aug 2016 15:58:50 +1000 >Subject: [PATCH 08/12] ctdb-tests: Fix CID 1361816 Buffer not null terminated > (BUFFER_SIZE_WARNING) > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110 > >Signed-off-by: Martin Schwenke <martin@meltin.net> >Reviewed-by: Amitay Isaacs <amitay@gmail.com> >(cherry picked from commit f802a11d3ba808baba6cb2d31d706952df1e3159) >--- > ctdb/tests/src/fake_ctdbd.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > >diff --git a/ctdb/tests/src/fake_ctdbd.c b/ctdb/tests/src/fake_ctdbd.c >index 35bca88..c27af4a 100644 >--- a/ctdb/tests/src/fake_ctdbd.c >+++ b/ctdb/tests/src/fake_ctdbd.c >@@ -2196,8 +2196,8 @@ static void control_get_ifaces(TALLOC_CTX *mem_ctx, > .link_state = iface->link_up, > .references = iface->references, > }; >- strncpy(iface_list->iface[i].name, iface->name, >- CTDB_IFACE_SIZE+2); >+ strlcpy(iface_list->iface[i].name, iface->name, >+ sizeof(iface_list->iface[i].name)); > } > > reply.rdata.data.iface_list = iface_list; >-- >2.8.1 > > >From 68e7ad3d54676780f94bc25da008d09fc24e98b0 Mon Sep 17 00:00:00 2001 >From: Martin Schwenke <martin@meltin.net> >Date: Fri, 5 Aug 2016 16:37:00 +1000 >Subject: [PATCH 09/12] ctdb-common: Fix CID 1125581 Dereference after null > check (FORWARD_NULL) > >This also fixes CID 1125582. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110 > >Signed-off-by: Martin Schwenke <martin@meltin.net> >Reviewed-by: Amitay Isaacs <amitay@gmail.com> >(cherry picked from commit 7ae3699831427725f12e0a26a0681e59f2fbb2d9) >--- > ctdb/common/rb_tree.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > >diff --git a/ctdb/common/rb_tree.c b/ctdb/common/rb_tree.c >index 1c602a7..f4aee8b 100644 >--- a/ctdb/common/rb_tree.c >+++ b/ctdb/common/rb_tree.c >@@ -230,7 +230,7 @@ static inline void trbt_set_color_left(trbt_node_t *node, int color) > } > static inline void trbt_set_color_right(trbt_node_t *node, int color) > { >- if ( ((node==NULL)||(node->right==NULL)) && (color==TRBT_BLACK) ) { >+ if (node == NULL || node->right == NULL) { > return; > } > node->right->rb_color = color; >-- >2.8.1 > > >From 4378dc1bfb01c14daf330dd482ec0f5a27546afc Mon Sep 17 00:00:00 2001 >From: Martin Schwenke <martin@meltin.net> >Date: Fri, 5 Aug 2016 16:38:45 +1000 >Subject: [PATCH 10/12] ctdb-common: Fix CID 1125583 Dereference after null > check (FORWARD_NULL) > >This also fixes CID 1125584. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110 > >Signed-off-by: Martin Schwenke <martin@meltin.net> >Reviewed-by: Amitay Isaacs <amitay@gmail.com> >(cherry picked from commit bbf0b907cb04184515d0f5f09f14824df1c2e59f) >--- > ctdb/common/rb_tree.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > >diff --git a/ctdb/common/rb_tree.c b/ctdb/common/rb_tree.c >index f4aee8b..c3b2b91 100644 >--- a/ctdb/common/rb_tree.c >+++ b/ctdb/common/rb_tree.c >@@ -223,7 +223,7 @@ static inline void trbt_set_color(trbt_node_t *node, int color) > } > static inline void trbt_set_color_left(trbt_node_t *node, int color) > { >- if ( ((node==NULL)||(node->left==NULL)) && (color==TRBT_BLACK) ) { >+ if (node == NULL || node->left == NULL) { > return; > } > node->left->rb_color = color; >-- >2.8.1 > > >From 046a49ecf7d4b23dfb5d3f78dc79ecaa46f728a4 Mon Sep 17 00:00:00 2001 >From: Martin Schwenke <martin@meltin.net> >Date: Fri, 5 Aug 2016 16:39:50 +1000 >Subject: [PATCH 11/12] ctdb-common: Fix CID 1125585 Dereference after null > check (FORWARD_NULL) > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110 > >Signed-off-by: Martin Schwenke <martin@meltin.net> >Reviewed-by: Amitay Isaacs <amitay@gmail.com> >(cherry picked from commit b4f23a7e95cd9c8fc4a6324d4ec5a2881eaec207) >--- > ctdb/common/rb_tree.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > >diff --git a/ctdb/common/rb_tree.c b/ctdb/common/rb_tree.c >index c3b2b91..990ec61 100644 >--- a/ctdb/common/rb_tree.c >+++ b/ctdb/common/rb_tree.c >@@ -216,7 +216,7 @@ static inline int trbt_get_color_right(trbt_node_t *node) > /* setting a NULL node to black is a nop */ > static inline void trbt_set_color(trbt_node_t *node, int color) > { >- if ( (node==NULL) && (color==TRBT_BLACK) ) { >+ if (node == NULL) { > return; > } > node->rb_color = color; >-- >2.8.1 > > >From 2c98df3fc0e2bb2e80a6d0ae0596fe0dc252e5e4 Mon Sep 17 00:00:00 2001 >From: Martin Schwenke <martin@meltin.net> >Date: Fri, 5 Aug 2016 16:50:58 +1000 >Subject: [PATCH 12/12] ctdb-daemon: Fix CID 1125627 Resource leak > (RESOURCE_LEAK) > >Also fixes CID 1125628. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110 > >Signed-off-by: Martin Schwenke <martin@meltin.net> >Reviewed-by: Amitay Isaacs <amitay@gmail.com> >(cherry picked from commit 940272d215049f5f5079aa926e69eae1985a4bfa) >--- > ctdb/server/ctdb_logging.c | 9 +++++++-- > 1 file changed, 7 insertions(+), 2 deletions(-) > >diff --git a/ctdb/server/ctdb_logging.c b/ctdb/server/ctdb_logging.c >index 168d3b5..692df73 100644 >--- a/ctdb/server/ctdb_logging.c >+++ b/ctdb/server/ctdb_logging.c >@@ -282,9 +282,14 @@ int ctdb_set_child_logging(struct ctdb_context *ctdb) > > /* We'll fail if stderr/stdout not already open; it's simpler. */ > old_stdout = dup(STDOUT_FILENO); >+ if (old_stdout < 0) { >+ DEBUG(DEBUG_ERR, ("Failed to dup stdout for child logging\n")); >+ return -1; >+ } > old_stderr = dup(STDERR_FILENO); >- if (old_stdout < 0 || old_stderr < 0) { >- DEBUG(DEBUG_ERR, ("Failed to dup stdout/stderr for child logging\n")); >+ if (old_stderr < 0) { >+ DEBUG(DEBUG_ERR, ("Failed to dup stderr for child logging\n")); >+ close(old_stdout); > return -1; > } > if (dup2(p[1], STDOUT_FILENO) < 0 || dup2(p[1], STDERR_FILENO) < 0) { >-- >2.8.1 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
amitay
:
review+
Actions:
View
Attachments on
bug 12110
: 12329 |
12330
|
12331