experiments/clixon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fixes after coverity analysis

Browse source
This commit is contained in:
Olof hagsand 2023-12-30 16:04:06 +01:00
parent 7b58c1c562
commit 0fff9d8ef5
13 changed files with 43 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

2
CHANGELOG.md
View file

@ -13,6 +13,8 @@ Expected: February 2024
### Minor features ### Minor features
* Made coverity analysis and fixed most of them
* Some were ignored being for generated code (eg lex) or not applicable
* Feature: [Add support for -V option to give version](https://github.com/clicon/clixon/issues/472) * Feature: [Add support for -V option to give version](https://github.com/clicon/clixon/issues/472)
* All clixon applications added command-line option `-V` for printing version * All clixon applications added command-line option `-V` for printing version
* New ca_version callback for customized version output * New ca_version callback for customized version output

2
apps/cli/cli_common.c
View file

@ -1596,7 +1596,7 @@ cli_kill_session(clixon_handle h,
goto done; goto done;
} }
if ((str = cv_string_get(cvec_i(argv, 0))) != NULL){ if ((str = cv_string_get(cvec_i(argv, 0))) != NULL){
if ((ret = parse_uint32(str, &session_id, NULL)) < 0) if ((ret = parse_uint32(str, &session_id, &reason)) < 0)
goto done; goto done;
if (ret == 0){ if (ret == 0){
cligen_output(stderr, "%s\n", reason); cligen_output(stderr, "%s\n", reason);

3
apps/restconf/restconf_methods_get.c
View file

@ -372,7 +372,6 @@ api_data_pagination(clixon_handle h,
cxobj *xp; cxobj *xp;
cxobj *xpr = NULL; cxobj *xpr = NULL;
yang_stmt *y = NULL; yang_stmt *y = NULL;
cbuf *cbrpc = NULL;
int32_t depth = -1; /* Nr of levels to print, -1 is all, 0 is none */ int32_t depth = -1; /* Nr of levels to print, -1 is all, 0 is none */
uint32_t limit = 0; uint32_t limit = 0;
uint32_t offset = 0; uint32_t offset = 0;
@ -568,8 +567,6 @@ api_data_pagination(clixon_handle h,
retval = 0; retval = 0;
done: done:
clixon_debug(CLIXON_DBG_DEFAULT, "%s retval:%d", __FUNCTION__, retval); clixon_debug(CLIXON_DBG_DEFAULT, "%s retval:%d", __FUNCTION__, retval);
if (cbrpc)
cbuf_free(cbrpc);
if (xpath) if (xpath)
free(xpath); free(xpath);
if (nsc) if (nsc)

4
apps/snmp/snmp_lib.c
View file

@ -1195,7 +1195,7 @@ snmp_oid2str(oid **oidi,
break; break;
} }
if (cbuf_len(enc)){ if (cbuf_len(enc)){
if (cv_string_set(cv, cbuf_get(enc)) < 0){ if (cv_string_set(cv, cbuf_get(enc)) == NULL){
clixon_err(OE_UNIX, errno, "cv_string_set"); clixon_err(OE_UNIX, errno, "cv_string_set");
goto done; goto done;
} }
@ -1311,7 +1311,7 @@ snmp_xmlkey2val_oid(cxobj *xentry,
break; break;
if (cvk_val){ if (cvk_val){
cv = cvec_i(*cvk_val, i); cv = cvec_i(*cvk_val, i);
if (cv_string_set(cv, xml_body(xi)) < 0){ if (cv_string_set(cv, xml_body(xi)) == NULL){
clixon_err(OE_UNIX, errno, "cv_string_set"); clixon_err(OE_UNIX, errno, "cv_string_set");
goto done; goto done;
} }

3
lib/src/clixon_datastore_write.c
View file

@ -1286,7 +1286,6 @@ xmldb_put(clixon_handle h,
int retval = -1; int retval = -1;
char *dbfile = NULL; char *dbfile = NULL;
FILE *f = NULL; FILE *f = NULL;
cbuf *cb = NULL;
yang_stmt *yspec; yang_stmt *yspec;
cxobj *x0 = NULL; cxobj *x0 = NULL;
db_elmnt *de = NULL; db_elmnt *de = NULL;
@ -1454,8 +1453,6 @@ xmldb_put(clixon_handle h,
xml_nsctx_free(nsc); xml_nsctx_free(nsc);
if (dbfile) if (dbfile)
free(dbfile); free(dbfile);
if (cb)
cbuf_free(cb);
if (x0 && clicon_datastore_cache(h) == DATASTORE_NOCACHE) if (x0 && clicon_datastore_cache(h) == DATASTORE_NOCACHE)
xml_free(x0); xml_free(x0);
return retval; return retval;

2
lib/src/clixon_err.c
View file

@ -193,7 +193,7 @@ static char *
clixon_strerror1(int err, clixon_strerror1(int err,
struct errvec vec[]) struct errvec vec[])
{ {
struct errvec *ev; struct errvec *ev = NULL;
for (ev=vec; ev->ev_err != -1; ev++) for (ev=vec; ev->ev_err != -1; ev++)
if (ev->ev_err == err) if (ev->ev_err == err)

8
lib/src/clixon_netconf_lib.c
View file

@ -289,7 +289,7 @@ netconf_missing_attribute_xml(cxobj **xret,
char *attr, char *attr,
char *message) char *message)
{ {
int retval = -1; int retval = -1;
cxobj *xerr = NULL; cxobj *xerr = NULL;
char *encstr = NULL; char *encstr = NULL;
@ -405,7 +405,7 @@ netconf_bad_attribute_xml(cxobj **xret,
char *info, char *info,
char *message) char *message)
{ {
int retval = -1; int retval = -1;
cxobj *xerr = NULL; cxobj *xerr = NULL;
char *encstr = NULL; char *encstr = NULL;
@ -1447,9 +1447,9 @@ netconf_data_not_unique_xml(cxobj **xret,
int retval = -1; int retval = -1;
cg_var *cvi = NULL; cg_var *cvi = NULL;
cxobj *xerr; cxobj *xerr;
cxobj *xinfo; cxobj *xinfo = NULL;
char *path = NULL; char *path = NULL;
char *encpath = NULL; char *encpath = NULL;
if (xret == NULL){ if (xret == NULL){
clixon_err(OE_NETCONF, EINVAL, "xret is NULL"); clixon_err(OE_NETCONF, EINVAL, "xret is NULL");

16
lib/src/clixon_plugin.c
View file

@ -518,6 +518,7 @@ clixon_plugin_start_one(clixon_plugin_t *cp,
if (clixon_err_category() < 0) if (clixon_err_category() < 0)
clixon_log(h, LOG_WARNING, "%s: Internal error: Start callback in plugin: %s returned -1 but did not make a clixon_err call", clixon_log(h, LOG_WARNING, "%s: Internal error: Start callback in plugin: %s returned -1 but did not make a clixon_err call",
__FUNCTION__, cp->cp_name); __FUNCTION__, cp->cp_name);
clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__);
goto done; goto done;
} }
if (clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__) < 0) if (clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__) < 0)
@ -576,6 +577,7 @@ clixon_plugin_exit_one(clixon_plugin_t *cp,
if (clixon_err_category() < 0) if (clixon_err_category() < 0)
clixon_log(h, LOG_WARNING, "%s: Internal error: Exit callback in plugin: %s returned -1 but did not make a clixon_err call", clixon_log(h, LOG_WARNING, "%s: Internal error: Exit callback in plugin: %s returned -1 but did not make a clixon_err call",
__FUNCTION__, cp->cp_name); __FUNCTION__, cp->cp_name);
clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__);
goto done; goto done;
} }
if (clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__) < 0) if (clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__) < 0)
@ -651,6 +653,7 @@ clixon_plugin_auth_one(clixon_plugin_t *cp,
if (clixon_err_category() < 0) if (clixon_err_category() < 0)
clixon_log(h, LOG_WARNING, "%s: Internal error: Auth callback in plugin: %s returned -1 but did not make a clixon_err call", clixon_log(h, LOG_WARNING, "%s: Internal error: Auth callback in plugin: %s returned -1 but did not make a clixon_err call",
__FUNCTION__, cp->cp_name); __FUNCTION__, cp->cp_name);
clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__);
goto done; goto done;
} }
if (clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__) < 0) if (clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__) < 0)
@ -736,6 +739,7 @@ clixon_plugin_extension_one(clixon_plugin_t *cp,
if (clixon_err_category() < 0) if (clixon_err_category() < 0)
clixon_log(h, LOG_WARNING, "%s: Internal error: Extension callback in plugin: %s returned -1 but did not make a clixon_err call", clixon_log(h, LOG_WARNING, "%s: Internal error: Extension callback in plugin: %s returned -1 but did not make a clixon_err call",
__FUNCTION__, cp->cp_name); __FUNCTION__, cp->cp_name);
clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__);
goto done; goto done;
} }
if (clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__) < 0) if (clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__) < 0)
@ -807,6 +811,7 @@ clixon_plugin_datastore_upgrade_one(clixon_plugin_t *cp,
if (clixon_err_category() < 0) if (clixon_err_category() < 0)
clixon_log(h, LOG_WARNING, "%s: Internal error: Datastore upgrade callback in plugin: %s returned -1 but did not make a clixon_err call", clixon_log(h, LOG_WARNING, "%s: Internal error: Datastore upgrade callback in plugin: %s returned -1 but did not make a clixon_err call",
__FUNCTION__, cp->cp_name); __FUNCTION__, cp->cp_name);
clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__);
goto done; goto done;
} }
if (clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__) < 0) if (clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__) < 0)
@ -878,6 +883,7 @@ clixon_plugin_yang_mount_one(clixon_plugin_t *cp,
if (clixon_err_category() < 0) if (clixon_err_category() < 0)
clixon_log(h, LOG_WARNING, "%s: Internal error: Yang mount callback in plugin: %s returned -1 but did not make a clixon_err call", clixon_log(h, LOG_WARNING, "%s: Internal error: Yang mount callback in plugin: %s returned -1 but did not make a clixon_err call",
__FUNCTION__, cp->cp_name); __FUNCTION__, cp->cp_name);
clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__);
goto done; goto done;
} }
if (clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__) < 0) if (clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__) < 0)
@ -945,6 +951,7 @@ clixon_plugin_yang_patch_one(clixon_plugin_t *cp,
if (clixon_err_category() < 0) if (clixon_err_category() < 0)
clixon_log(h, LOG_WARNING, "%s: Internal error: Yang patch callback in plugin: %s returned -1 but did not make a clixon_err call", clixon_log(h, LOG_WARNING, "%s: Internal error: Yang patch callback in plugin: %s returned -1 but did not make a clixon_err call",
__FUNCTION__, cp->cp_name); __FUNCTION__, cp->cp_name);
clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__);
goto done; goto done;
} }
if (clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__) < 0) if (clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__) < 0)
@ -1005,6 +1012,7 @@ clixon_plugin_netconf_errmsg_one(clixon_plugin_t *cp,
if (clixon_err_category() < 0) if (clixon_err_category() < 0)
clixon_log(h, LOG_WARNING, "%s: Internal error: Netconf err callback in plugin: %s returned -1 but did not make a clixon_err call", clixon_log(h, LOG_WARNING, "%s: Internal error: Netconf err callback in plugin: %s returned -1 but did not make a clixon_err call",
__FUNCTION__, cp->cp_name); __FUNCTION__, cp->cp_name);
clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__);
goto done; goto done;
} }
if (clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__) < 0) if (clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__) < 0)
@ -1065,6 +1073,7 @@ clixon_plugin_version_one(clixon_plugin_t *cp,
if (clixon_err_category() < 0) if (clixon_err_category() < 0)
clixon_log(h, LOG_WARNING, "%s: Internal error: version callback in plugin: %s returned -1 but did not make a clixon_err call", clixon_log(h, LOG_WARNING, "%s: Internal error: version callback in plugin: %s returned -1 but did not make a clixon_err call",
__FUNCTION__, cp->cp_name); __FUNCTION__, cp->cp_name);
clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__);
goto done; goto done;
} }
if (clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__) < 0) if (clixon_resource_check(h, &wh, cp->cp_name, __FUNCTION__) < 0)
@ -1240,8 +1249,7 @@ rpc_callback_call(clixon_handle h,
goto done; goto done;
if (rc->rc_callback(h, xe, cbret, arg, rc->rc_arg) < 0){ if (rc->rc_callback(h, xe, cbret, arg, rc->rc_arg) < 0){
clixon_debug(CLIXON_DBG_DEFAULT, "%s Error in: %s", __FUNCTION__, rc->rc_name); clixon_debug(CLIXON_DBG_DEFAULT, "%s Error in: %s", __FUNCTION__, rc->rc_name);
if (clixon_resource_check(h, &wh, rc->rc_name, __FUNCTION__) < 0) clixon_resource_check(h, &wh, rc->rc_name, __FUNCTION__);
goto done;
goto done; goto done;
} }
nr++; nr++;
@ -1363,12 +1371,12 @@ action_callback_call(clixon_handle h,
if ((rc = (rpc_callback_t *)yang_action_cb_get(ya)) != NULL){ if ((rc = (rpc_callback_t *)yang_action_cb_get(ya)) != NULL){
do { do {
if (strcmp(rc->rc_name, name) == 0){ if (strcmp(rc->rc_name, name) == 0){
wh = NULL;
if (clixon_resource_check(h, &wh, rc->rc_name, __FUNCTION__) < 0) if (clixon_resource_check(h, &wh, rc->rc_name, __FUNCTION__) < 0)
goto done; goto done;
if (rc->rc_callback(h, xa, cbret, arg, rc->rc_arg) < 0){ if (rc->rc_callback(h, xa, cbret, arg, rc->rc_arg) < 0){
clixon_debug(CLIXON_DBG_DEFAULT, "%s Error in: %s", __FUNCTION__, rc->rc_name); clixon_debug(CLIXON_DBG_DEFAULT, "%s Error in: %s", __FUNCTION__, rc->rc_name);
if (clixon_resource_check(h, &wh, rc->rc_name, __FUNCTION__) < 0) clixon_resource_check(h, &wh, rc->rc_name, __FUNCTION__);
goto done;
goto done; goto done;
} }
nr++; nr++;

4
lib/src/clixon_proc.c
View file

@ -327,7 +327,7 @@ clixon_proc_background(clixon_handle h,
sigfn_t oldhandler = NULL; sigfn_t oldhandler = NULL;
sigset_t oset; sigset_t oset;
struct rlimit rlim = {0, }; struct rlimit rlim = {0, };
struct stat fstat; struct stat fstat = {0, };
char *flattened; char *flattened;
unsigned argc; unsigned argc;
@ -340,7 +340,6 @@ clixon_proc_background(clixon_handle h,
clixon_err(OE_UNIX, EINVAL, "argv[0] is NULL"); clixon_err(OE_UNIX, EINVAL, "argv[0] is NULL");
goto quit; goto quit;
} }
for (argc = 0; argv[argc] != NULL; ++argc) for (argc = 0; argv[argc] != NULL; ++argc)
; ;
if ((flattened = clicon_strjoin(argc, argv, "', '")) == NULL){ if ((flattened = clicon_strjoin(argc, argv, "', '")) == NULL){
@ -351,6 +350,7 @@ clixon_proc_background(clixon_handle h,
free(flattened); free(flattened);
/* Sanity check: program exists */ /* Sanity check: program exists */
// coverity: CID 471757: (#1 of 1): Time of check time of use (TOCTOU)9. fs_check_call: Calling function stat to perform check on argv[0]. See later execvp on filename
if (stat(argv[0], &fstat) < 0) { if (stat(argv[0], &fstat) < 0) {
clixon_err(OE_FATAL, errno, "%s", argv[0]); clixon_err(OE_FATAL, errno, "%s", argv[0]);
goto quit; goto quit;

3
lib/src/clixon_proto_client.c
View file

@ -1101,6 +1101,7 @@ clicon_rpc_get2(clixon_handle h,
goto done; goto done;
xml_sort(xd); /* Ensure attr is first */ xml_sort(xd); /* Ensure attr is first */
*xt = xd; *xt = xd;
xd = NULL;
} }
retval = 0; retval = 0;
done: done:
@ -1115,6 +1116,8 @@ clicon_rpc_get2(clixon_handle h,
xml_free(xret); xml_free(xret);
if (msg) if (msg)
free(msg); free(msg);
if (xd)
xml_free(xd);
return retval; return retval;
} }

11
lib/src/clixon_stream.c
View file

@ -170,6 +170,7 @@ int
stream_delete_all(clixon_handle h, stream_delete_all(clixon_handle h,
int force) int force)
{ {
int retval = -1;
struct stream_replay *r; struct stream_replay *r;
struct stream_subscription *ss; struct stream_subscription *ss;
event_stream_t *es; event_stream_t *es;
@ -182,8 +183,10 @@ stream_delete_all(clixon_handle h,
free(es->es_name); free(es->es_name);
if (es->es_description) if (es->es_description)
free(es->es_description); free(es->es_description);
while ((ss = es->es_subscription) != NULL) while ((ss = es->es_subscription) != NULL){
stream_ss_rm(h, es, ss, force); /* XXX in some cases leaks memory due to DONT clause in stream_ss_rm() */ if (stream_ss_rm(h, es, ss, force) < 0)
goto done;
}
while ((r = es->es_replay) != NULL){ while ((r = es->es_replay) != NULL){
DELQ(r, es->es_replay, struct stream_replay *); DELQ(r, es->es_replay, struct stream_replay *);
if (r->r_xml) if (r->r_xml)
@ -192,7 +195,9 @@ stream_delete_all(clixon_handle h,
} }
free(es); free(es);
} }
return 0; retval = 0;
done:
return retval;
} }
/*! Return stream definition state in XML supporting RFC 8040 and RFC5277 /*! Return stream definition state in XML supporting RFC 8040 and RFC5277

3
lib/src/clixon_xml_changelog.c
View file

@ -540,8 +540,11 @@ xml_namespace_vec(clixon_handle h,
xvec[i++] = xc; xvec[i++] = xc;
} }
*vecp = xvec; *vecp = xvec;
xvec = NULL;
*veclenp = i; *veclenp = i;
retval = 0; retval = 0;
done: done:
if (xvec)
free(xvec);
return retval; return retval;
} }

6
lib/src/clixon_yang_type.c
View file

@ -1479,6 +1479,10 @@ yang_type_get(yang_stmt *ys,
yang_stmt *ytype; /* type */ yang_stmt *ytype; /* type */
char *type = NULL; char *type = NULL;
if (yrestype == NULL){
clixon_err(OE_YANG, EINVAL, "Expected yrestype != NULL");
goto done;
}
if (options) if (options)
*options = 0x0; *options = 0x0;
/* Find mandatory type */ /* Find mandatory type */
@ -1497,7 +1501,7 @@ yang_type_get(yang_stmt *ys,
if (yang_type_resolve(ys, ys, ytype, yrestype, if (yang_type_resolve(ys, ys, ytype, yrestype,
options, cvv, patterns, regexps, fraction) < 0) options, cvv, patterns, regexps, fraction) < 0)
goto done; goto done;
if (yrestype && *yrestype == NULL){ if (*yrestype == NULL){
clixon_err(OE_YANG, 0, "result-type should not be NULL"); clixon_err(OE_YANG, 0, "result-type should not be NULL");
goto done; goto done;
} }