From 4de841c26b7208d5395da349ea16c937b1361414 Mon Sep 17 00:00:00 2001 From: Sander Vrijders Date: Tue, 29 Aug 2017 13:14:25 +0200 Subject: lib, ipcpd, irmd: Fix bugs reported by static analysis This fixes several bugs as reported by the clang static analyzer. --- src/lib/btree.c | 10 ++++++++-- src/lib/cdap.c | 1 + src/lib/frct_pci.c | 4 ++-- src/lib/irm.c | 1 - src/lib/rib.c | 4 +++- src/lib/shm_rdrbuff.c | 8 ++++++-- 6 files changed, 20 insertions(+), 8 deletions(-) (limited to 'src/lib') diff --git a/src/lib/btree.c b/src/lib/btree.c index 8be8b99f..beba90f7 100644 --- a/src/lib/btree.c +++ b/src/lib/btree.c @@ -85,6 +85,8 @@ static struct btnode * btnode_create(size_t k) if (node == NULL) return NULL; + assert(k > 0); + node->keyvals = malloc(sizeof(*node->keyvals) * k); if (node->keyvals == NULL) { free(node); @@ -368,8 +370,10 @@ struct btree * btree_create(size_t k) if (tree == NULL) return NULL; - if (k > BTREE_MAX_ORDER) + if (k < 1 || k > BTREE_MAX_ORDER) { + free(tree); return NULL; + } tree->k = k; tree->root = NULL; @@ -413,8 +417,10 @@ int btree_insert(struct btree * tree, if (rgt != NULL) { struct btnode * lft = btnode_create(tree->root->k); - if (lft == NULL) + if (lft == NULL) { + free(rgt); return -ENOMEM; + } lft->used = tree->root->used; lft->leaf = tree->root->leaf; diff --git a/src/lib/cdap.c b/src/lib/cdap.c index 679771f5..5ed86ad1 100644 --- a/src/lib/cdap.c +++ b/src/lib/cdap.c @@ -555,6 +555,7 @@ int cdap_add_flow(struct cdap * instance, if (flow_set_add(instance->set, fd)) { pthread_rwlock_unlock(&instance->flows_lock); + free(e); return -1; } diff --git a/src/lib/frct_pci.c b/src/lib/frct_pci.c index 115a3eb9..4fa9ddc2 100644 --- a/src/lib/frct_pci.c +++ b/src/lib/frct_pci.c @@ -71,7 +71,7 @@ int frct_pci_ser(struct shm_du_buff * sdb, if (pci->type & PDU_TYPE_CONFIG) { memcpy(head + offset, &pci->conf_flags, CONF_FLAGS_SIZE); - offset += CONF_FLAGS_SIZE; + /* offset += CONF_FLAGS_SIZE; */ } if (error_check) { @@ -113,7 +113,7 @@ int frct_pci_des(struct shm_du_buff * sdb, if (pci->type & PDU_TYPE_CONFIG) { memcpy(&pci->conf_flags, head + offset, CONF_FLAGS_SIZE); - offset += CONF_FLAGS_SIZE; + /* offset += CONF_FLAGS_SIZE; */ } if (error_check) { diff --git a/src/lib/irm.c b/src/lib/irm.c index ce17bf18..7e593cc6 100644 --- a/src/lib/irm.c +++ b/src/lib/irm.c @@ -333,7 +333,6 @@ static int check_ap_path(char ** ap_name) strcpy(tstop--, *ap_name); while (pstop < path_end) { - ret = 0; pstart = pstop; if (*pstart != '/') { free(tmp); diff --git a/src/lib/rib.c b/src/lib/rib.c index bbe996e7..9e45a302 100644 --- a/src/lib/rib.c +++ b/src/lib/rib.c @@ -788,7 +788,7 @@ static struct rib_sub * rib_get_sub(uint32_t sid) return r; } - return 0; + return NULL; } static struct rib_sub * rib_sub_create(uint32_t sid) @@ -1140,6 +1140,8 @@ int rib_event_wait(ro_set_t * set, sub = rib_get_sub(set->sid); + assert(sub); + pthread_rwlock_unlock(&rib.lock); pthread_mutex_lock(&sub->lock); diff --git a/src/lib/shm_rdrbuff.c b/src/lib/shm_rdrbuff.c index 447f8b35..d8893677 100644 --- a/src/lib/shm_rdrbuff.c +++ b/src/lib/shm_rdrbuff.c @@ -147,8 +147,10 @@ struct shm_rdrbuff * shm_rdrbuff_create() return NULL; rdrb = malloc(sizeof *rdrb); - if (rdrb == NULL) + if (rdrb == NULL) { + free(shm_rdrb_fn); return NULL; + } mask = umask(0); @@ -227,8 +229,10 @@ struct shm_rdrbuff * shm_rdrbuff_open() return NULL; rdrb = malloc(sizeof *rdrb); - if (rdrb == NULL) + if (rdrb == NULL) { + free(shm_rdrb_fn); return NULL; + } shm_fd = shm_open(shm_rdrb_fn, O_RDWR, 0666); if (shm_fd < 0) { -- cgit v1.2.3