From 4de841c26b7208d5395da349ea16c937b1361414 Mon Sep 17 00:00:00 2001
From: Sander Vrijders <sander.vrijders@ugent.be>
Date: Tue, 29 Aug 2017 13:14:25 +0200
Subject: lib, ipcpd, irmd: Fix bugs reported by static analysis
This fixes several bugs as reported by the clang static analyzer.
---
src/lib/btree.c | 10 ++++++++--
src/lib/cdap.c | 1 +
src/lib/frct_pci.c | 4 ++--
src/lib/irm.c | 1 -
src/lib/rib.c | 4 +++-
src/lib/shm_rdrbuff.c | 8 ++++++--
6 files changed, 20 insertions(+), 8 deletions(-)
(limited to 'src/lib')
diff --git a/src/lib/btree.c b/src/lib/btree.c
index 8be8b99f..beba90f7 100644
--- a/src/lib/btree.c
+++ b/src/lib/btree.c
@@ -85,6 +85,8 @@ static struct btnode * btnode_create(size_t k)
if (node == NULL)
return NULL;
+ assert(k > 0);
+
node->keyvals = malloc(sizeof(*node->keyvals) * k);
if (node->keyvals == NULL) {
free(node);
@@ -368,8 +370,10 @@ struct btree * btree_create(size_t k)
if (tree == NULL)
return NULL;
- if (k > BTREE_MAX_ORDER)
+ if (k < 1 || k > BTREE_MAX_ORDER) {
+ free(tree);
return NULL;
+ }
tree->k = k;
tree->root = NULL;
@@ -413,8 +417,10 @@ int btree_insert(struct btree * tree,
if (rgt != NULL) {
struct btnode * lft = btnode_create(tree->root->k);
- if (lft == NULL)
+ if (lft == NULL) {
+ free(rgt);
return -ENOMEM;
+ }
lft->used = tree->root->used;
lft->leaf = tree->root->leaf;
diff --git a/src/lib/cdap.c b/src/lib/cdap.c
index 679771f5..5ed86ad1 100644
--- a/src/lib/cdap.c
+++ b/src/lib/cdap.c
@@ -555,6 +555,7 @@ int cdap_add_flow(struct cdap * instance,
if (flow_set_add(instance->set, fd)) {
pthread_rwlock_unlock(&instance->flows_lock);
+ free(e);
return -1;
}
diff --git a/src/lib/frct_pci.c b/src/lib/frct_pci.c
index 115a3eb9..4fa9ddc2 100644
--- a/src/lib/frct_pci.c
+++ b/src/lib/frct_pci.c
@@ -71,7 +71,7 @@ int frct_pci_ser(struct shm_du_buff * sdb,
if (pci->type & PDU_TYPE_CONFIG) {
memcpy(head + offset, &pci->conf_flags, CONF_FLAGS_SIZE);
- offset += CONF_FLAGS_SIZE;
+ /* offset += CONF_FLAGS_SIZE; */
}
if (error_check) {
@@ -113,7 +113,7 @@ int frct_pci_des(struct shm_du_buff * sdb,
if (pci->type & PDU_TYPE_CONFIG) {
memcpy(&pci->conf_flags, head + offset, CONF_FLAGS_SIZE);
- offset += CONF_FLAGS_SIZE;
+ /* offset += CONF_FLAGS_SIZE; */
}
if (error_check) {
diff --git a/src/lib/irm.c b/src/lib/irm.c
index ce17bf18..7e593cc6 100644
--- a/src/lib/irm.c
+++ b/src/lib/irm.c
@@ -333,7 +333,6 @@ static int check_ap_path(char ** ap_name)
strcpy(tstop--, *ap_name);
while (pstop < path_end) {
- ret = 0;
pstart = pstop;
if (*pstart != '/') {
free(tmp);
diff --git a/src/lib/rib.c b/src/lib/rib.c
index bbe996e7..9e45a302 100644
--- a/src/lib/rib.c
+++ b/src/lib/rib.c
@@ -788,7 +788,7 @@ static struct rib_sub * rib_get_sub(uint32_t sid)
return r;
}
- return 0;
+ return NULL;
}
static struct rib_sub * rib_sub_create(uint32_t sid)
@@ -1140,6 +1140,8 @@ int rib_event_wait(ro_set_t * set,
sub = rib_get_sub(set->sid);
+ assert(sub);
+
pthread_rwlock_unlock(&rib.lock);
pthread_mutex_lock(&sub->lock);
diff --git a/src/lib/shm_rdrbuff.c b/src/lib/shm_rdrbuff.c
index 447f8b35..d8893677 100644
--- a/src/lib/shm_rdrbuff.c
+++ b/src/lib/shm_rdrbuff.c
@@ -147,8 +147,10 @@ struct shm_rdrbuff * shm_rdrbuff_create()
return NULL;
rdrb = malloc(sizeof *rdrb);
- if (rdrb == NULL)
+ if (rdrb == NULL) {
+ free(shm_rdrb_fn);
return NULL;
+ }
mask = umask(0);
@@ -227,8 +229,10 @@ struct shm_rdrbuff * shm_rdrbuff_open()
return NULL;
rdrb = malloc(sizeof *rdrb);
- if (rdrb == NULL)
+ if (rdrb == NULL) {
+ free(shm_rdrb_fn);
return NULL;
+ }
shm_fd = shm_open(shm_rdrb_fn, O_RDWR, 0666);
if (shm_fd < 0) {
--
cgit v1.2.3