Author: markj
Date: Wed Dec 2 16:46:45 2020
New Revision: 368278
URL: https://svnweb.freebsd.org/changeset/base/368278
Log:
rtsold: Fix bugs reported by Coverity
- Avoid leaking a socket if llflags_get() fails.
- Avoid leaking a file handle if rtsold_init_dumpfile() fails.
- Tighten the check in if_nametosdl() which determines whether we failed
to find the specified interface.
- Fix errno handling in an error path in rtsock_open().
MFC after: 1 week
Modified:
head/usr.sbin/rtsold/cap_llflags.c
head/usr.sbin/rtsold/dump.c
head/usr.sbin/rtsold/if.c
head/usr.sbin/rtsold/rtsock.c
Modified: head/usr.sbin/rtsold/cap_llflags.c
==============================================================================
--- head/usr.sbin/rtsold/cap_llflags.c Wed Dec 2 16:33:23 2020
(r368277)
+++ head/usr.sbin/rtsold/cap_llflags.c Wed Dec 2 16:46:45 2020
(r368278)
@@ -72,9 +72,12 @@ llflags_get(const char *ifname, int *flagsp)
if (s < 0)
return (-1);
- if (getifaddrs(&ifap) != 0)
- return (-1);
- error = -1;
+ ifap = NULL;
+ if (getifaddrs(&ifap) != 0) {
+ error = errno;
+ goto out;
+ }
+ error = ENOENT;
for (ifa = ifap; ifa != NULL; ifa = ifa->ifa_next) {
if (strcmp(ifa->ifa_name, ifname) != 0)
continue;
@@ -88,27 +91,29 @@ llflags_get(const char *ifname, int *flagsp)
memset(&ifr6, 0, sizeof(ifr6));
if (strlcpy(ifr6.ifr_name, ifname, sizeof(ifr6.ifr_name)) >=
sizeof(ifr6.ifr_name)) {
- freeifaddrs(ifap);
- errno = EINVAL;
- return (-1);
+ error = errno;
+ goto out;
}
memcpy(&ifr6.ifr_ifru.ifru_addr, sin6, sin6->sin6_len);
if (ioctl(s, SIOCGIFAFLAG_IN6, &ifr6) < 0) {
error = errno;
- freeifaddrs(ifap);
- errno = error;
- return (-1);
+ goto out;
}
*flagsp = ifr6.ifr_ifru.ifru_flags6;
error = 0;
break;
}
+out:
(void)close(s);
- freeifaddrs(ifap);
- if (error == -1)
- errno = ENOENT;
- return (error);
+ if (ifap != NULL)
+ freeifaddrs(ifap);
+ if (error != 0) {
+ errno = error;
+ return (-1);
+ } else {
+ return (0);
+ }
}
int
Modified: head/usr.sbin/rtsold/dump.c
==============================================================================
--- head/usr.sbin/rtsold/dump.c Wed Dec 2 16:33:23 2020 (r368277)
+++ head/usr.sbin/rtsold/dump.c Wed Dec 2 16:46:45 2020 (r368278)
@@ -148,6 +148,7 @@ rtsold_init_dumpfile(const char *dumpfile)
if (caph_rights_limit(fileno(fp), &rights) != 0) {
warnmsg(LOG_WARNING, __func__, "caph_rights_limit(%s): %s",
dumpfile, strerror(errno));
+ (void)fclose(fp);
return (NULL);
}
return (fp);
Modified: head/usr.sbin/rtsold/if.c
==============================================================================
--- head/usr.sbin/rtsold/if.c Wed Dec 2 16:33:23 2020 (r368277)
+++ head/usr.sbin/rtsold/if.c Wed Dec 2 16:46:45 2020 (r368278)
@@ -327,7 +327,7 @@ if_nametosdl(char *name)
}
}
}
- if (next == lim) {
+ if (next >= lim) {
/* search failed */
free(buf);
return (NULL);
Modified: head/usr.sbin/rtsold/rtsock.c
==============================================================================
--- head/usr.sbin/rtsold/rtsock.c Wed Dec 2 16:33:23 2020
(r368277)
+++ head/usr.sbin/rtsold/rtsock.c Wed Dec 2 16:46:45 2020
(r368278)
@@ -84,7 +84,7 @@ rtsock_open(void)
if (caph_rights_limit(s, &rights) != 0) {
error = errno;
(void)close(s);
- errno = errno;
+ errno = error;
return (-1);
}
return (s);
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
