Fix Coverity defects (#8579)
Fix Coverity CID355287 and CID355289: technically it is a false-positive but it is easier to put a pattern in the code that they can recognise as a sanitizer. The compiler will remove it during optimization. Fix CID353973: the security condition is unlikely to occur but we can avoid it completely. Fix resource leak from CID 355286 and CID 355288. Fixing new resource leak introduced by a previous commit (CID355449)
This commit is contained in:
parent
c7d8aecfe9
commit
844a2d4e03
|
@ -42,7 +42,7 @@ ACLK_PROXY_TYPE aclk_verify_proxy(const char *string)
|
|||
if (!string)
|
||||
return PROXY_TYPE_UNKNOWN;
|
||||
|
||||
while (*string == 0x20)
|
||||
while (*string == 0x20 && *string!=0) // Help coverity (compiler will remove)
|
||||
string++;
|
||||
|
||||
if (!*string)
|
||||
|
|
|
@ -176,6 +176,7 @@ int aclk_send_https_request(char *method, char *host, char *port, char *url, cha
|
|||
context = lws_create_context(&info);
|
||||
if (!context) {
|
||||
error("Error creating LWS context");
|
||||
freez(data);
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
|
|
@ -146,29 +146,16 @@ int cloud_to_agent_parse(JSON_ENTRY *e)
|
|||
static RSA *aclk_private_key = NULL;
|
||||
static int create_private_key()
|
||||
{
|
||||
char filename[FILENAME_MAX + 1]; struct stat statbuf;
|
||||
char filename[FILENAME_MAX + 1];
|
||||
snprintfz(filename, FILENAME_MAX, "%s/claim.d/private.pem", netdata_configured_user_config_dir);
|
||||
|
||||
if (lstat(filename, &statbuf) != 0) {
|
||||
error("Claimed agent cannot establish ACLK - private key not found '%s' failed.", filename);
|
||||
long bytes_read;
|
||||
char *private_key = read_by_filename(filename, &bytes_read);
|
||||
if (!private_key) {
|
||||
error("Claimed agent cannot establish ACLK - unable to load private key '%s' failed.", filename);
|
||||
return 1;
|
||||
}
|
||||
if (unlikely(statbuf.st_size == 0)) {
|
||||
info("Claimed agent cannot establish ACLK - private key '%s' is empty.", filename);
|
||||
return 1;
|
||||
}
|
||||
|
||||
FILE *f = fopen(filename, "rt");
|
||||
if (unlikely(f == NULL)) {
|
||||
error("Claimed agent cannot establish ACLK - unable to open private key '%s'.", filename);
|
||||
return 1;
|
||||
}
|
||||
|
||||
char *private_key = callocz(1, statbuf.st_size + 1);
|
||||
size_t bytes_read = fread(private_key, 1, statbuf.st_size, f);
|
||||
private_key[bytes_read] = 0;
|
||||
debug(D_ACLK, "Claimed agent loaded private key len=%zu bytes", bytes_read);
|
||||
fclose(f);
|
||||
debug(D_ACLK, "Claimed agent loaded private key len=%ld bytes", bytes_read);
|
||||
|
||||
BIO *key_bio = BIO_new_mem_buf(private_key, -1);
|
||||
if (key_bio==NULL) {
|
||||
|
|
|
@ -51,15 +51,7 @@ void claim_agent(char *claiming_arguments)
|
|||
char command_buffer[CLAIMING_COMMAND_LENGTH + 1];
|
||||
FILE *fp;
|
||||
|
||||
char *cloud_base_hostname = NULL; // Initializers are over-written but prevent gcc complaining about clobbering.
|
||||
char *cloud_base_port = NULL;
|
||||
char *cloud_base_url = config_get(CONFIG_SECTION_CLOUD, "cloud base url", DEFAULT_CLOUD_BASE_URL);
|
||||
if( aclk_decode_base_url(cloud_base_url, &cloud_base_hostname, &cloud_base_port))
|
||||
{
|
||||
error("Configuration error - cannot decode \"cloud base url\"");
|
||||
return;
|
||||
}
|
||||
|
||||
const char *proxy_str;
|
||||
ACLK_PROXY_TYPE proxy_type;
|
||||
char proxy_flag[CLAIMING_PROXY_LENGTH] = "-noproxy";
|
||||
|
@ -120,31 +112,14 @@ void load_claiming_state(void)
|
|||
}
|
||||
|
||||
char filename[FILENAME_MAX + 1];
|
||||
struct stat statbuf;
|
||||
|
||||
snprintfz(filename, FILENAME_MAX, "%s/claim.d/claimed_id", netdata_configured_user_config_dir);
|
||||
|
||||
// check if the file exists
|
||||
if (lstat(filename, &statbuf) != 0) {
|
||||
info("lstat on File '%s' failed reason=\"%s\". Setting state to AGENT_UNCLAIMED.", filename, strerror(errno));
|
||||
return;
|
||||
}
|
||||
if (unlikely(statbuf.st_size == 0)) {
|
||||
info("File '%s' has no contents. Setting state to AGENT_UNCLAIMED.", filename);
|
||||
long bytes_read;
|
||||
claimed_id = read_by_filename(filename, &bytes_read);
|
||||
if (!claimed_id) {
|
||||
info("Unable to load '%s', setting state to AGENT_UNCLAIMED", filename);
|
||||
return;
|
||||
}
|
||||
|
||||
FILE *f = fopen(filename, "rt");
|
||||
if (unlikely(f == NULL)) {
|
||||
error("File '%s' cannot be opened. Setting state to AGENT_UNCLAIMED.", filename);
|
||||
return;
|
||||
}
|
||||
|
||||
claimed_id = callocz(1, statbuf.st_size + 1);
|
||||
size_t bytes_read = fread(claimed_id, 1, statbuf.st_size, f);
|
||||
claimed_id[bytes_read] = 0;
|
||||
info("File '%s' was found. Setting state to AGENT_CLAIMED.", filename);
|
||||
fclose(f);
|
||||
|
||||
snprintfz(filename, FILENAME_MAX, "%s/claim.d/private.pem", netdata_configured_user_config_dir);
|
||||
}
|
||||
|
|
|
@ -1453,3 +1453,41 @@ void recursive_config_double_dir_load(const char *user_path, const char *stock_p
|
|||
freez(udir);
|
||||
freez(sdir);
|
||||
}
|
||||
|
||||
// Returns the number of bytes read from the file if file_size is not NULL.
|
||||
// The actual buffer has an extra byte set to zero (not included in the count).
|
||||
char *read_by_filename(char *filename, long *file_size)
|
||||
{
|
||||
FILE *f = fopen(filename, "r");
|
||||
if (!f)
|
||||
return NULL;
|
||||
if (fseek(f, 0, SEEK_END) < 0) {
|
||||
fclose(f);
|
||||
return NULL;
|
||||
}
|
||||
long size = ftell(f);
|
||||
if (size <= 0 || fseek(f, 0, SEEK_END) < 0) {
|
||||
fclose(f);
|
||||
return NULL;
|
||||
}
|
||||
char *contents = callocz(size + 1, 1);
|
||||
if (!contents) {
|
||||
fclose(f);
|
||||
return NULL;
|
||||
}
|
||||
if (fseek(f, 0, SEEK_SET) < 0) {
|
||||
fclose(f);
|
||||
freez(contents);
|
||||
return NULL;
|
||||
}
|
||||
size_t res = fread(contents, 1, size, f);
|
||||
if ( res != (size_t)size) {
|
||||
freez(contents);
|
||||
fclose(f);
|
||||
return NULL;
|
||||
}
|
||||
fclose(f);
|
||||
if (file_size)
|
||||
*file_size = size;
|
||||
return contents;
|
||||
}
|
||||
|
|
|
@ -278,6 +278,7 @@ extern void recursive_config_double_dir_load(
|
|||
, void *data
|
||||
, size_t depth
|
||||
);
|
||||
extern char *read_by_filename(char *filename, long *file_size);
|
||||
|
||||
/* fix for alpine linux */
|
||||
#ifndef RUSAGE_THREAD
|
||||
|
|
Loading…
Reference in New Issue