diff options
author | Jiri Popelka <jpopelka@redhat.com> | 2011-12-07 19:43:56 +0100 |
---|---|---|
committer | Jiri Popelka <jpopelka@redhat.com> | 2012-01-05 12:22:43 +0100 |
commit | 6ccabd574062869c3b1101e64b4e85c86a85ec15 (patch) | |
tree | 8725a4de69292c4fb7a924c2caf3d3fdebc31f3d /netstat.c | |
parent | 0dcd1d1beb3c0d52d0aa308594652fde58a0ca0f (diff) | |
download | net-tools-6ccabd574062869c3b1101e64b4e85c86a85ec15.tar.gz net-tools-6ccabd574062869c3b1101e64b4e85c86a85ec15.tar.bz2 net-tools-6ccabd574062869c3b1101e64b4e85c86a85ec15.zip |
Possible problems found by static analysis of code.
We analyzed the net-tools-1.60 code with Coverity.
Coverity is commercial enterprise level tool for
static analysis (analysis based only on compiling
of sources, not based on running of binary) of the code.
This change should fix some possible problems like resource (memory,
file descriptors) leaks.
Follow respective parts of the scan log. The line
numbers could be quite different as we analyzed Red Hat's
heavily patched version of net-tools-1.60.
Error: RESOURCE_LEAK
ipmaddr.c:191: alloc_fn: Calling allocation function "malloc".
ipmaddr.c:191: var_assign: Assigning: "ma" = storage returned from "malloc(sizeof (m) /*64*/)".
ipmaddr.c:203: overwrite_var: Overwriting "ma" in call "ma = malloc(sizeof (m) /*64*/)" leaks the storage that "ma" points to.
Error: RESOURCE_LEAK
iptunnel.c:473: alloc_fn: Calling allocation function "fopen".
iptunnel.c:473: var_assign: Assigning: "fp" = storage returned from "fopen("/proc/net/dev", "r")".
iptunnel.c:488: leaked_storage: Variable "fp" going out of scope leaks the storage it points to.
iptunnel.c:524: leaked_storage: Variable "fp" going out of scope leaks the storage it points to.
Error: FORWARD_NULL
lib/inet.c:408: var_compare_op: Comparing "item" to null implies that "item" might be null.
lib/inet.c:410: var_deref_op: Dereferencing null variable "item".
Error: RESOURCE_LEAK
lib/masq_info.c:174: alloc_fn: Calling allocation function "malloc".
lib/masq_info.c:174: var_assign: Assigning: "mslist" = storage returned from "malloc(1152UL)".
lib/masq_info.c:215: leaked_storage: Variable "mslist" going out of scope leaks the storage it points to.
Error: RESOURCE_LEAK
lib/netrom_gr.c:35: alloc_fn: Calling allocation function "fopen".
lib/netrom_gr.c:35: var_assign: Assigning: "f1" = storage returned from "fopen("/proc/net/nr_nodes", "r")".
lib/netrom_gr.c:42: overwrite_var: Overwriting "f1" in call "f1 = fopen("/proc/net/nr_nodes", "r")" leaks the storage that "f1" points to.
Error: RESOURCE_LEAK
lib/netrom_gr.c:36: alloc_fn: Calling allocation function "fopen".
lib/netrom_gr.c:36: var_assign: Assigning: "f2" = storage returned from "fopen("/proc/net/nr_neigh", "r")".
lib/netrom_gr.c:44: overwrite_var: Overwriting "f2" in call "f2 = fopen("/proc/net/nr_neigh", "r")" leaks the storage that "f2" points to
Error: FORWARD_NULL
lib/x25.c:101: var_compare_op: Comparing "p" to null implies that "p" might be null.
lib/x25.c:109: var_deref_op: Dereferencing null variable "p".
Error: RESOURCE_LEAK
nameif.c:166: alloc_fn: Calling allocation function "xmalloc".
nameif.c:166: var_assign: Assigning: "ch" = storage returned from "xmalloc(sizeof (struct change) /*40*/)".
nameif.c:177: leaked_storage: Variable "ch" going out of scope leaks the storage it points to.
Error: NEGATIVE_RETURNS
netstat.c:463: negative_return_fn: Function "readlink(line, lname, 29UL)" returns a negative number.
netstat.c:463: var_assign: Assigning: signed variable "lnamelen" = "readlink".
netstat.c:464: negative_returns: Using variable "lnamelen" as an index to array "lname".
Error: RESOURCE_LEAK
netstat.c:894: alloc_fn: Calling allocation function "fopen".
netstat.c:894: var_assign: Assigning: "f" = storage returned from "fopen("/proc/net/x25", "r")".
netstat.c:905: overwrite_var: Overwriting "f" in call "f = fopen("/proc/net/x25", "r")" leaks the storage that "f" points to.
Error: RESOURCE_LEAK
netstat.c:1916: alloc_fn: Calling allocation function "fopen".
netstat.c:1916: var_assign: Assigning: "f" = storage returned from "fopen("/proc/net/ipx", "r")".
netstat.c:1934: leaked_storage: Variable "f" going out of scope leaks the storage it points to.
netstat.c:1947: leaked_storage: Variable "f" going out of scope leaks the storage it points to.
netstat.c:1957: leaked_storage: Variable "f" going out of scope leaks the storage it points to.
Diffstat (limited to 'netstat.c')
-rw-r--r-- | netstat.c | 7 |
1 files changed, 6 insertions, 1 deletions
@@ -405,6 +405,8 @@ static void prg_cache_load(void) PATH_FD_SUFFl+1); strcpy(line + procfdlen + 1, direfd->d_name); lnamelen=readlink(line,lname,sizeof(lname)-1); + if (lnamelen == -1) + continue; lname[lnamelen] = '\0'; /*make it a null-terminated string*/ if (extract_type_1_socket_inode(lname, &inode) < 0) @@ -677,7 +679,7 @@ static int x25_info(void) "ESTABLISHED", "RECOVERY" }; - if(!(f=proc_fopen(_PATH_PROCNET_X25))) + if(!f) { if (errno != ENOENT) { perror(_PATH_PROCNET_X25); @@ -1547,6 +1549,7 @@ static int ipx_info(void) printf("\n"); if ((ap = get_afntype(AF_IPX)) == NULL) { EINTERN("netstat.c", "AF_IPX missing"); + fclose(f); return (-1); } if (fgets(buf, 255, f)) @@ -1561,6 +1564,7 @@ static int ipx_info(void) sport = ntohs(sport); } else { EINTERN("netstat.c", "ipx socket format error in source port"); + fclose(f); return (-1); } nc = 0; @@ -1571,6 +1575,7 @@ static int ipx_info(void) dport = ntohs(dport); } else { EINTERN("netstat.c", "ipx soket format error in destination port"); + fclose(f); return (-1); } } else |