diff options
author | jbj <devnull@localhost> | 2002-06-23 19:47:08 +0000 |
---|---|---|
committer | jbj <devnull@localhost> | 2002-06-23 19:47:08 +0000 |
commit | 13d177beb233e111b3ede3edc1340747433a7556 (patch) | |
tree | bbc977014bf90f658b0181792ea42aad52b449d6 /rpmio | |
parent | 05cb73a7ee762065339393057d421613866e0418 (diff) | |
download | rpm-13d177beb233e111b3ede3edc1340747433a7556.tar.gz rpm-13d177beb233e111b3ede3edc1340747433a7556.tar.bz2 rpm-13d177beb233e111b3ede3edc1340747433a7556.zip |
Add boundswrite annotations everywhere.
CVS patchset: 5522
CVS date: 2002/06/23 19:47:08
Diffstat (limited to 'rpmio')
-rw-r--r-- | rpmio/.lclintrc | 2 | ||||
-rw-r--r-- | rpmio/digest.c | 2 | ||||
-rw-r--r-- | rpmio/fts.c | 38 | ||||
-rw-r--r-- | rpmio/macro.c | 30 | ||||
-rw-r--r-- | rpmio/rpmio.c | 40 | ||||
-rw-r--r-- | rpmio/rpmio_internal.h | 16 | ||||
-rw-r--r-- | rpmio/rpmlog.c | 2 | ||||
-rw-r--r-- | rpmio/rpmpgp.c | 10 | ||||
-rw-r--r-- | rpmio/rpmpgp.h | 126 | ||||
-rw-r--r-- | rpmio/rpmrpc.c | 10 | ||||
-rw-r--r-- | rpmio/ugid.c | 16 | ||||
-rw-r--r-- | rpmio/url.c | 14 |
12 files changed, 285 insertions, 21 deletions
diff --git a/rpmio/.lclintrc b/rpmio/.lclintrc index 29a159cee..9d47e41a4 100644 --- a/rpmio/.lclintrc +++ b/rpmio/.lclintrc @@ -14,7 +14,7 @@ # --- in progress #+bounds # 334 -#+boundswrite # 152 ++boundswrite # 152 # --- +partial artifacts -declundef diff --git a/rpmio/digest.c b/rpmio/digest.c index 474388431..29ec824e8 100644 --- a/rpmio/digest.c +++ b/rpmio/digest.c @@ -115,6 +115,7 @@ static union _dendian { #define IS_BIG_ENDIAN() (_endian->b[0] == '\x44') #define IS_LITTLE_ENDIAN() (_endian->b[0] == '\x11') +/*@-boundswrite@*/ int rpmDigestFinal(/*@only@*/ DIGEST_CTX ctx, /*@out@*/ void ** datap, /*@out@*/ size_t *lenp, int asAscii) @@ -167,3 +168,4 @@ DPRINTF((stderr, "*** Final(%p,%p,%p,%d) param %p digest %p\n", ctx, datap, lenp free(ctx); return 0; } +/*@=boundswrite@*/ diff --git a/rpmio/fts.c b/rpmio/fts.c index 8387e8120..103921987 100644 --- a/rpmio/fts.c +++ b/rpmio/fts.c @@ -122,7 +122,9 @@ Fts_open(char * const * argv, int options, /* Options check. */ if (options & ~FTS_OPTIONMASK) { +/*@-boundswrite@*/ __set_errno (EINVAL); +/*@=boundswrite@*/ return (NULL); } @@ -161,14 +163,18 @@ Fts_open(char * const * argv, int options, for (root = NULL, nitems = 0; *argv != NULL; ++argv, ++nitems) { /* Don't allow zero-length paths. */ if ((len = strlen(*argv)) == 0) { +/*@-boundswrite@*/ __set_errno (ENOENT); +/*@=boundswrite@*/ goto mem3; } /* Use fchdir(2) speedup only if local DASDI. */ switch (urlIsURL(*argv)) { case URL_IS_DASH: +/*@-boundswrite@*/ __set_errno (ENOENT); +/*@=boundswrite@*/ goto mem3; /*@notreached@*/ /*@switchbreak@*/ break; case URL_IS_HTTP: @@ -256,6 +262,7 @@ fts_load(FTS * sp, FTSENT * p) * known that the path will fit. */ len = p->fts_pathlen = p->fts_namelen; +/*@-boundswrite@*/ memmove(sp->fts_path, p->fts_name, len + 1); if ((cp = strrchr(p->fts_name, '/')) && (cp != p->fts_name || cp[1])) { len = strlen(++cp); @@ -264,6 +271,7 @@ fts_load(FTS * sp, FTSENT * p) } p->fts_accpath = p->fts_path = sp->fts_path; sp->fts_dev = p->fts_dev; +/*@=boundswrite@*/ } int @@ -304,7 +312,9 @@ Fts_close(FTS * sp) if (saved_errno != 0) { /* Free up the stream pointer. */ free(sp); +/*@-boundswrite@*/ __set_errno (saved_errno); +/*@=boundswrite@*/ return (-1); } } @@ -421,6 +431,7 @@ Fts_read(FTS * sp) } /* Move to the next node on this level. */ +/*@-boundswrite@*/ next: tmp = p; if ((p = p->fts_link) != NULL) { free(tmp); @@ -482,6 +493,7 @@ name: t = sp->fts_path + NAPPEND(p->fts_parent); /* NUL terminate the pathname. */ sp->fts_path[p->fts_pathlen] = '\0'; +/*@=boundswrite@*/ /* * Return to the parent directory. If at a root node or came through @@ -497,7 +509,9 @@ name: t = sp->fts_path + NAPPEND(p->fts_parent); if (FCHDIR(sp, p->fts_symfd)) { saved_errno = errno; (void)__close(p->fts_symfd); +/*@-boundswrite@*/ __set_errno (saved_errno); +/*@=boundswrite@*/ SET(FTS_STOP); return (NULL); } @@ -522,7 +536,9 @@ Fts_set(/*@unused@*/ FTS * sp, FTSENT * p, int instr) { if (instr != 0 && instr != FTS_AGAIN && instr != FTS_FOLLOW && instr != FTS_NOINSTR && instr != FTS_SKIP) { +/*@-boundswrite@*/ __set_errno (EINVAL); +/*@=boundswrite@*/ return (1); } p->fts_instr = instr; @@ -536,7 +552,9 @@ Fts_children(FTS * sp, int instr) int fd; if (instr != 0 && instr != FTS_NAMEONLY) { +/*@-boundswrite@*/ __set_errno (EINVAL); +/*@=boundswrite@*/ return (NULL); } @@ -547,7 +565,9 @@ Fts_children(FTS * sp, int instr) * Errno set to 0 so user can distinguish empty directory from * an error. */ +/*@-boundswrite@*/ __set_errno (0); +/*@=boundswrite@*/ /* Fatal errors stop here. */ if (ISSET(FTS_STOP)) @@ -710,7 +730,9 @@ fts_build(FTS * sp, int type) len = NAPPEND(cur); if (ISSET(FTS_NOCHDIR)) { cp = sp->fts_path + len; +/*@-boundswrite@*/ *cp++ = '/'; +/*@=boundswrite@*/ } else { /* GCC, you're too verbose. */ cp = NULL; @@ -840,7 +862,9 @@ mem1: saved_errno = errno; if (ISSET(FTS_NOCHDIR)) { if (len == sp->fts_pathlen || nitems == 0) --cp; +/*@-boundswrite@*/ *cp = '\0'; +/*@=boundswrite@*/ } /* @@ -904,7 +928,9 @@ fts_stat(FTS * sp, FTSENT * p, int follow) if ((*sp->fts_stat) (p->fts_accpath, sbp)) { saved_errno = errno; if (!(*sp->fts_lstat) (p->fts_accpath, sbp)) { +/*@-boundswrite@*/ __set_errno (0); +/*@=boundswrite@*/ return (FTS_SLNONE); } p->fts_errno = saved_errno; @@ -912,7 +938,9 @@ fts_stat(FTS * sp, FTSENT * p, int follow) } } else if ((*sp->fts_lstat) (p->fts_accpath, sbp)) { p->fts_errno = errno; +/*@-boundswrite@*/ err: memset(sbp, 0, sizeof(*sbp)); +/*@=boundswrite@*/ return (FTS_NS); } @@ -978,6 +1006,7 @@ fts_sort(FTS * sp, FTSENT * head, int nitems) } sp->fts_array = a; } +/*@-boundswrite@*/ for (ap = sp->fts_array, p = head; p; p = p->fts_link) *ap++ = p; qsort((void *)sp->fts_array, nitems, sizeof(*sp->fts_array), @@ -985,6 +1014,7 @@ fts_sort(FTS * sp, FTSENT * head, int nitems) for (head = *(ap = sp->fts_array); --nitems; ++ap) ap[0]->fts_link = ap[1]; ap[0]->fts_link = NULL; +/*@=boundswrite@*/ return (head); } @@ -1009,8 +1039,10 @@ fts_alloc(FTS * sp, const char * name, int namelen) return (NULL); /* Copy the name and guarantee NUL termination. */ +/*@-boundswrite@*/ memmove(p->fts_name, name, namelen); p->fts_name[namelen] = '\0'; +/*@=boundswrite@*/ if (!ISSET(FTS_NOSTAT)) p->fts_statp = (struct stat *)ALIGN(p->fts_name + namelen + 2); @@ -1061,7 +1093,9 @@ fts_palloc(FTS * sp, size_t more) sp->fts_path = NULL; } sp->fts_path = NULL; +/*@-boundswrite@*/ __set_errno (ENAMETOOLONG); +/*@=boundswrite@*/ return (1); } p = realloc(sp->fts_path, sp->fts_pathlen); @@ -1134,7 +1168,9 @@ fts_safe_changedir(FTS * sp, FTSENT * p, int fd, const char * path) goto bail; } if (p->fts_dev != sb.st_dev || p->fts_ino != sb.st_ino) { +/*@-boundswrite@*/ __set_errno (ENOENT); /* disinformation */ +/*@=boundswrite@*/ ret = -1; goto bail; } @@ -1143,7 +1179,9 @@ bail: oerrno = errno; if (fd < 0) (void)__close(newfd); +/*@-boundswrite@*/ __set_errno (oerrno); +/*@=boundswrite@*/ return (ret); } /*@=compdef =compmempass =dependenttrans =retalias @*/ diff --git a/rpmio/macro.c b/rpmio/macro.c index 7532cbe63..a5276b669 100644 --- a/rpmio/macro.c +++ b/rpmio/macro.c @@ -152,6 +152,7 @@ compareMacroName(const void * ap, const void * bp) * Enlarge macro table. * @param mc macro context */ +/*@-boundswrite@*/ static void expandMacroTable(MacroContext mc) /*@modifies mc @*/ @@ -169,6 +170,7 @@ expandMacroTable(MacroContext mc) } memset(&mc->macroTable[mc->firstFree], 0, MACRO_CHUNK_SIZE * sizeof(*(mc->macroTable))); } +/*@=boundswrite@*/ /** * Sort entries in macro table. @@ -235,6 +237,7 @@ rpmDumpMacroTable(MacroContext mc, FILE * fp) * @param namelen no. of byes * @return address of slot in macro table with name (or NULL) */ +/*@-boundswrite@*/ /*@dependent@*/ /*@null@*/ static MacroEntry * findEntry(MacroContext mc, const char * name, size_t namelen) @@ -268,6 +271,7 @@ findEntry(MacroContext mc, const char * name, size_t namelen) /* XXX TODO: find 1st empty slot and return that */ return ret; } +/*@=boundswrite@*/ /* =============================================================== */ @@ -279,6 +283,7 @@ findEntry(MacroContext mc, const char * name, size_t namelen) * @param escapes permit escaped newlines? * @return buffer, or NULL on end-of-file */ +/*@-boundswrite@*/ /*@null@*/ static char * rdcl(/*@returned@*/ char * buf, size_t size, FD_t fd, int escapes) @@ -313,6 +318,7 @@ rdcl(/*@returned@*/ char * buf, size_t size, FD_t fd, int escapes) } while (size > 0); return (nread > 0 ? buf : NULL); } +/*@=boundswrite@*/ /** * Return text between pl and matching pr characters. @@ -443,24 +449,30 @@ printExpansion(MacroBuf mb, const char * t, const char * te) #define COPYNAME(_ne, _s, _c) \ { SKIPBLANK(_s,_c); \ + /*@-boundswrite@*/ \ while(((_c) = *(_s)) && (xisalnum(_c) || (_c) == '_')) \ *(_ne)++ = *(_s)++; \ *(_ne) = '\0'; \ + /*@=boundswrite@*/ \ } #define COPYOPTS(_oe, _s, _c) \ - { while(((_c) = *(_s)) && (_c) != ')') \ + { /*@-boundswrite@*/ \ + while(((_c) = *(_s)) && (_c) != ')') \ *(_oe)++ = *(_s)++; \ *(_oe) = '\0'; \ + /*@=boundswrite@*/ \ } #define COPYBODY(_be, _s, _c) \ - { while(((_c) = *(_s)) && !iseol(_c)) { \ + { /*@-boundswrite@*/ \ + while(((_c) = *(_s)) && !iseol(_c)) { \ if ((_c) == '\\') \ (_s)++; \ *(_be)++ = *(_s)++; \ } \ *(_be) = '\0'; \ + /*@=boundswrite@*/ \ } /** @@ -523,6 +535,7 @@ expandS(MacroBuf mb, char * tbuf, size_t tbuflen) * @param ulen no. bytes in u buffer * @return result of expansion */ +/*@-boundswrite@*/ static int expandU(MacroBuf mb, char * u, size_t ulen) /*@globals rpmGlobalMacroContext, fileSystem@*/ @@ -552,6 +565,7 @@ expandU(MacroBuf mb, char * u, size_t ulen) return rc; } +/*@=boundswrite@*/ /** * Expand output of shell command into target buffer. @@ -560,6 +574,7 @@ expandU(MacroBuf mb, char * u, size_t ulen) * @param clen no. bytes in shell command * @return result of expansion */ +/*@-boundswrite@*/ static int doShellEscape(MacroBuf mb, const char * cmd, size_t clen) /*@globals rpmGlobalMacroContext, fileSystem @*/ @@ -589,6 +604,7 @@ doShellEscape(MacroBuf mb, const char * cmd, size_t clen) } return 0; } +/*@=boundswrite@*/ /** * Parse (and execute) new macro definition. @@ -633,20 +649,24 @@ doDefine(MacroBuf mb, /*@returned@*/ const char * se, int level, int expandbody) return se; } s++; /* XXX skip { */ +/*@-boundswrite@*/ strncpy(b, s, (se - s)); b[se - s] = '\0'; +/*@=boundswrite@*/ be += strlen(b); se++; /* XXX skip } */ s = se; /* move scan forward */ } else { /* otherwise free-field */ COPYBODY(be, s, c); +/*@-boundswrite@*/ /* Trim trailing blanks/newlines */ /*@-globs@*/ while (--be >= b && (c = *be) && (isblank(c) || iseol(c))) {}; /*@=globs@*/ *(++be) = '\0'; /* one too far */ +/*@=boundswrite@*/ } /* Move scan over body */ @@ -759,12 +779,14 @@ pushMacro(/*@out@*/ MacroEntry * mep, me->body = xstrdup(b ? b : ""); me->used = 0; me->level = level; +/*@-boundswrite@*/ /*@-branchstate@*/ if (mep) *mep = me; else me = _free(me); /*@=branchstate@*/ +/*@=boundswrite@*/ } /** @@ -781,8 +803,10 @@ popMacro(MacroEntry * mep) if (me) { /* XXX cast to workaround const */ /*@-onlytrans@*/ +/*@-boundswrite@*/ if ((*mep = me->prev) == NULL) me->name = _free(me->name); +/*@=boundswrite@*/ me->opts = _free(me->opts); me->body = _free(me->body); me = _free(me); @@ -846,6 +870,7 @@ freeArgs(MacroBuf mb) * @param lastc stop parsing at lastc * @return address to continue parsing */ +/*@-bounds@*/ /*@dependent@*/ static const char * grabArgs(MacroBuf mb, const MacroEntry me, /*@returned@*/ const char * se, char lastc) /*@globals rpmGlobalMacroContext @*/ @@ -983,6 +1008,7 @@ grabArgs(MacroBuf mb, const MacroEntry me, /*@returned@*/ const char * se, char return se; } +/*@=bounds@*/ /** * Perform macro message output diff --git a/rpmio/rpmio.c b/rpmio/rpmio.c index 09118ef0d..ff6000405 100644 --- a/rpmio/rpmio.c +++ b/rpmio/rpmio.c @@ -137,6 +137,7 @@ _free(/*@only@*/ /*@null@*/ /*@out@*/ const void * p) /* =============================================================== */ +/*@-boundswrite@*/ /*@-modfilesys@*/ static /*@observer@*/ const char * fdbg(/*@null@*/ FD_t fd) /*@*/ @@ -199,6 +200,7 @@ static /*@observer@*/ const char * fdbg(/*@null@*/ FD_t fd) return buf; } /*@=modfilesys@*/ +/*@=boundswrite@*/ /* =============================================================== */ off_t fdSize(FD_t fd) @@ -373,7 +375,9 @@ ssize_t fdRead(void * cookie, /*@out@*/ char * buf, size_t count) if (fd->bytesRemain == 0) return 0; /* XXX simulate EOF */ fdstat_enter(fd, FDSTAT_READ); +/*@-boundswrite@*/ rc = read(fdFileno(fd), buf, (count > fd->bytesRemain ? fd->bytesRemain : count)); +/*@=boundswrite@*/ fdstat_exit(fd, FDSTAT_READ, rc); if (fd->ndigests && rc > 0) fdUpdateDigests(fd, buf, rc); @@ -582,6 +586,7 @@ int fdReadable(FD_t fd, int secs) /*@notreached@*/ } +/*@-boundswrite@*/ int fdFgets(FD_t fd, char * buf, size_t len) { int fdno; @@ -644,6 +649,7 @@ fprintf(stderr, "*** read: fd %p rc %d EOF errno %d %s \"%s\"\n", fd, rc, errno, return (ec >= 0 ? nb : ec); } +/*@=boundswrite@*/ /* =============================================================== */ /* Support for FTP/HTTP I/O. @@ -728,9 +734,11 @@ static int mygethostbyname(const char * host, /*@=unrecog =multithreaded @*/ if (!hostinfo) return 1; +/*@-boundswrite@*/ /*@-nullderef@*/ memcpy(address, hostinfo->h_addr_list[0], sizeof(*address)); /*@=nullderef@*/ +/*@=boundswrite@*/ return 0; } #endif @@ -766,7 +774,9 @@ static int tcpConnect(FD_t ctrl, const char * host, int port) int fdno = -1; int rc; +/*@-boundswrite@*/ memset(&sin, 0, sizeof(sin)); +/*@=boundswrite@*/ sin.sin_family = AF_INET; sin.sin_port = htons(port); sin.sin_addr.s_addr = INADDR_ANY; @@ -810,6 +820,7 @@ errxit: return rc; } +/*@-boundswrite@*/ static int checkResponse(void * uu, FD_t ctrl, /*@out@*/ int *ecp, /*@out@*/ char ** str) /*@globals fileSystem @*/ @@ -972,6 +983,7 @@ fprintf(stderr, "<- %s\n", s); return ec; } +/*@=boundswrite@*/ static int ftpCheckResponse(urlinfo u, /*@out@*/ char ** str) /*@globals fileSystem @*/ @@ -1018,6 +1030,7 @@ static int ftpCommand(urlinfo u, char ** str, ...) len += sizeof("\r\n")-1; va_end(ap); +/*@-boundswrite@*/ t = te = alloca(len + 1); va_start(ap, str); @@ -1027,6 +1040,7 @@ static int ftpCommand(urlinfo u, char ** str, ...) } te = stpcpy(te, "\r\n"); va_end(ap); +/*@=boundswrite@*/ if (_ftp_debug) fprintf(stderr, "-> %s", t); @@ -1067,9 +1081,11 @@ static int ftpLogin(urlinfo u) uid_t uid = getuid(); struct passwd * pw; if (uid && (pw = getpwuid(uid)) != NULL) { +/*@-boundswrite@*/ char *myp = alloca(strlen(pw->pw_name) + sizeof("@")); strcpy(myp, pw->pw_name); strcat(myp, "@"); +/*@=boundswrite@*/ password = myp; } else { password = "root@"; @@ -1130,6 +1146,7 @@ int ftpReq(FD_t data, const char * ftpCmd, const char * ftpArg) char * chptr; int rc; +/*@-boundswrite@*/ URLSANE(u); if (ftpCmd == NULL) return FTPERR_UNKNOWN; /* XXX W2DO? */ @@ -1202,6 +1219,7 @@ int ftpReq(FD_t data, const char * ftpCmd, const char * ftpArg) while (*chptr++ != '\0') { if (*chptr == ',') *chptr = '.'; } +/*@=boundswrite@*/ /*@-moduncon@*/ if (!inet_aton(passReply, &dataAddress.sin_addr)) { @@ -1372,8 +1390,10 @@ static int urlConnect(const char * url, /*@out@*/ urlinfo * uret) } } +/*@-boundswrite@*/ if (uret != NULL) *uret = urlLink(u, "urlConnect"); +/*@=boundswrite@*/ u = urlFree(u, "urlSplit (urlConnect)"); return rc; @@ -1462,8 +1482,10 @@ static int ftpAbort(urlinfo u, FD_t data) tosecs = data->rd_timeoutsecs; data->rd_timeoutsecs = 10; if (fdReadable(data, data->rd_timeoutsecs) > 0) { +/*@-boundswrite@*/ while (timedRead(data, u->buf, u->bufAlloced) > 0) u->buf[0] = '\0'; +/*@=boundswrite@*/ } data->rd_timeoutsecs = tosecs; /* XXX ftp abort needs to close the data channel to receive status */ @@ -1576,6 +1598,7 @@ Transfer-Encoding: chunked\r\n\ \r\n\ ") + strlen(httpCmd) + strlen(path) + sizeof(VERSION) + strlen(host) + 20; +/*@-boundswrite@*/ req = alloca(len); *req = '\0'; @@ -1597,6 +1620,7 @@ Accept: text/plain\r\n\ \r\n\ ", httpCmd, path, (u->httpVersion ? 1 : 0), VERSION, host, port); } +/*@=boundswrite@*/ if (_ftp_debug) fprintf(stderr, "-> %s", req); @@ -1659,7 +1683,6 @@ static ssize_t ufdRead(void * cookie, /*@out@*/ char * buf, size_t count) int bytesRead; int total; - *buf = '\0'; /* LCL: insistent bugger. */ /* XXX preserve timedRead() behavior */ if (fdGetIo(fd) == fdio) { struct stat sb; @@ -1691,7 +1714,9 @@ static ssize_t ufdRead(void * cookie, /*@out@*/ char * buf, size_t count) /*@switchbreak@*/ break; } +/*@-boundswrite@*/ rc = fdRead(fd, buf + total, count - total); +/*@=boundswrite@*/ if (rc < 0) { switch (errno) { @@ -1954,8 +1979,10 @@ fprintf(stderr, "-> \r\n"); } exit: +/*@-boundswrite@*/ if (uret) *uret = u; +/*@=boundswrite@*/ /*@-refcounttrans@*/ return fd; /*@=refcounttrans@*/ @@ -1999,8 +2026,10 @@ static /*@null@*/ FD_t httpOpen(const char * url, /*@unused@*/ int flags, } exit: +/*@-boundswrite@*/ if (uret) *uret = u; +/*@=boundswrite@*/ /*@-refcounttrans@*/ return fd; /*@=refcounttrans@*/ @@ -2596,9 +2625,6 @@ size_t Fread(void *buf, size_t size, size_t nmemb, FD_t fd) { int rc; FDSANE(fd); -#ifdef __LCLINT__ - *(char *)buf = '\0'; -#endif /*@-modfilesys@*/ DBGIO(fd, (stderr, "==> Fread(%p,%u,%u,%p) %s\n", buf, (unsigned)size, (unsigned)nmemb, (fd ? fd : NULL), fdbg(fd))); /*@=modfilesys@*/ @@ -2758,6 +2784,7 @@ DBGIO(fd, (stderr, "==> Fclose(%p) %s\n", (fd ? fd : NULL), fdbg(fd))); * - bzopen: 's' is smallmode * - HACK: '.' terminates, rest is type of I/O */ +/*@-boundswrite@*/ static inline void cvtfmode (const char *m, /*@out@*/ char *stdio, size_t nstdio, /*@out@*/ char *other, size_t nother, @@ -2820,6 +2847,7 @@ static inline void cvtfmode (const char *m, if (f != NULL) *f = flags; } +/*@=boundswrite@*/ #if _USE_LIBIO #if defined(__GLIBC__) && __GLIBC__ == 2 && __GLIBC_MINOR__ == 0 @@ -2828,6 +2856,7 @@ typedef _IO_cookie_io_functions_t cookie_io_functions_t; #endif #endif +/*@-boundswrite@*/ FD_t Fdopen(FD_t ofd, const char *fmode) { char stdio[20], other[20], zstdio[20]; @@ -2939,6 +2968,7 @@ DBGIO(fd, (stderr, "==> Fdopen(%p,\"%s\") returns fd %p %s\n", ofd, fmode, (fd ? /*@=modfilesys@*/ /*@-refcounttrans -retalias@*/ return fd; /*@=refcounttrans =retalias@*/ } +/*@=boundswrite@*/ FD_t Fopen(const char *path, const char *fmode) { @@ -3095,6 +3125,7 @@ int Fcntl(FD_t fd, int op, void *lip) /* Helper routines that may be generally useful. */ +/*@-boundswrite@*/ int rpmioSlurp(const char * fn, const byte ** bp, ssize_t * blenp) { static ssize_t blenmax = (8 * BUFSIZ); @@ -3146,6 +3177,7 @@ exit: return rc; } +/*@=boundswrite@*/ static struct FDIO_s fpio_s = { ufdRead, ufdWrite, fdSeek, ufdClose, XfdLink, XfdFree, XfdNew, fdFileno, diff --git a/rpmio/rpmio_internal.h b/rpmio/rpmio_internal.h index 9bb9b7362..34accaa65 100644 --- a/rpmio/rpmio_internal.h +++ b/rpmio/rpmio_internal.h @@ -1,6 +1,5 @@ #ifndef H_RPMIO_INTERNAL #define H_RPMIO_INTERNAL -/*@-bounds@*/ /** \ingroup rpmio * \file rpmio/rpmio_internal.h @@ -220,9 +219,11 @@ void fdSetIo(FD_t fd, /*@kept@*/ /*@null@*/ FDIO_t io) /*@modifies fd @*/ { FDSANE(fd); +/*@-boundswrite@*/ /*@-assignexpose@*/ fd->fps[fd->nfps].io = io; /*@=assignexpose@*/ +/*@=boundswrite@*/ } /*@=nullstate@*/ @@ -256,9 +257,11 @@ void fdSetFp(FD_t fd, /*@kept@*/ /*@null@*/ void * fp) /*@modifies fd @*/ { FDSANE(fd); +/*@-boundswrite@*/ /*@-assignexpose@*/ fd->fps[fd->nfps].fp = fp; /*@=assignexpose@*/ +/*@=boundswrite@*/ } /*@=nullstate@*/ @@ -279,7 +282,9 @@ void fdSetFdno(FD_t fd, int fdno) /*@modifies fd @*/ { FDSANE(fd); +/*@-boundswrite@*/ fd->fps[fd->nfps].fdno = fdno; +/*@=boundswrite@*/ } /** \ingroup rpmio @@ -326,7 +331,9 @@ void fdPush(FD_t fd, FDIO_t io, void * fp, int fdno) /*@modifies fd @*/ { if (fd == NULL || fd->stats == NULL) return; +/*@-boundswrite@*/ fd->stats->ops[opx].count++; +/*@=boundswrite@*/ (void) gettimeofday(&fd->stats->begin, NULL); } @@ -355,6 +362,7 @@ void fdstat_exit(/*@null@*/ FD_t fd, int opx, ssize_t rc) if (fd == NULL) return; if (rc == -1) fd->syserrno = errno; if (fd->stats == NULL) return; +/*@-boundswrite@*/ (void) gettimeofday(&end, NULL); if (rc >= 0) { switch(opx) { @@ -369,10 +377,12 @@ void fdstat_exit(/*@null@*/ FD_t fd, int opx, ssize_t rc) } fd->stats->ops[opx].msecs += tvsub(&end, &fd->stats->begin); fd->stats->begin = end; /* structure assignment */ +/*@=boundswrite@*/ } /** \ingroup rpmio */ +/*@-boundsread@*/ /*@unused@*/ static inline void fdstat_print(/*@null@*/ FD_t fd, const char * msg, FILE * fp) /*@globals fileSystem @*/ @@ -403,6 +413,7 @@ void fdstat_print(/*@null@*/ FD_t fd, const char * msg, FILE * fp) } } } +/*@=boundsread@*/ /** \ingroup rpmio */ @@ -516,10 +527,12 @@ void fdFiniDigest(FD_t fd, pgpHashAlgo hashalgo, fddig->hashctx = NULL; break; } +/*@-boundswrite@*/ if (i < 0) { if (datap) *datap = NULL; if (lenp) *lenp = 0; } +/*@=boundswrite@*/ fd->ndigests = imax; if (i < imax) @@ -551,5 +564,4 @@ int rpmioSlurp(const char * fn, } #endif -/*@=bounds@*/ #endif /* H_RPMIO_INTERNAL */ diff --git a/rpmio/rpmlog.c b/rpmio/rpmlog.c index 516b9cc7c..63b17cb99 100644 --- a/rpmio/rpmlog.c +++ b/rpmio/rpmlog.c @@ -162,6 +162,7 @@ static void vrpmlog (unsigned code, const char *fmt, va_list ap) if ((mask & rpmlogMask) == 0) return; +/*@-boundswrite@*/ msgbuf = xmalloc(msgnb); *msgbuf = '\0'; @@ -204,6 +205,7 @@ static void vrpmlog (unsigned code, const char *fmt, va_list ap) } } /*@=branchstate@*/ +/*@=boundswrite@*/ /* rpmMessage behavior */ diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c index bd710398d..6d422936b 100644 --- a/rpmio/rpmpgp.c +++ b/rpmio/rpmpgp.c @@ -315,6 +315,9 @@ const char * pgpMpiHex(const byte *p) return prbuf; } +/*@-boundswrite@*/ +/** + */ static void pgpHexSet(const char * pre, int lbits, /*@out@*/ mp32number * mpn, const byte * p) /*@globals fileSystem @*/ @@ -337,6 +340,7 @@ fprintf(stderr, "*** %s %s\n", pre, t); if (_debug && _print) fprintf(stderr, "\t %s ", pre), mp32println(stderr, mpn->size, mpn->data); } +/*@=boundswrite@*/ int pgpPrtSubType(const byte *h, unsigned int hlen) { @@ -887,6 +891,7 @@ int pgpPrtKey(pgpTag tag, const byte *h, unsigned int hlen) return rc; } +/*@-boundswrite@*/ int pgpPrtUserID(pgpTag tag, const byte *h, unsigned int hlen) { pgpPrtVal("", pgpTagTbl, tag); @@ -902,6 +907,7 @@ int pgpPrtUserID(pgpTag tag, const byte *h, unsigned int hlen) /*@=mods@*/ return 0; } +/*@=boundswrite@*/ int pgpPrtComment(pgpTag tag, const byte *h, unsigned int hlen) { @@ -1004,6 +1010,7 @@ struct pgpDig_s * pgpNewDig(void) return dig; } +/*@-boundswrite@*/ void pgpCleanDig(struct pgpDig_s * dig) { if (dig != NULL) { @@ -1037,6 +1044,7 @@ void pgpCleanDig(struct pgpDig_s * dig) return; /*@=nullstate@*/ } +/*@=boundswrite@*/ struct pgpDig_s * pgpFreeDig(/*@only@*/ /*@null@*/ struct pgpDig_s * dig) /*@modifies dig @*/ @@ -1109,6 +1117,7 @@ int pgpPrtPkts(const byte * pkts, unsigned int plen, return 0; } +/*@-boundswrite@*/ pgpArmor pgpReadPkts(const char * fn, const byte ** pkt, size_t * pktlen) { const byte * b = NULL; @@ -1231,3 +1240,4 @@ exit: *pktlen = blen; return ec; } +/*@=boundswrite@*/ diff --git a/rpmio/rpmpgp.h b/rpmio/rpmpgp.h index e330a3d4b..f4d410750 100644 --- a/rpmio/rpmpgp.h +++ b/rpmio/rpmpgp.h @@ -1,6 +1,5 @@ #ifndef H_RPMPGP #define H_RPMPGP -/*@-bounds@*/ /** \ingroup rpmio * \file rpmio/rpmpgp.h @@ -60,7 +59,7 @@ typedef enum pgpTag_e { PGPTAG_PRIVATE_60 = 60, /*!< Private or Experimental Values */ PGPTAG_COMMENT = 61, /*!< Comment */ PGPTAG_PRIVATE_62 = 62, /*!< Private or Experimental Values */ - PGPTAG_CONTROL = 63 /*!< Control (GPG) */ + PGPTAG_CONTROL = 63 /*!< Control (GPG) */ } pgpTag; /** @@ -170,7 +169,7 @@ typedef enum pgpPubkeyAlgo_e { PGPPUBKEYALGO_RSA = 1, /*!< RSA */ PGPPUBKEYALGO_RSA_ENCRYPT = 2, /*!< RSA(Encrypt-Only) */ PGPPUBKEYALGO_RSA_SIGN = 3, /*!< RSA(Sign-Only) */ - PGPPUBKEYALGO_ELGAMAL_ENCRYPT= 16, /*!< Elgamal(Encrypt-Only) */ + PGPPUBKEYALGO_ELGAMAL_ENCRYPT = 16, /*!< Elgamal(Encrypt-Only) */ PGPPUBKEYALGO_DSA = 17, /*!< DSA */ PGPPUBKEYALGO_EC = 18, /*!< Elliptic Curve */ PGPPUBKEYALGO_ECDSA = 19, /*!< ECDSA */ @@ -225,6 +224,7 @@ typedef enum pgpSymkeyAlgo_e { /*@=typeuse@*/ /** + * Symmetric key (string, value) pairs. */ /*@observer@*/ /*@unchecked@*/ /*@unused@*/ extern struct pgpValTbl_s pgpSymkeyTbl[]; @@ -253,6 +253,7 @@ typedef enum pgpCompressAlgo_e { /*@=typeuse@*/ /** + * Compression (string, value) pairs. */ /*@observer@*/ /*@unchecked@*/ /*@unused@*/ extern struct pgpValTbl_s pgpCompressionTbl[]; @@ -288,6 +289,7 @@ typedef enum pgpHashAlgo_e { } pgpHashAlgo; /** + * Hash (string, value) pairs. */ /*@observer@*/ /*@unchecked@*/ /*@unused@*/ extern struct pgpValTbl_s pgpHashTbl[]; @@ -457,6 +459,7 @@ typedef enum pgpSubType_e { /*@=typeuse@*/ /** + * Subtype (string, value) pairs. */ /*@observer@*/ /*@unchecked@*/ /*@unused@*/ extern struct pgpValTbl_s pgpSubTypeTbl[]; @@ -922,11 +925,12 @@ typedef enum pgpArmor_e { PGPARMOR_SIGNED_MESSAGE = 4, /*!< SIGNED MESSAGE */ PGPARMOR_FILE = 5, /*!< ARMORED FILE */ PGPARMOR_PRIVKEY = 6, /*!< PRIVATE KEY BLOCK */ - PGPARMOR_SECKEY = 7 /*!< SECRET KEY BLOCK */ + PGPARMOR_SECKEY = 7 /*!< SECRET KEY BLOCK */ } pgpArmor; /*@=typeuse@*/ /** + * Armor (string, value) pairs. */ /*@observer@*/ /*@unchecked@*/ /*@unused@*/ extern struct pgpValTbl_s pgpArmorTbl[]; @@ -944,11 +948,13 @@ typedef enum pgpArmorKey_e { /*@=typeuse@*/ /** + * Armor key (string, value) pairs. */ /*@observer@*/ /*@unchecked@*/ /*@unused@*/ extern struct pgpValTbl_s pgpArmorKeyTbl[]; /** + * Values parsed from OpenPGP signature/pubkey packet(s). */ struct pgpDigParams_s { /*@only@*/ /*@null@*/ @@ -958,9 +964,9 @@ struct pgpDigParams_s { const char * params[4]; byte tag; - byte version; /*!< version number. */ - byte time[4]; /*!< time that the key was created. */ - byte pubkey_algo; /*!< public key algorithm. */ + byte version; /*!< version number. */ + byte time[4]; /*!< time that the key was created. */ + byte pubkey_algo; /*!< public key algorithm. */ byte hash_algo; byte sigtype; @@ -974,6 +980,7 @@ struct pgpDigParams_s { }; /** + * Container for values parsed from an OpenPGP signature and public key. */ struct pgpDig_s { struct pgpDigParams_s signature; @@ -1018,6 +1025,10 @@ extern "C" { #endif /** + * Return (native-endian) integer from big-endian representation. + * @param s pointer to big-endian integer + * @param nbytes no. of bytes + * @return native-endian integer */ /*@unused@*/ static inline unsigned int pgpGrab(const byte *s, int nbytes) @@ -1025,17 +1036,24 @@ unsigned int pgpGrab(const byte *s, int nbytes) { unsigned int i = 0; int nb = (nbytes <= sizeof(i) ? nbytes : sizeof(i)); +/*@-boundsread@*/ while (nb--) i = (i << 8) | *s++; +/*@=boundsread@*/ return i; } /** + * Return length of an OpenPGP packet. + * @param s pointer to packet + * @retval *lenp no. of bytes in packet + * @return no. of bytes in length prefix */ /*@unused@*/ static inline int pgpLen(const byte *s, /*@out@*/ unsigned int *lenp) /*@modifies *lenp @*/ { +/*@-boundswrite@*/ if (*s < 192) { (*lenp) = *s++; return 1; @@ -1046,9 +1064,13 @@ int pgpLen(const byte *s, /*@out@*/ unsigned int *lenp) (*lenp) = pgpGrab(s+1, 4); return 5; } +/*@=boundswrite@*/ } /** + * Return no. of bits in a multiprecision integer. + * @param p pointer to multiprecision integer + * @return no. of bits */ /*@unused@*/ static inline unsigned int pgpMpiBits(const byte *p) @@ -1058,6 +1080,9 @@ unsigned int pgpMpiBits(const byte *p) } /** + * Return no. of bytes in a multiprecision integer. + * @param p pointer to multiprecision integer + * @return no. of bytes */ /*@unused@*/ static inline unsigned int pgpMpiLen(const byte *p) @@ -1067,12 +1092,18 @@ unsigned int pgpMpiLen(const byte *p) } /** + * Convert to hex. + * @param t target buffer (returned) + * @param s source bytes + * @param nbytes no. of bytes + * @return target buffer */ /*@unused@*/ static inline char * pgpHexCvt(/*@returned@*/ char *t, const byte *s, int nbytes) /*@modifies *t @*/ { static char hex[] = "0123456789abcdef"; +/*@-boundswrite@*/ while (nbytes-- > 0) { unsigned int i; i = *s++; @@ -1080,10 +1111,16 @@ char * pgpHexCvt(/*@returned@*/ char *t, const byte *s, int nbytes) *t++ = hex[ (i ) & 0xf ]; } *t = '\0'; +/*@=boundswrite@*/ return t; } /** + * Return hex formatted representation of bytes. + * @todo Remove static buffer. + * @param p bytes + * @param plen no. of bytes + * @return hex formatted string */ /*@unused@*/ static inline /*@observer@*/ char * pgpHexStr(const byte *p, unsigned int plen) @@ -1096,6 +1133,11 @@ char * pgpHexStr(const byte *p, unsigned int plen) } /** + * Return hex formatted representation of a multiprecision integer. + * @todo Remove static buffer. + * @param p bytes + * @param plen no. of bytes + * @return hex formatted string */ /*@unused@*/ static inline /*@observer@*/ const char * pgpMpiStr(const byte *p) @@ -1110,6 +1152,10 @@ const char * pgpMpiStr(const byte *p) } /** + * Return string representation of am OpenPGP value. + * @param vs table of (string,value) pairs + * @param val byte value to lookup + * @return string value of byte */ /*@unused@*/ static inline /*@observer@*/ const char * pgpValStr(pgpValTbl vs, byte val) @@ -1123,6 +1169,11 @@ const char * pgpValStr(pgpValTbl vs, byte val) } /** + * Return value of an OpenPGP string. + * @param vs table of (string,value) pairs + * @param s string token to lookup + * @param se end-of-string address + * @return byte value */ /*@unused@*/ static inline int pgpValTok(pgpValTbl vs, const char * s, const char * se) @@ -1138,42 +1189,73 @@ int pgpValTok(pgpValTbl vs, const char * s, const char * se) /*@-exportlocal@*/ /** + * Print an OpenPGP value. + * @param pre output prefix + * @param vs table of (string,value) pairs + * @param val byte value to print */ void pgpPrtVal(const char * pre, pgpValTbl vs, byte val) /*@globals fileSystem @*/ /*@modifies fileSystem @*/; /** + * Print/parse an OpenPGP subtype packet. + * @param h packet + * @param hlen packet length (no. of bytes) + * @return 0 on success */ int pgpPrtSubType(const byte *h, unsigned int hlen) /*@globals fileSystem @*/ /*@modifies fileSystem @*/; /** + * Print/parse an OpenPGP signature packet. + * @param tag packet tag + * @param h packet contents + * @param hlen packet length (no. of bytes) + * @return 0 on success */ int pgpPrtSig(pgpTag tag, const byte *h, unsigned int hlen) /*@globals fileSystem @*/ /*@modifies fileSystem @*/; /** + * Print/parse an OpenPGP key packet. + * @param tag packet tag + * @param h packet contents + * @param hlen packet length (no. of bytes) + * @return 0 on success */ int pgpPrtKey(pgpTag tag, const byte *h, unsigned int hlen) /*@globals fileSystem @*/ /*@modifies fileSystem @*/; /** + * Print/parse an OpenPGP userid packet. + * @param tag packet tag + * @param h packet contents + * @param hlen packet length (no. of bytes) + * @return 0 on success */ int pgpPrtUserID(pgpTag tag, const byte *h, unsigned int hlen) /*@globals fileSystem @*/ /*@modifies fileSystem @*/; /** + * Print/parse an OpenPGP comment packet. + * @param tag packet tag + * @param h packet contents + * @param hlen packet length (no. of bytes) + * @return 0 on success */ int pgpPrtComment(pgpTag tag, const byte *h, unsigned int hlen) /*@globals fileSystem @*/ /*@modifies fileSystem @*/; /** + * Print/parse a single OpenPGP packet. + * @param pkt OpenPGP packet + * @return -1 on error, otherwise packet length */ int pgpPrtPkt(const byte *pkt) /*@globals fileSystem @*/ @@ -1181,12 +1263,23 @@ int pgpPrtPkt(const byte *pkt) /*@=exportlocal@*/ /** + * Print/parse a OpenPGP packet(s). + * @param pkts OpenPGP packet(s) + * @param plen packet(s) length (no. of bytes) + * @retval dig parsed output of signature/pubkey packet parameters + * @param printing should packets be printed? + * @return -1 on error, 0 on success */ int pgpPrtPkts(const byte *pkts, unsigned int plen, struct pgpDig_s *dig, int printing) /*@globals fileSystem @*/ /*@modifies fileSystem @*/; /** + * Parse armored OpenPGP packets from a file. + * @param fn file name + * @retval pkt dearmored OpenPGP packet(s) + * @retval pktlen dearmored OpenPGP packet(s) length in bytes + * @return type of armor found */ pgpArmor pgpReadPkts(const char * fn, /*@out@*/ const byte ** pkt, /*@out@*/ size_t * pktlen) @@ -1194,29 +1287,41 @@ pgpArmor pgpReadPkts(const char * fn, /*@modifies *pkt, *pktlen, fileSystem @*/; /** + * Create a container for parsed OpenPGP packates. + * @return container */ /*@only@*/ struct pgpDig_s * pgpNewDig(void) /*@*/; /** + * Release (malloc'd) data from container. + * @param dig container */ void pgpCleanDig(/*@null@*/ struct pgpDig_s * dig) /*@modifies dig @*/; /** + * Destroy a container for parsed OpenPGP packates. + * @param dig container + * @return NULL always */ /*@only@*/ /*@null@*/ struct pgpDig_s * pgpFreeDig(/*@only@*/ /*@null@*/ struct pgpDig_s * dig) /*@modifies *dig @*/; /** + * Is buffer at beginning of an OpenPGP packet? + * @param p buffer + * @param 1 if an OpenPGP packet, 0 otherwise */ /*@unused@*/ static inline int pgpIsPkt(const byte * p) /*@*/ { +/*@-boundsread@*/ unsigned int val = *p++; +/*@=boundsread@*/ pgpTag tag; int rc; @@ -1267,6 +1372,10 @@ int pgpIsPkt(const byte * p) #define CRC24_POLY 0x1864cfb /** + * Return CRC of a buffer. + * @param octets bytes + * @param len no. of bytes + * @return crc of buffer */ /*@unused@*/ static inline uint32 pgpCRC(const byte *octets, size_t len) @@ -1276,7 +1385,9 @@ uint32 pgpCRC(const byte *octets, size_t len) int i; while (len--) { +/*@-boundsread@*/ crc ^= (*octets++) << 16; +/*@=boundsread@*/ for (i = 0; i < 8; i++) { crc <<= 1; if (crc & 0x1000000) @@ -1291,5 +1402,4 @@ uint32 pgpCRC(const byte *octets, size_t len) #endif /*@=fcnuse@*/ -/*@=bounds@*/ #endif /* H_RPMPGP */ diff --git a/rpmio/rpmrpc.c b/rpmio/rpmrpc.c index 02e6109a2..939d061bd 100644 --- a/rpmio/rpmrpc.c +++ b/rpmio/rpmrpc.c @@ -273,6 +273,7 @@ static char *columns [MAXCOLS]; /* Points to the string in column n */ /*@unchecked@*/ static int column_ptr [MAXCOLS]; /* Index from 0 to the starting positions of the columns */ +/*@-boundswrite@*/ static int vfs_split_text (char *p) /*@globals columns, column_ptr @*/ @@ -294,6 +295,7 @@ vfs_split_text (char *p) } return numcols; } +/*@=boundswrite@*/ static int is_num (int idx) @@ -478,6 +480,7 @@ static int vfs_parse_filemode (const char *p) return res; } +/*@-boundswrite@*/ static int vfs_parse_filedate(int idx, /*@out@*/ time_t *t) /*@modifies *t @*/ { /* This thing parses from idx in columns[] array */ @@ -585,7 +588,9 @@ static int vfs_parse_filedate(int idx, /*@out@*/ time_t *t) *t = 0; return idx; } +/*@=boundswrite@*/ +/*@-boundswrite@*/ static int vfs_parse_ls_lga (char * p, /*@out@*/ struct stat * st, /*@out@*/ const char ** filename, @@ -789,6 +794,7 @@ error: g_free (p_copy); return 0; } +/*@=boundswrite@*/ typedef enum { DO_FTP_STAT = 1, @@ -810,6 +816,7 @@ static /*@only@*/ char * ftpBuf = NULL; #define alloca_strdup(_s) strcpy(alloca(strlen(_s)+1), (_s)) +/*@-boundswrite@*/ /*@-mods@*/ static int ftpNLST(const char * url, ftpSysCall_t ftpSysCall, /*@out@*/ /*@null@*/ struct stat * st, @@ -1000,6 +1007,7 @@ exit: return rc; } /*@=mods@*/ +/*@=boundswrite@*/ static const char * statstr(const struct stat * st, /*@returned@*/ /*@out@*/ char * buf) @@ -1082,6 +1090,7 @@ struct __dirstream { static int ftpmagicdir = 0x8440291; #define ISFTPMAGIC(_dir) (!memcmp((_dir), &ftpmagicdir, sizeof(ftpmagicdir))) +/*@-boundswrite@*/ /*@-type@*/ /* FIX: abstract DIR */ /*@null@*/ static DIR * ftpOpendir(const char * path) @@ -1216,6 +1225,7 @@ fprintf(stderr, "*** ftpOpendir(%s)\n", path); return dir; } +/*@=boundswrite@*/ /*@null@*/ static struct dirent * ftpReaddir(DIR * dir) diff --git a/rpmio/ugid.c b/rpmio/ugid.c index 4126f4268..697574a27 100644 --- a/rpmio/ugid.c +++ b/rpmio/ugid.c @@ -26,7 +26,9 @@ int unameToUid(const char * thisUname, uid_t * uid) lastUnameLen = 0; return -1; } else if (strcmp(thisUname, "root") == 0) { +/*@-boundswrite@*/ *uid = 0; +/*@=boundswrite@*/ return 0; } @@ -38,7 +40,9 @@ int unameToUid(const char * thisUname, uid_t * uid) lastUnameAlloced = thisUnameLen + 10; lastUname = xrealloc(lastUname, lastUnameAlloced); /* XXX memory leak */ } +/*@-boundswrite@*/ strcpy(lastUname, thisUname); +/*@=boundswrite@*/ pwent = getpwnam(thisUname); if (pwent == NULL) { @@ -52,7 +56,9 @@ int unameToUid(const char * thisUname, uid_t * uid) lastUid = pwent->pw_uid; } +/*@-boundswrite@*/ *uid = lastUid; +/*@=boundswrite@*/ return 0; } @@ -70,7 +76,9 @@ int gnameToGid(const char * thisGname, gid_t * gid) lastGnameLen = 0; return -1; } else if (strcmp(thisGname, "root") == 0) { +/*@-boundswrite@*/ *gid = 0; +/*@=boundswrite@*/ return 0; } @@ -82,7 +90,9 @@ int gnameToGid(const char * thisGname, gid_t * gid) lastGnameAlloced = thisGnameLen + 10; lastGname = xrealloc(lastGname, lastGnameAlloced); /* XXX memory leak */ } +/*@-boundswrite@*/ strcpy(lastGname, thisGname); +/*@=boundswrite@*/ grent = getgrnam(thisGname); if (grent == NULL) { @@ -95,7 +105,9 @@ int gnameToGid(const char * thisGname, gid_t * gid) lastGid = grent->gr_gid; } +/*@-boundswrite@*/ *gid = lastGid; +/*@=boundswrite@*/ return 0; } @@ -125,7 +137,9 @@ char * uidToUname(uid_t uid) lastUnameLen = len + 20; lastUname = xrealloc(lastUname, lastUnameLen); } +/*@-boundswrite@*/ strcpy(lastUname, pwent->pw_name); +/*@=boundswrite@*/ return lastUname; } @@ -156,7 +170,9 @@ char * gidToGname(gid_t gid) lastGnameLen = len + 20; lastGname = xrealloc(lastGname, lastGnameLen); } +/*@-boundswrite@*/ strcpy(lastGname, grent->gr_name); +/*@=boundswrite@*/ return lastGname; } diff --git a/rpmio/url.c b/rpmio/url.c index dddeb93da..2a39b8665 100644 --- a/rpmio/url.c +++ b/rpmio/url.c @@ -158,6 +158,7 @@ URLDBGREFS(0, (stderr, "--> url %p -- %d %s at %s:%u\n", u, u->nrefs, msg, file, return NULL; } +/*@-boundswrite@*/ void urlFreeCache(void) { if (_url_cache) { @@ -176,6 +177,7 @@ void urlFreeCache(void) _url_cache = _free(_url_cache); _url_count = 0; } +/*@=boundswrite@*/ static int urlStrcmp(/*@null@*/ const char * str1, /*@null@*/ const char * str2) /*@*/ @@ -188,12 +190,11 @@ static int urlStrcmp(/*@null@*/ const char * str1, /*@null@*/ const char * str2) return 0; } +/*@-boundswrite@*/ /*@-mods@*/ static void urlFind(/*@null@*/ /*@in@*/ /*@out@*/ urlinfo * uret, int mustAsk) - /*@globals rpmGlobalMacroContext, - fileSystem@*/ - /*@modifies *uret, rpmGlobalMacroContext, - fileSystem @*/ + /*@globals rpmGlobalMacroContext, fileSystem@*/ + /*@modifies *uret, rpmGlobalMacroContext, fileSystem @*/ { urlinfo u; int ucx; @@ -328,6 +329,7 @@ static void urlFind(/*@null@*/ /*@in@*/ /*@out@*/ urlinfo * uret, int mustAsk) return; } /*@=mods@*/ +/*@=boundswrite@*/ /** */ @@ -359,6 +361,7 @@ urltype urlIsURL(const char * url) return URL_IS_UNKNOWN; } +/*@-boundswrite@*/ /* Return path portion of url (or pointer to NUL if url == NULL) */ urltype urlPath(const char * url, const char ** pathp) { @@ -394,11 +397,13 @@ urltype urlPath(const char * url, const char ** pathp) /*@=observertrans@*/ return urltype; } +/*@=boundswrite@*/ /* * Split URL into components. The URL can look like * service://user:password@host:port/path */ +/*@-boundswrite@*/ /*@-modfilesys@*/ int urlSplit(const char * url, urlinfo *uret) { @@ -495,6 +500,7 @@ int urlSplit(const char * url, urlinfo *uret) return 0; } /*@=modfilesys@*/ +/*@=boundswrite@*/ int urlGetFile(const char * url, const char * dest) { |