Tidying: coverity issues

author: Jeremy Harris <jgh146exb@wizmail.org> 2016-10-16 16:34:18 +0100
committer: Jeremy Harris <jgh146exb@wizmail.org> 2016-10-16 16:34:18 +0100
commit: f267271de69d5c6c090e16ebd64041b50a844852 (patch)
tree: 6ac497aed6a88a02e667768c4b39991b47ad04ac /src
parent: b47584259a53dcd166b923520a3ba7d8df0eb5bc (diff)
6 files changed, 32 insertions, 39 deletions
diff --git a/src/src/expand.c b/src/src/expand.c
index a7edaae47..cfde23610 100644
--- a/src/src/expand.c
+++ b/src/src/expand.c
@@ -4112,7 +4112,7 @@ while (*s != 0)
         save_expand_strings(save_expand_nstring, save_expand_nlength);
 
       while (isspace(*s)) s++;
-      next_s = eval_condition(s, &resetok, skipping? NULL : &cond);
+      next_s = eval_condition(s, &resetok, skipping ? NULL : &cond);
       if (next_s == NULL) goto EXPAND_FAILED;  /* message already set */
 
       DEBUG(D_expand)
@@ -4176,11 +4176,13 @@ while (*s != 0)
 	goto EXPAND_FAILED;
 	}
 
-      if (!(encoded = imap_utf7_encode(sub_arg[0], headers_charset,
-			  sub_arg[1][0], sub_arg[2], &expand_string_message)))
-	goto EXPAND_FAILED;
       if (!skipping)
+	{
+	if (!(encoded = imap_utf7_encode(sub_arg[0], headers_charset,
+			    sub_arg[1][0], sub_arg[2], &expand_string_message)))
+	  goto EXPAND_FAILED;
 	yield = string_cat(yield, &size, &ptr, encoded);
+	}
       continue;
       }
 #endif
@@ -4658,7 +4660,6 @@ while (*s != 0)
         prvscheck_keynum = NULL;
         }
       else
-        {
         /* Does not look like a prvs encoded address, return the empty string.
            We need to make sure all subs are expanded first, so as to skip over
            the entire item. */
@@ -4669,7 +4670,6 @@ while (*s != 0)
           case 2:
           case 3: goto EXPAND_FAILED;
           }
-        }
 
       continue;
       }
diff --git a/src/src/imap_utf7.c b/src/src/imap_utf7.c
index 267d600c3..0c3d5a20d 100644
--- a/src/src/imap_utf7.c
+++ b/src/src/imap_utf7.c
@@ -165,7 +165,6 @@ while (slen > 0)
     else
       {
       *error = string_sprintf("imapfolder: illegal character '%c'", s[1]);
-      if (yield) store_reset(yield);
       return NULL;
       }
 
diff --git a/src/src/queue.c b/src/src/queue.c
index 551c32dd1..e7ae019d2 100644
--- a/src/src/queue.c
+++ b/src/src/queue.c
@@ -685,8 +685,9 @@ for (i  = (queue_run_in_order? -1 : 0);
     the mere fact that read() unblocks is enough. */
 
     set_process_info("running queue: waiting for children of %d", pid);
-    if (read(pfd[pipe_read], buffer, sizeof(buffer)) > 0)
-      log_write(0, LOG_MAIN|LOG_PANIC, "queue run: unexpected data on pipe");
+    if ((status = read(pfd[pipe_read], buffer, sizeof(buffer))) != 0)
+      log_write(0, LOG_MAIN|LOG_PANIC, "queue run: %s on pipe",
+		status > 0 ? "unexpected data" : "error");
     (void)close(pfd[pipe_read]);
     set_process_info("running queue");
 
@@ -707,18 +708,15 @@ for (i  = (queue_run_in_order? -1 : 0);
 
   if (i == 0 && subcount > 1 && !queue_run_in_order)
     {
-    int j;
+    int j, r;
     for (j = 1; j <= subcount; j++)
-      {
-      int r = random_number(100);
-      if (r >= 50)
+      if ((r = random_number(100)) >= 50)
         {
         int k = (r % subcount) + 1;
         int x = subdirs[j];
         subdirs[j] = subdirs[k];
         subdirs[k] = x;
         }
-      }
     }
   }                                    /* End loop for multiple directories */
 
diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c
index f534d1ca7..17dd78cd8 100644
--- a/src/src/smtp_in.c
+++ b/src/src/smtp_in.c
@@ -761,10 +761,10 @@ Arguments: fd     - File descriptor for input
 Returns:   none
 */
 static void
-restore_socket_timeout(int fd, int get_ok, struct timeval tvtmp, socklen_t vslen)
+restore_socket_timeout(int fd, int get_ok, struct timeval * tvtmp, socklen_t vslen)
 {
 if (get_ok == 0)
-  setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, (char *)&tvtmp, vslen);
+  (void) setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, CS tvtmp, vslen);
 }
 
 /*************************************************
@@ -805,7 +805,7 @@ so exit with an error if do not find the exact required pieces. This
 includes an incorrect number of spaces separating args.
 
 Arguments: none
-Returns:   int
+Returns:   Boolean success
 */
 
 static BOOL
@@ -849,27 +849,23 @@ char tmpip6[INET6_ADDRSTRLEN];
 struct sockaddr_in6 tmpaddr6;
 
 int get_ok = 0;
-int size, ret, fd;
+int size, ret;
+int fd = fileno(smtp_in);
 const char v2sig[12] = "\x0D\x0A\x0D\x0A\x00\x0D\x0A\x51\x55\x49\x54\x0A";
 uschar *iptype;  /* To display debug info */
 struct timeval tv;
-socklen_t vslen = 0;
 struct timeval tvtmp;
-
-vslen = sizeof(struct timeval);
-
-fd = fileno(smtp_in);
+socklen_t vslen = sizeof(struct timeval);
 
 /* Save current socket timeout values */
-get_ok = getsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, (char *)&tvtmp,
-                    &vslen);
+get_ok = getsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, CS &tvtmp, &vslen);
 
 /* Proxy Protocol host must send header within a short time
 (default 3 seconds) or it's considered invalid */
 tv.tv_sec  = PROXY_NEGOTIATION_TIMEOUT_SEC;
 tv.tv_usec = PROXY_NEGOTIATION_TIMEOUT_USEC;
-setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, (char *)&tv,
-           sizeof(struct timeval));
+if (setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, CS &tv, sizeof(tv)) < 0)
+  return FALSE;
 
 do
   {
@@ -880,10 +876,7 @@ do
   while (ret == -1 && errno == EINTR);
 
 if (ret == -1)
-  {
-  restore_socket_timeout(fd, get_ok, tvtmp, vslen);
-  return (errno == EAGAIN) ? 0 : ERRNO_PROXYFAIL;
-  }
+  goto proxyfail;
 
 if (ret >= 16 &&
     memcmp(&hdr.v2, v2sig, 12) == 0)
@@ -923,7 +916,7 @@ if (ret >= 16 &&
           if (!string_is_ip_address(US tmpip,NULL))
             {
             DEBUG(D_receive) debug_printf("Invalid %s source IP\n", iptype);
-            return ERRNO_PROXYFAIL;
+            goto proxyfail;
             }
           proxy_local_address = sender_host_address;
           sender_host_address = string_copy(US tmpip);
@@ -936,7 +929,7 @@ if (ret >= 16 &&
           if (!string_is_ip_address(US tmpip,NULL))
             {
             DEBUG(D_receive) debug_printf("Invalid %s dest port\n", iptype);
-            return ERRNO_PROXYFAIL;
+            goto proxyfail;
             }
           proxy_external_address = string_copy(US tmpip);
           tmpport              = ntohs(hdr.v2.addr.ip4.dst_port);
@@ -949,7 +942,7 @@ if (ret >= 16 &&
           if (!string_is_ip_address(US tmpip6,NULL))
             {
             DEBUG(D_receive) debug_printf("Invalid %s source IP\n", iptype);
-            return ERRNO_PROXYFAIL;
+            goto proxyfail;
             }
           proxy_local_address = sender_host_address;
           sender_host_address = string_copy(US tmpip6);
@@ -962,7 +955,7 @@ if (ret >= 16 &&
           if (!string_is_ip_address(US tmpip6,NULL))
             {
             DEBUG(D_receive) debug_printf("Invalid %s dest port\n", iptype);
-            return ERRNO_PROXYFAIL;
+            goto proxyfail;
             }
           proxy_external_address = string_copy(US tmpip6);
           tmpport              = ntohs(hdr.v2.addr.ip6.dst_port);
@@ -1103,13 +1096,13 @@ else
   }
 
 proxyfail:
-restore_socket_timeout(fd, get_ok, tvtmp, vslen);
+restore_socket_timeout(fd, get_ok, &tvtmp, vslen);
 /* Don't flush any potential buffer contents. Any input should cause a
    synchronization failure */
 return FALSE;
 
 done:
-restore_socket_timeout(fd, get_ok, tvtmp, vslen);
+restore_socket_timeout(fd, get_ok, &tvtmp, vslen);
 DEBUG(D_receive)
   debug_printf("Valid %s sender from Proxy Protocol header\n", iptype);
 return proxy_session;
@@ -2473,7 +2466,7 @@ if (smtp_batched_input) return TRUE;
 proxy_session = FALSE;
 proxy_session_failed = FALSE;
 if (check_proxy_protocol_host())
-  if (setup_proxy_protocol_host() == FALSE)
+  if (!setup_proxy_protocol_host())
     {
     proxy_session_failed = TRUE;
     DEBUG(D_receive)
diff --git a/src/src/spool_in.c b/src/src/spool_in.c
index 3592fa7b6..1dcae49bd 100644
--- a/src/src/spool_in.c
+++ b/src/src/spool_in.c
@@ -490,6 +490,7 @@ for (;;)
       tree_node * node;
       if (  sscanf(CS big_buffer + 5, "%u %u", &index, &count) != 2
 	 || index >= 20
+	 || count > 16384	/* arbitrary limit on variable size */
          )
         goto SPOOL_FORMAT_ERROR;
       if (index < 10)
@@ -498,6 +499,8 @@ for (;;)
         (void) string_format(name, sizeof(name), "%c%u", 'm', index - 10);
       node = acl_var_create(name);
       node->data.ptr = store_get(count + 1);
+      /* We sanity-checked the count, so disable the Coverity error */
+      /* coverity[tainted_data] */
       if (fread(node->data.ptr, 1, count+1, f) < count) goto SPOOL_READ_ERROR;
       (US node->data.ptr)[count] = '\0';
       }
diff --git a/src/src/string.c b/src/src/string.c
index b59ed668f..be1a1d7a4 100644
--- a/src/src/string.c
+++ b/src/src/string.c
@@ -1141,7 +1141,7 @@ common use is a null string and zero size and pointer, on first use for a
 string being built. The "if" above then allocates, but Coverity assume that
 the "if" might not happen and whines for a null-deref done by the memcpy(). */
 
-/* coverity[deref_parm_field_in_call] */
+/* coverity[deref_parm_field_in_call] : FALSE */
 memcpy(string + p, s, count);
 *ptr = p + count;
 return string;
author	Jeremy Harris <jgh146exb@wizmail.org>	2016-10-16 16:34:18 +0100
committer	Jeremy Harris <jgh146exb@wizmail.org>	2016-10-16 16:34:18 +0100
commit	f267271de69d5c6c090e16ebd64041b50a844852 (patch)
tree	6ac497aed6a88a02e667768c4b39991b47ad04ac /src
parent	b47584259a53dcd166b923520a3ba7d8df0eb5bc (diff)