Pi-Hole/dnsmasq
1
0
Fork 0
mirror of https://github.com/pi-hole/dnsmasq.git synced 2025-12-19 10:18:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix few coverity warnings in lease-tools

Browse Source 
Error: UNINIT (CWE-457): [#def2]
dnsmasq-2.86test7/contrib/lease-tools/dhcp_release.c:265: var_decl: Declaring variable "ifr" without initializer.
dnsmasq-2.86test7/contrib/lease-tools/dhcp_release.c:285: uninit_use_in_call: Using uninitialized value "ifr". Field "ifr.ifr_ifru" is uninitialized when calling "setsockopt".
 #  283|     strncpy(ifr.ifr_name, argv[1], sizeof(ifr.ifr_name)-1);
 #  284|     ifr.ifr_name[sizeof(ifr.ifr_name)-1] = '\0';
 #  285|->   if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, &ifr, sizeof(ifr)) == -1)
 #  286|       {
 #  287|         perror("cannot setup interface");

Error: CHECKED_RETURN (CWE-252): [#def3]
dnsmasq-2.86test7/contrib/lease-tools/dhcp_release6.c:346: check_return: Calling "inet_pton" without checking return value (as is done elsewhere 61 out of 72 times).
dnsmasq-2.86test7/contrib/lease-tools/dhcp_release6.c:188: example_assign: Example 1: Assigning: "s" = return value from "inet_pton(10, ip, &result.ip)".
dnsmasq-2.86test7/contrib/lease-tools/dhcp_release6.c:189: example_checked: Example 1 (cont.): "s" has its value checked in "s <= 0".
dnsmasq-2.86test7/src/cache.c:1108: example_checked: Example 2: "inet_pton(10, token, &addr)" has its value checked in "inet_pton(10, token, &addr) > 0".
dnsmasq-2.86test7/src/dbus.c:525: example_checked: Example 3: "inet_pton(2, ipaddr, &addr.addr4)" has its value checked in "inet_pton(2, ipaddr, &addr.addr4)".
dnsmasq-2.86test7/src/domain.c:138: example_checked: Example 4: "inet_pton(prot, tail, addr)" has its value checked in "inet_pton(prot, tail, addr)".
dnsmasq-2.86test7/src/lease.c:81: example_checked: Example 5: "inet_pton(10, dnsmasq_daemon->namebuff, &addr.addr6)" has its value checked in "inet_pton(10, dnsmasq_daemon->namebuff, &addr.addr6)".
 #  344|       client_addr.sin6_flowinfo = 0;
 #  345|       client_addr.sin6_scope_id =0;
 #  346|->     inet_pton(AF_INET6, "::", &client_addr.sin6_addr);
 #  347|       bind(sock, (struct sockaddr*)&client_addr, sizeof(struct sockaddr_in6));
 #  348|       inet_pton(AF_INET6, DHCP6_MULTICAST_ADDRESS, &server_addr.sin6_addr);

Error: CHECKED_RETURN (CWE-252): [#def4]
dnsmasq-2.86test7/contrib/lease-tools/dhcp_release6.c:347: check_return: Calling "bind(sock, (struct sockaddr *)&client_addr, 28U)" without checking return value. This library function may fail and return an error code.
 #  345|       client_addr.sin6_scope_id =0;
 #  346|       inet_pton(AF_INET6, "::", &client_addr.sin6_addr);
 #  347|->     bind(sock, (struct sockaddr*)&client_addr, sizeof(struct sockaddr_in6));
 #  348|       inet_pton(AF_INET6, DHCP6_MULTICAST_ADDRESS, &server_addr.sin6_addr);
 #  349|       server_addr.sin6_port = htons(DHCP6_SERVER_PORT);

Error: CHECKED_RETURN (CWE-252): [#def5]
dnsmasq-2.86test7/contrib/lease-tools/dhcp_release6.c:348: check_return: Calling "inet_pton" without checking return value (as is done elsewhere 61 out of 72 times).
dnsmasq-2.86test7/contrib/lease-tools/dhcp_release6.c:188: example_assign: Example 1: Assigning: "s" = return value from "inet_pton(10, ip, &result.ip)".
dnsmasq-2.86test7/contrib/lease-tools/dhcp_release6.c:189: example_checked: Example 1 (cont.): "s" has its value checked in "s <= 0".
dnsmasq-2.86test7/src/cache.c:1108: example_checked: Example 2: "inet_pton(10, token, &addr)" has its value checked in "inet_pton(10, token, &addr) > 0".
dnsmasq-2.86test7/src/dbus.c:525: example_checked: Example 3: "inet_pton(2, ipaddr, &addr.addr4)" has its value checked in "inet_pton(2, ipaddr, &addr.addr4)".
dnsmasq-2.86test7/src/domain.c:138: example_checked: Example 4: "inet_pton(prot, tail, addr)" has its value checked in "inet_pton(prot, tail, addr)".
dnsmasq-2.86test7/src/lease.c:81: example_checked: Example 5: "inet_pton(10, dnsmasq_daemon->namebuff, &addr.addr6)" has its value checked in "inet_pton(10, dnsmasq_daemon->namebuff, &addr.addr6)".
 #  346|       inet_pton(AF_INET6, "::", &client_addr.sin6_addr);
 #  347|       bind(sock, (struct sockaddr*)&client_addr, sizeof(struct sockaddr_in6));
 #  348|->     inet_pton(AF_INET6, DHCP6_MULTICAST_ADDRESS, &server_addr.sin6_addr);
 #  349|       server_addr.sin6_port = htons(DHCP6_SERVER_PORT);
 #  350|       int16_t recv_size = 0;

Error: NEGATIVE_RETURNS (CWE-394): [#def6]
dnsmasq-2.86test7/contrib/lease-tools/dhcp_release6.c:360: var_tested_neg: Variable "recv_size" tests negative.
dnsmasq-2.86test7/contrib/lease-tools/dhcp_release6.c:373: negative_returns: "recv_size" is passed to a parameter that cannot be negative.
 #  371|   	  }
 #  372|
 #  373|->         int16_t result = parse_packet(response, recv_size);
 #  374|           if (result == NOT_REPLY_CODE)
 #  375|   	  {
This commit is contained in:
Petr Menšík
2021-09-03 16:32:05 +02:00
committed by Simon Kelley
parent e52b4b1466
commit 9881b0736d
2 changed files with 24 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
contrib/lease-tools/dhcp_release.c
View File

@@ -280,6 +280,7 @@ int main(int argc, char **argv)
/* This voodoo fakes up a packet coming from the correct interface, which really matters for /* This voodoo fakes up a packet coming from the correct interface, which really matters for
a DHCP server */ a DHCP server */
memset(&ifr, 0, sizeof(ifr));
strncpy(ifr.ifr_name, argv[1], sizeof(ifr.ifr_name)-1); strncpy(ifr.ifr_name, argv[1], sizeof(ifr.ifr_name)-1);
ifr.ifr_name[sizeof(ifr.ifr_name)-1] = '\0'; ifr.ifr_name[sizeof(ifr.ifr_name)-1] = '\0';
if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, &ifr, sizeof(ifr)) == -1) if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, &ifr, sizeof(ifr)) == -1)

37
contrib/lease-tools/dhcp_release6.c
View File

@@ -318,6 +318,12 @@ void usage(const char* arg, FILE* stream)
fprintf (stream, "Usage: %s %s\n", arg, usage_string); fprintf (stream, "Usage: %s %s\n", arg, usage_string);
} }
static void fail_fatal(const char *errstr, int exitcode)
{
perror(errstr);
exit(exitcode);
}
int send_release_packet(const char* iface, struct dhcp6_packet* packet) int send_release_packet(const char* iface, struct dhcp6_packet* packet)
{ {
struct sockaddr_in6 server_addr, client_addr; struct sockaddr_in6 server_addr, client_addr;
@@ -343,18 +349,19 @@ int send_release_packet(const char* iface, struct dhcp6_packet* packet)
client_addr.sin6_port = htons(DHCP6_CLIENT_PORT); client_addr.sin6_port = htons(DHCP6_CLIENT_PORT);
client_addr.sin6_flowinfo = 0; client_addr.sin6_flowinfo = 0;
client_addr.sin6_scope_id =0; client_addr.sin6_scope_id =0;
inet_pton(AF_INET6, "::", &client_addr.sin6_addr); if (inet_pton(AF_INET6, "::", &client_addr.sin6_addr) <= 0)
bind(sock, (struct sockaddr*)&client_addr, sizeof(struct sockaddr_in6)); fail_fatal("inet_pton", 5);
inet_pton(AF_INET6, DHCP6_MULTICAST_ADDRESS, &server_addr.sin6_addr); if (bind(sock, (struct sockaddr*)&client_addr, sizeof(struct sockaddr_in6)) != 0)
perror("bind"); /* continue on bind error */
if (inet_pton(AF_INET6, DHCP6_MULTICAST_ADDRESS, &server_addr.sin6_addr) <= 0)
fail_fatal("inet_pton", 5);
server_addr.sin6_port = htons(DHCP6_SERVER_PORT); server_addr.sin6_port = htons(DHCP6_SERVER_PORT);
int16_t recv_size = 0; ssize_t recv_size = 0;
int result;
for (i = 0; i < 5; i++) for (i = 0; i < 5; i++)
{ {
if (sendto(sock, packet->buf, packet->len, 0, (struct sockaddr *)&server_addr, sizeof(server_addr)) < 0) if (sendto(sock, packet->buf, packet->len, 0, (struct sockaddr *)&server_addr, sizeof(server_addr)) < 0)
{ fail_fatal("sendto failed", 4);
perror("sendto failed");
exit(4);
}
recv_size = recvfrom(sock, response, sizeof(response), MSG_DONTWAIT, NULL, 0); recv_size = recvfrom(sock, response, sizeof(response), MSG_DONTWAIT, NULL, 0);
if (recv_size == -1) if (recv_size == -1)
@@ -367,16 +374,18 @@ int send_release_packet(const char* iface, struct dhcp6_packet* packet)
else else
{ {
perror("recvfrom"); perror("recvfrom");
result = UNSPEC_FAIL;
} }
} }
else
int16_t result = parse_packet(response, recv_size);
if (result == NOT_REPLY_CODE)
{ {
sleep(1); result = parse_packet(response, recv_size);
continue; if (result == NOT_REPLY_CODE)
{
sleep(1);
continue;
}
} }
close(sock); close(sock);
return result; return result;
} }