]> git.ipfire.org Git - people/arne_f/ipfire-3.x.git/blame - openssh/patches/openssh-6.1p1-coverity.patch
projects / people / arne_f / ipfire-3.x.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
openssh: Update to 6.1p1.
[people/arne_f/ipfire-3.x.git] / openssh / patches / openssh-6.1p1-coverity.patch
CommitLineData
43c69e28
SS		 1diff -up openssh-6.1p1/auth-pam.c.coverity openssh-6.1p1/auth-pam.c
2--- openssh-6.1p1/auth-pam.c.coverity 2009-07-12 14:07:21.000000000 +0200
3+++ openssh-6.1p1/auth-pam.c 2012-09-14 21:16:41.264906486 +0200
9d8fd3ad
SS		 4@@ -216,7 +216,12 @@ pthread_join(sp_pthread_t thread, void *
5 if (sshpam_thread_status != -1)
6 return (sshpam_thread_status);
7 signal(SIGCHLD, sshpam_oldsig);
8- waitpid(thread, &status, 0);
9+ while (waitpid(thread, &status, 0) < 0) {
10+ if (errno == EINTR)
11+ continue;
12+ fatal("%s: waitpid: %s", __func__,
13+ strerror(errno));
14+ }
15 return (status);
16 }
17 #endif
43c69e28
SS		 18diff -up openssh-6.1p1/clientloop.c.coverity openssh-6.1p1/clientloop.c
19--- openssh-6.1p1/clientloop.c.coverity 2012-06-20 14:31:27.000000000 +0200
20+++ openssh-6.1p1/clientloop.c 2012-09-14 21:16:41.267906501 +0200
21@@ -2006,14 +2006,15 @@ client_input_global_request(int type, u_
22 char *rtype;
23 int want_reply;
24 int success = 0;
25+/* success is still 0 the packet is allways SSH2_MSG_REQUEST_FAILURE, isn't it? */
26
27 rtype = packet_get_string(NULL);
28 want_reply = packet_get_char();
29 debug("client_input_global_request: rtype %s want_reply %d",
30 rtype, want_reply);
31 if (want_reply) {
32- packet_start(success ?
33- SSH2_MSG_REQUEST_SUCCESS : SSH2_MSG_REQUEST_FAILURE);
34+ packet_start(/*success ?
35+ SSH2_MSG_REQUEST_SUCCESS :*/ SSH2_MSG_REQUEST_FAILURE);
36 packet_send();
37 packet_write_wait();
38 }
39diff -up openssh-6.1p1/channels.c.coverity openssh-6.1p1/channels.c
40--- openssh-6.1p1/channels.c.coverity 2012-04-23 10:21:05.000000000 +0200
41+++ openssh-6.1p1/channels.c 2012-09-14 21:16:41.272906528 +0200
42@@ -232,11 +232,11 @@ channel_register_fds(Channel *c, int rfd
9d8fd3ad
SS		 43 channel_max_fd = MAX(channel_max_fd, wfd);
44 channel_max_fd = MAX(channel_max_fd, efd);
45
46- if (rfd != -1)
47+ if (rfd >= 0)
48 fcntl(rfd, F_SETFD, FD_CLOEXEC);
49- if (wfd != -1 && wfd != rfd)
50+ if (wfd >= 0 && wfd != rfd)
51 fcntl(wfd, F_SETFD, FD_CLOEXEC);
52- if (efd != -1 && efd != rfd && efd != wfd)
53+ if (efd >= 0 && efd != rfd && efd != wfd)
54 fcntl(efd, F_SETFD, FD_CLOEXEC);
55
56 c->rfd = rfd;
43c69e28 57@@ -251,11 +251,11 @@ channel_register_fds(Channel *c, int rfd
9d8fd3ad
SS		 58
59 /* enable nonblocking mode */
60 if (nonblock) {
61- if (rfd != -1)
62+ if (rfd >= 0)
63 set_nonblock(rfd);
64- if (wfd != -1)
65+ if (wfd >= 0)
66 set_nonblock(wfd);
67- if (efd != -1)
68+ if (efd >= 0)
69 set_nonblock(efd);
70 }
71 }
43c69e28
SS		 72diff -up openssh-6.1p1/key.c.coverity openssh-6.1p1/key.c
73--- openssh-6.1p1/key.c.coverity 2012-06-30 12:05:02.000000000 +0200
74+++ openssh-6.1p1/key.c 2012-09-14 21:16:41.274906537 +0200
75@@ -808,8 +808,10 @@ key_read(Key *ret, char **cpp)
9d8fd3ad
SS		 76 success = 1;
77 /*XXXX*/
78 key_free(k);
79+/*XXXX
80 if (success != 1)
81 break;
82+XXXX*/
83 /* advance cp: skip whitespace and data */
84 while (*cp == ' ' || *cp == '\t')
85 cp++;
43c69e28
SS		 86diff -up openssh-6.1p1/monitor.c.coverity openssh-6.1p1/monitor.c
87--- openssh-6.1p1/monitor.c.coverity 2012-06-30 00:33:17.000000000 +0200
88+++ openssh-6.1p1/monitor.c 2012-09-14 21:16:41.277906552 +0200
9d8fd3ad
SS		 89@@ -420,7 +420,7 @@ monitor_child_preauth(Authctxt *_authctx
90 }
91
92 /* Drain any buffered messages from the child */
93- while (pmonitor->m_log_recvfd != -1 && monitor_read_log(pmonitor) == 0)
94+ while (pmonitor->m_log_recvfd >= 0 && monitor_read_log(pmonitor) == 0)
95 ;
96
97 if (!authctxt->valid)
43c69e28 98@@ -1159,6 +1159,10 @@ mm_answer_keyallowed(int sock, Buffer *m
9d8fd3ad
SS		 99 break;
100 }
101 }
102+
103+ debug3("%s: key %p is %s",
104+ __func__, key, allowed ? "allowed" : "not allowed");
105+
106 if (key != NULL)
107 key_free(key);
108
43c69e28 109@@ -1180,9 +1184,6 @@ mm_answer_keyallowed(int sock, Buffer *m
9d8fd3ad
SS		 110 xfree(chost);
111 }
112
113- debug3("%s: key %p is %s",
114- __func__, key, allowed ? "allowed" : "not allowed");
115-
116 buffer_clear(m);
117 buffer_put_int(m, allowed);
118 buffer_put_int(m, forced_command != NULL);
43c69e28
SS		 119diff -up openssh-6.1p1/monitor_wrap.c.coverity openssh-6.1p1/monitor_wrap.c
120--- openssh-6.1p1/monitor_wrap.c.coverity 2011-06-20 06:42:23.000000000 +0200
121+++ openssh-6.1p1/monitor_wrap.c 2012-09-14 21:16:41.280906568 +0200
9d8fd3ad
SS		 122@@ -707,10 +707,10 @@ mm_pty_allocate(int *ptyfd, int *ttyfd,
123 if ((tmp1 = dup(pmonitor->m_recvfd)) == -1 ||
124 (tmp2 = dup(pmonitor->m_recvfd)) == -1) {
125 error("%s: cannot allocate fds for pty", __func__);
126- if (tmp1 > 0)
127+ if (tmp1 >= 0)
128 close(tmp1);
129- if (tmp2 > 0)
130- close(tmp2);
131+ /*DEAD CODE if (tmp2 >= 0)
132+ close(tmp2);*/
133 return 0;
134 }
135 close(tmp1);
43c69e28
SS		 136diff -up openssh-6.1p1/openbsd-compat/bindresvport.c.coverity openssh-6.1p1/openbsd-compat/bindresvport.c
137--- openssh-6.1p1/openbsd-compat/bindresvport.c.coverity 2010-12-03 00:50:26.000000000 +0100
138+++ openssh-6.1p1/openbsd-compat/bindresvport.c 2012-09-14 21:16:41.281906573 +0200
9d8fd3ad
SS		 139@@ -58,7 +58,7 @@ bindresvport_sa(int sd, struct sockaddr
140 struct sockaddr_in6 *in6;
141 u_int16_t *portp;
142 u_int16_t port;
143- socklen_t salen;
144+ socklen_t salen = sizeof(struct sockaddr_storage);
145 int i;
146
147 if (sa == NULL) {
43c69e28
SS		 148diff -up openssh-6.1p1/packet.c.coverity openssh-6.1p1/packet.c
149--- openssh-6.1p1/packet.c.coverity 2012-03-09 00:28:07.000000000 +0100
150+++ openssh-6.1p1/packet.c 2012-09-14 21:16:41.284906588 +0200
9d8fd3ad
SS		 151@@ -1177,6 +1177,7 @@ packet_read_poll1(void)
152 case DEATTACK_DETECTED:
153 packet_disconnect("crc32 compensation attack: "
154 "network attack detected");
155+ break;
156 case DEATTACK_DOS_DETECTED:
157 packet_disconnect("deattack denial of "
158 "service detected");
43c69e28 159@@ -1678,7 +1679,7 @@ void
9d8fd3ad
SS		 160 packet_write_wait(void)
161 {
162 fd_set *setp;
163- int ret, ms_remain;
164+ int ret, ms_remain = 0;
165 struct timeval start, timeout, *timeoutp = NULL;
166
167 setp = (fd_set *)xcalloc(howmany(active_state->connection_out + 1,
43c69e28
SS		 168diff -up openssh-6.1p1/progressmeter.c.coverity openssh-6.1p1/progressmeter.c
169--- openssh-6.1p1/progressmeter.c.coverity 2006-08-05 04:39:40.000000000 +0200
170+++ openssh-6.1p1/progressmeter.c 2012-09-14 21:16:41.285906593 +0200
9d8fd3ad
SS		 171@@ -65,7 +65,7 @@ static void update_progress_meter(int);
172
173 static time_t start; /* start progress */
174 static time_t last_update; /* last progress update */
175-static char *file; /* name of the file being transferred */
176+static const char *file; /* name of the file being transferred */
177 static off_t end_pos; /* ending position of transfer */
178 static off_t cur_pos; /* transfer position as of last refresh */
179 static volatile off_t *counter; /* progress counter */
180@@ -247,7 +247,7 @@ update_progress_meter(int ignore)
181 }
182
183 void
184-start_progress_meter(char *f, off_t filesize, off_t *ctr)
185+start_progress_meter(const char *f, off_t filesize, off_t *ctr)
186 {
187 start = last_update = time(NULL);
188 file = f;
43c69e28
SS		 189diff -up openssh-6.1p1/progressmeter.h.coverity openssh-6.1p1/progressmeter.h
190--- openssh-6.1p1/progressmeter.h.coverity 2006-03-26 05:30:02.000000000 +0200
191+++ openssh-6.1p1/progressmeter.h 2012-09-14 21:16:41.286906598 +0200
9d8fd3ad
SS		 192@@ -23,5 +23,5 @@
193 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
194 */
195
196-void start_progress_meter(char *, off_t, off_t *);
197+void start_progress_meter(const char *, off_t, off_t *);
198 void stop_progress_meter(void);
43c69e28
SS		 199diff -up openssh-6.1p1/scp.c.coverity openssh-6.1p1/scp.c
200--- openssh-6.1p1/scp.c.coverity 2011-09-22 13:38:01.000000000 +0200
201+++ openssh-6.1p1/scp.c 2012-09-14 21:16:41.288906608 +0200
9d8fd3ad
SS		 202@@ -155,7 +155,7 @@ killchild(int signo)
203 {
204 if (do_cmd_pid > 1) {
205 kill(do_cmd_pid, signo ? signo : SIGTERM);
206- waitpid(do_cmd_pid, NULL, 0);
207+ (void) waitpid(do_cmd_pid, NULL, 0);
208 }
209
210 if (signo)
43c69e28
SS		 211diff -up openssh-6.1p1/servconf.c.coverity openssh-6.1p1/servconf.c
212--- openssh-6.1p1/servconf.c.coverity 2012-07-31 04:22:38.000000000 +0200
213+++ openssh-6.1p1/servconf.c 2012-09-14 21:16:41.291906623 +0200
214@@ -1249,7 +1249,7 @@ process_server_config_line(ServerOptions
9d8fd3ad
SS		 215 fatal("%s line %d: Missing subsystem name.",
216 filename, linenum);
217 if (!*activep) {
218- arg = strdelim(&cp);
219+ /*arg =*/ (void) strdelim(&cp);
220 break;
221 }
222 for (i = 0; i < options->num_subsystems; i++)
43c69e28 223@@ -1340,8 +1340,9 @@ process_server_config_line(ServerOptions
9d8fd3ad
SS		 224 if (*activep && *charptr == NULL) {
225 *charptr = tilde_expand_filename(arg, getuid());
226 /* increase optional counter */
227- if (intptr != NULL)
228- *intptr = *intptr + 1;
229+ /* DEAD CODE intptr is still NULL ;)
230+ if (intptr != NULL)
231+ *intptr = *intptr + 1; */
232 }
233 break;
234
43c69e28
SS		 235diff -up openssh-6.1p1/serverloop.c.coverity openssh-6.1p1/serverloop.c
236--- openssh-6.1p1/serverloop.c.coverity 2012-06-20 14:31:27.000000000 +0200
237+++ openssh-6.1p1/serverloop.c 2012-09-14 21:16:41.294906638 +0200
9d8fd3ad
SS		 238@@ -147,13 +147,13 @@ notify_setup(void)
239 static void
240 notify_parent(void)
241 {
242- if (notify_pipe[1] != -1)
243+ if (notify_pipe[1] >= 0)
244 write(notify_pipe[1], "", 1);
245 }
246 static void
247 notify_prepare(fd_set *readset)
248 {
249- if (notify_pipe[0] != -1)
250+ if (notify_pipe[0] >= 0)
251 FD_SET(notify_pipe[0], readset);
252 }
253 static void
254@@ -161,8 +161,8 @@ notify_done(fd_set *readset)
255 {
256 char c;
257
258- if (notify_pipe[0] != -1 && FD_ISSET(notify_pipe[0], readset))
259- while (read(notify_pipe[0], &c, 1) != -1)
260+ if (notify_pipe[0] >= 0 && FD_ISSET(notify_pipe[0], readset))
261+ while (read(notify_pipe[0], &c, 1) >= 0)
262 debug2("notify_done: reading");
263 }
264
43c69e28 265@@ -336,7 +336,7 @@ wait_until_can_do_something(fd_set **rea
9d8fd3ad
SS		 266 * If we have buffered data, try to write some of that data
267 * to the program.
268 */
269- if (fdin != -1 && buffer_len(&stdin_buffer) > 0)
270+ if (fdin >= 0 && buffer_len(&stdin_buffer) > 0)
271 FD_SET(fdin, *writesetp);
272 }
273 notify_prepare(*readsetp);
43c69e28 274@@ -476,7 +476,7 @@ process_output(fd_set *writeset)
9d8fd3ad
SS		 275 int len;
276
277 /* Write buffered data to program stdin. */
278- if (!compat20 && fdin != -1 && FD_ISSET(fdin, writeset)) {
279+ if (!compat20 && fdin >= 0 && FD_ISSET(fdin, writeset)) {
280 data = buffer_ptr(&stdin_buffer);
281 dlen = buffer_len(&stdin_buffer);
282 len = write(fdin, data, dlen);
43c69e28 283@@ -589,7 +589,7 @@ server_loop(pid_t pid, int fdin_arg, int
9d8fd3ad
SS		 284 set_nonblock(fdin);
285 set_nonblock(fdout);
286 /* we don't have stderr for interactive terminal sessions, see below */
287- if (fderr != -1)
288+ if (fderr >= 0)
289 set_nonblock(fderr);
290
291 if (!(datafellows & SSH_BUG_IGNOREMSG) && isatty(fdin))
43c69e28 292@@ -613,7 +613,7 @@ server_loop(pid_t pid, int fdin_arg, int
9d8fd3ad
SS		 293 max_fd = MAX(connection_in, connection_out);
294 max_fd = MAX(max_fd, fdin);
295 max_fd = MAX(max_fd, fdout);
296- if (fderr != -1)
297+ if (fderr >= 0)
298 max_fd = MAX(max_fd, fderr);
299 #endif
300
43c69e28 301@@ -643,7 +643,7 @@ server_loop(pid_t pid, int fdin_arg, int
9d8fd3ad
SS		 302 * If we have received eof, and there is no more pending
303 * input data, cause a real eof by closing fdin.
304 */
305- if (stdin_eof && fdin != -1 && buffer_len(&stdin_buffer) == 0) {
306+ if (stdin_eof && fdin >= 0 && buffer_len(&stdin_buffer) == 0) {
307 if (fdin != fdout)
308 close(fdin);
309 else
43c69e28 310@@ -741,15 +741,15 @@ server_loop(pid_t pid, int fdin_arg, int
9d8fd3ad
SS		 311 buffer_free(&stderr_buffer);
312
313 /* Close the file descriptors. */
314- if (fdout != -1)
315+ if (fdout >= 0)
316 close(fdout);
317 fdout = -1;
318 fdout_eof = 1;
319- if (fderr != -1)
320+ if (fderr >= 0)
321 close(fderr);
322 fderr = -1;
323 fderr_eof = 1;
324- if (fdin != -1)
325+ if (fdin >= 0)
326 close(fdin);
327 fdin = -1;
328
43c69e28 329@@ -943,7 +943,7 @@ server_input_window_size(int type, u_int
9d8fd3ad
SS		 330
331 debug("Window change received.");
332 packet_check_eom();
333- if (fdin != -1)
334+ if (fdin >= 0)
335 pty_change_window_size(fdin, row, col, xpixel, ypixel);
336 }
337
43c69e28 338@@ -996,7 +996,7 @@ server_request_tun(void)
9d8fd3ad
SS		 339 }
340
341 tun = packet_get_int();
342- if (forced_tun_device != -1) {
343+ if (forced_tun_device >= 0) {
344 if (tun != SSH_TUNID_ANY && forced_tun_device != tun)
345 goto done;
346 tun = forced_tun_device;
43c69e28
SS		 347diff -up openssh-6.1p1/sftp.c.coverity openssh-6.1p1/sftp.c
348--- openssh-6.1p1/sftp.c.coverity 2012-06-30 00:33:32.000000000 +0200
349+++ openssh-6.1p1/sftp.c 2012-09-14 21:16:41.297906653 +0200
350@@ -206,7 +206,7 @@ killchild(int signo)
351 {
352 if (sshpid > 1) {
353 kill(sshpid, SIGTERM);
354- waitpid(sshpid, NULL, 0);
355+ (void) waitpid(sshpid, NULL, 0);
356 }
357
358 _exit(1);
359@@ -316,7 +316,7 @@ local_do_ls(const char *args)
360
361 /* Strip one path (usually the pwd) from the start of another */
362 static char *
363-path_strip(char *path, char *strip)
364+path_strip(const char *path, const char *strip)
365 {
366 size_t len;
367
368@@ -334,7 +334,7 @@ path_strip(char *path, char *strip)
369 }
370
371 static char *
372-make_absolute(char *p, char *pwd)
373+make_absolute(char *p, const char *pwd)
374 {
375 char *abs_str;
376
377@@ -482,7 +482,7 @@ parse_df_flags(const char *cmd, char **a
378 }
379
380 static int
381-is_dir(char *path)
382+is_dir(const char *path)
383 {
384 struct stat sb;
385
386@@ -494,7 +494,7 @@ is_dir(char *path)
387 }
388
389 static int
390-remote_is_dir(struct sftp_conn *conn, char *path)
391+remote_is_dir(struct sftp_conn *conn, const char *path)
392 {
393 Attrib *a;
394
395@@ -508,7 +508,7 @@ remote_is_dir(struct sftp_conn *conn, ch
396
397 /* Check whether path returned from glob(..., GLOB_MARK, ...) is a directory */
398 static int
399-pathname_is_dir(char *pathname)
400+pathname_is_dir(const char *pathname)
401 {
402 size_t l = strlen(pathname);
403
404@@ -516,7 +516,7 @@ pathname_is_dir(char *pathname)
405 }
406
407 static int
408-process_get(struct sftp_conn *conn, char *src, char *dst, char *pwd,
409+process_get(struct sftp_conn *conn, const char *src, const char *dst, const char *pwd,
410 int pflag, int rflag)
411 {
412 char *abs_src = NULL;
413@@ -590,7 +590,7 @@ out:
414 }
415
416 static int
417-process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd,
418+process_put(struct sftp_conn *conn, const char *src, const char *dst, const char *pwd,
419 int pflag, int rflag)
420 {
421 char *tmp_dst = NULL;
422@@ -695,7 +695,7 @@ sdirent_comp(const void *aa, const void
423
424 /* sftp ls.1 replacement for directories */
425 static int
426-do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag)
427+do_ls_dir(struct sftp_conn *conn, const char *path, const char *strip_path, int lflag)
428 {
429 int n;
430 u_int c = 1, colspace = 0, columns = 1;
431@@ -780,7 +780,7 @@ do_ls_dir(struct sftp_conn *conn, char *
432
433 /* sftp ls.1 replacement which handles path globs */
434 static int
435-do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path,
436+do_globbed_ls(struct sftp_conn *conn, const char *path, const char *strip_path,
437 int lflag)
438 {
439 char *fname, *lname;
440@@ -861,7 +861,7 @@ do_globbed_ls(struct sftp_conn *conn, ch
441 }
442
443 static int
444-do_df(struct sftp_conn *conn, char *path, int hflag, int iflag)
445+do_df(struct sftp_conn *conn, const char *path, int hflag, int iflag)
446 {
447 struct sftp_statvfs st;
448 char s_used[FMT_SCALED_STRSIZE];
449diff -up openssh-6.1p1/sftp-client.c.coverity openssh-6.1p1/sftp-client.c
450--- openssh-6.1p1/sftp-client.c.coverity 2012-07-02 14:15:39.000000000 +0200
451+++ openssh-6.1p1/sftp-client.c 2012-09-14 21:18:16.891332281 +0200
9d8fd3ad
SS		 452@@ -149,7 +149,7 @@ get_msg(struct sftp_conn *conn, Buffer *
453 }
454
455 static void
456-send_string_request(struct sftp_conn *conn, u_int id, u_int code, char *s,
457+send_string_request(struct sftp_conn *conn, u_int id, u_int code, const char *s,
458 u_int len)
459 {
460 Buffer msg;
461@@ -165,7 +165,7 @@ send_string_request(struct sftp_conn *co
462
463 static void
464 send_string_attrs_request(struct sftp_conn *conn, u_int id, u_int code,
465- char *s, u_int len, Attrib *a)
466+ const char *s, u_int len, Attrib *a)
467 {
468 Buffer msg;
469
470@@ -422,7 +422,7 @@ sftp_proto_version(struct sftp_conn *con
471 }
472
473 int
474-do_close(struct sftp_conn *conn, char *handle, u_int handle_len)
475+do_close(struct sftp_conn *conn, const char *handle, u_int handle_len)
476 {
477 u_int id, status;
478 Buffer msg;
479@@ -447,7 +447,7 @@ do_close(struct sftp_conn *conn, char *h
480
481
482 static int
483-do_lsreaddir(struct sftp_conn *conn, char *path, int printflag,
484+do_lsreaddir(struct sftp_conn *conn, const char *path, int printflag,
485 SFTP_DIRENT ***dir)
486 {
487 Buffer msg;
43c69e28 488@@ -572,7 +572,7 @@ do_lsreaddir(struct sftp_conn *conn, cha
9d8fd3ad
SS		 489 }
490
491 int
492-do_readdir(struct sftp_conn *conn, char *path, SFTP_DIRENT ***dir)
493+do_readdir(struct sftp_conn *conn, const char *path, SFTP_DIRENT ***dir)
494 {
495 return(do_lsreaddir(conn, path, 0, dir));
496 }
43c69e28 497@@ -590,7 +590,7 @@ void free_sftp_dirents(SFTP_DIRENT **s)
9d8fd3ad
SS		 498 }
499
500 int
501-do_rm(struct sftp_conn *conn, char *path)
502+do_rm(struct sftp_conn *conn, const char *path)
503 {
504 u_int status, id;
505
43c69e28 506@@ -605,7 +605,7 @@ do_rm(struct sftp_conn *conn, char *path
9d8fd3ad
SS		 507 }
508
509 int
510-do_mkdir(struct sftp_conn *conn, char *path, Attrib *a, int printflag)
511+do_mkdir(struct sftp_conn *conn, const char *path, Attrib *a, int printflag)
512 {
513 u_int status, id;
514
43c69e28 515@@ -621,7 +621,7 @@ do_mkdir(struct sftp_conn *conn, char *p
9d8fd3ad
SS		 516 }
517
518 int
519-do_rmdir(struct sftp_conn *conn, char *path)
520+do_rmdir(struct sftp_conn *conn, const char *path)
521 {
522 u_int status, id;
523
43c69e28 524@@ -637,7 +637,7 @@ do_rmdir(struct sftp_conn *conn, char *p
9d8fd3ad
SS		 525 }
526
527 Attrib *
528-do_stat(struct sftp_conn *conn, char *path, int quiet)
529+do_stat(struct sftp_conn *conn, const char *path, int quiet)
530 {
531 u_int id;
532
43c69e28 533@@ -651,7 +651,7 @@ do_stat(struct sftp_conn *conn, char *pa
9d8fd3ad
SS		 534 }
535
536 Attrib *
537-do_lstat(struct sftp_conn *conn, char *path, int quiet)
538+do_lstat(struct sftp_conn *conn, const char *path, int quiet)
539 {
540 u_int id;
541
43c69e28 542@@ -685,7 +685,7 @@ do_fstat(struct sftp_conn *conn, char *h
9d8fd3ad
SS		 543 #endif
544
545 int
546-do_setstat(struct sftp_conn *conn, char *path, Attrib *a)
547+do_setstat(struct sftp_conn *conn, const char *path, Attrib *a)
548 {
549 u_int status, id;
550
43c69e28 551@@ -702,7 +702,7 @@ do_setstat(struct sftp_conn *conn, char
9d8fd3ad
SS		 552 }
553
554 int
555-do_fsetstat(struct sftp_conn *conn, char *handle, u_int handle_len,
556+do_fsetstat(struct sftp_conn *conn, const char *handle, u_int handle_len,
557 Attrib *a)
558 {
559 u_int status, id;
43c69e28 560@@ -719,7 +719,7 @@ do_fsetstat(struct sftp_conn *conn, char
9d8fd3ad
SS		 561 }
562
563 char *
564-do_realpath(struct sftp_conn *conn, char *path)
565+do_realpath(struct sftp_conn *conn, const char *path)
566 {
567 Buffer msg;
568 u_int type, expected_id, count, id;
43c69e28 569@@ -768,7 +768,7 @@ do_realpath(struct sftp_conn *conn, char
9d8fd3ad
SS		 570 }
571
572 int
573-do_rename(struct sftp_conn *conn, char *oldpath, char *newpath)
574+do_rename(struct sftp_conn *conn, const char *oldpath, const char *newpath)
575 {
576 Buffer msg;
577 u_int status, id;
43c69e28 578@@ -802,7 +802,7 @@ do_rename(struct sftp_conn *conn, char *
9d8fd3ad
SS		 579 }
580
581 int
582-do_hardlink(struct sftp_conn *conn, char *oldpath, char *newpath)
583+do_hardlink(struct sftp_conn *conn, const char *oldpath, const char *newpath)
584 {
585 Buffer msg;
586 u_int status, id;
43c69e28 587@@ -835,7 +835,7 @@ do_hardlink(struct sftp_conn *conn, char
9d8fd3ad
SS		 588 }
589
590 int
591-do_symlink(struct sftp_conn *conn, char *oldpath, char *newpath)
592+do_symlink(struct sftp_conn *conn, const char *oldpath, const char *newpath)
593 {
594 Buffer msg;
595 u_int status, id;
43c69e28 596@@ -987,7 +987,7 @@ send_read_request(struct sftp_conn *conn
9d8fd3ad
SS		 597 }
598
599 int
600-do_download(struct sftp_conn *conn, char *remote_path, char *local_path,
601+do_download(struct sftp_conn *conn, const char *remote_path, const char *local_path,
602 Attrib *a, int pflag)
603 {
604 Attrib junk;
43c69e28 605@@ -1226,7 +1226,7 @@ do_download(struct sftp_conn *conn, char
9d8fd3ad
SS		 606 }
607
608 static int
609-download_dir_internal(struct sftp_conn *conn, char *src, char *dst,
610+download_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
611 Attrib *dirattrib, int pflag, int printflag, int depth)
612 {
613 int i, ret = 0;
43c69e28 614@@ -1316,7 +1316,7 @@ download_dir_internal(struct sftp_conn *
9d8fd3ad
SS		 615 }
616
617 int
618-download_dir(struct sftp_conn *conn, char *src, char *dst,
619+download_dir(struct sftp_conn *conn, const char *src, const char *dst,
620 Attrib *dirattrib, int pflag, int printflag)
621 {
622 char *src_canon;
43c69e28 623@@ -1334,7 +1334,7 @@ download_dir(struct sftp_conn *conn, cha
9d8fd3ad
SS		 624 }
625
626 int
627-do_upload(struct sftp_conn *conn, char *local_path, char *remote_path,
628+do_upload(struct sftp_conn *conn, const char *local_path, const char *remote_path,
629 int pflag)
630 {
631 int local_fd;
43c69e28 632@@ -1517,7 +1517,7 @@ do_upload(struct sftp_conn *conn, char *
9d8fd3ad
SS		 633 }
634
635 static int
636-upload_dir_internal(struct sftp_conn *conn, char *src, char *dst,
637+upload_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
638 int pflag, int printflag, int depth)
639 {
640 int ret = 0, status;
43c69e28 641@@ -1608,7 +1608,7 @@ upload_dir_internal(struct sftp_conn *co
9d8fd3ad
SS		 642 }
643
644 int
645-upload_dir(struct sftp_conn *conn, char *src, char *dst, int printflag,
646+upload_dir(struct sftp_conn *conn, const char *src, const char *dst, int printflag,
647 int pflag)
648 {
649 char *dst_canon;
43c69e28 650@@ -1625,7 +1625,7 @@ upload_dir(struct sftp_conn *conn, char
9d8fd3ad
SS		 651 }
652
653 char *
654-path_append(char *p1, char *p2)
655+path_append(const char *p1, const char *p2)
656 {
657 char *ret;
658 size_t len = strlen(p1) + strlen(p2) + 2;
43c69e28
SS		 659diff -up openssh-6.1p1/sftp-client.h.coverity openssh-6.1p1/sftp-client.h
660--- openssh-6.1p1/sftp-client.h.coverity 2010-12-04 23:02:48.000000000 +0100
661+++ openssh-6.1p1/sftp-client.h 2012-09-14 21:16:41.301906674 +0200
9d8fd3ad
SS		 662@@ -56,49 +56,49 @@ struct sftp_conn *do_init(int, int, u_in
663 u_int sftp_proto_version(struct sftp_conn *);
664
665 /* Close file referred to by 'handle' */
666-int do_close(struct sftp_conn *, char *, u_int);
667+int do_close(struct sftp_conn *, const char *, u_int);
668
669 /* Read contents of 'path' to NULL-terminated array 'dir' */
670-int do_readdir(struct sftp_conn *, char *, SFTP_DIRENT ***);
671+int do_readdir(struct sftp_conn *, const char *, SFTP_DIRENT ***);
672
673 /* Frees a NULL-terminated array of SFTP_DIRENTs (eg. from do_readdir) */
674 void free_sftp_dirents(SFTP_DIRENT **);
675
676 /* Delete file 'path' */
677-int do_rm(struct sftp_conn *, char *);
678+int do_rm(struct sftp_conn *, const char *);
679
680 /* Create directory 'path' */
681-int do_mkdir(struct sftp_conn *, char *, Attrib *, int);
682+int do_mkdir(struct sftp_conn *, const char *, Attrib *, int);
683
684 /* Remove directory 'path' */
685-int do_rmdir(struct sftp_conn *, char *);
686+int do_rmdir(struct sftp_conn *, const char *);
687
688 /* Get file attributes of 'path' (follows symlinks) */
689-Attrib *do_stat(struct sftp_conn *, char *, int);
690+Attrib *do_stat(struct sftp_conn *, const char *, int);
691
692 /* Get file attributes of 'path' (does not follow symlinks) */
693-Attrib *do_lstat(struct sftp_conn *, char *, int);
694+Attrib *do_lstat(struct sftp_conn *, const char *, int);
695
696 /* Set file attributes of 'path' */
697-int do_setstat(struct sftp_conn *, char *, Attrib *);
698+int do_setstat(struct sftp_conn *, const char *, Attrib *);
699
700 /* Set file attributes of open file 'handle' */
701-int do_fsetstat(struct sftp_conn *, char *, u_int, Attrib *);
702+int do_fsetstat(struct sftp_conn *, const char *, u_int, Attrib *);
703
704 /* Canonicalise 'path' - caller must free result */
705-char *do_realpath(struct sftp_conn *, char *);
706+char *do_realpath(struct sftp_conn *, const char *);
707
708 /* Get statistics for filesystem hosting file at "path" */
709 int do_statvfs(struct sftp_conn *, const char *, struct sftp_statvfs *, int);
710
711 /* Rename 'oldpath' to 'newpath' */
712-int do_rename(struct sftp_conn *, char *, char *);
713+int do_rename(struct sftp_conn *, const char *, const char *);
714
715 /* Link 'oldpath' to 'newpath' */
716-int do_hardlink(struct sftp_conn *, char *, char *);
717+int do_hardlink(struct sftp_conn *, const char *, const char *);
718
719-/* Rename 'oldpath' to 'newpath' */
720-int do_symlink(struct sftp_conn *, char *, char *);
721+/* Symlink 'oldpath' to 'newpath' */
722+int do_symlink(struct sftp_conn *, const char *, const char *);
723
724 /* XXX: add callbacks to do_download/do_upload so we can do progress meter */
725
726@@ -106,27 +106,27 @@ int do_symlink(struct sftp_conn *, char
727 * Download 'remote_path' to 'local_path'. Preserve permissions and times
728 * if 'pflag' is set
729 */
730-int do_download(struct sftp_conn *, char *, char *, Attrib *, int);
731+int do_download(struct sftp_conn *, const char *, const char *, Attrib *, int);
732
733 /*
734 * Recursively download 'remote_directory' to 'local_directory'. Preserve
735 * times if 'pflag' is set
736 */
737-int download_dir(struct sftp_conn *, char *, char *, Attrib *, int, int);
738+int download_dir(struct sftp_conn *, const char *, const char *, Attrib *, int, int);
739
740 /*
741 * Upload 'local_path' to 'remote_path'. Preserve permissions and times
742 * if 'pflag' is set
743 */
744-int do_upload(struct sftp_conn *, char *, char *, int);
745+int do_upload(struct sftp_conn *, const char *, const char *, int);
746
747 /*
748 * Recursively upload 'local_directory' to 'remote_directory'. Preserve
749 * times if 'pflag' is set
750 */
751-int upload_dir(struct sftp_conn *, char *, char *, int, int);
752+int upload_dir(struct sftp_conn *, const char *, const char *, int, int);
753
754 /* Concatenate paths, taking care of slashes. Caller must free result. */
755-char *path_append(char *, char *);
756+char *path_append(const char *, const char *);
757
758 #endif
43c69e28
SS		 759diff -up openssh-6.1p1/ssh-agent.c.coverity openssh-6.1p1/ssh-agent.c
760--- openssh-6.1p1/ssh-agent.c.coverity 2011-06-03 06:14:16.000000000 +0200
761+++ openssh-6.1p1/ssh-agent.c 2012-09-14 21:16:41.303906683 +0200
9d8fd3ad
SS		 762@@ -1147,8 +1147,8 @@ main(int ac, char **av)
763 sanitise_stdfd();
764
765 /* drop */
766- setegid(getgid());
767- setgid(getgid());
768+ (void) setegid(getgid());
769+ (void) setgid(getgid());
770
771 #if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE)
772 /* Disable ptrace on Linux without sgid bit */
43c69e28
SS		 773diff -up openssh-6.1p1/sshd.c.coverity openssh-6.1p1/sshd.c
774--- openssh-6.1p1/sshd.c.coverity 2012-07-31 04:21:34.000000000 +0200
775+++ openssh-6.1p1/sshd.c 2012-09-14 21:16:41.307906705 +0200
776@@ -682,8 +682,10 @@ privsep_preauth(Authctxt *authctxt)
9d8fd3ad
SS		 777 if (getuid() == 0 || geteuid() == 0)
778 privsep_preauth_child();
779 setproctitle("%s", "[net]");
780- if (box != NULL)
781+ if (box != NULL) {
782 ssh_sandbox_child(box);
783+ xfree(box);
784+ }
785
786 return 0;
787 }
43c69e28 788@@ -1311,6 +1313,9 @@ server_accept_loop(int *sock_in, int *so
9d8fd3ad
SS		 789 if (num_listen_socks < 0)
790 break;
791 }
792+
793+ if (fdset != NULL)
794+ xfree(fdset);
795 }
796
797
43c69e28 798@@ -1768,7 +1773,7 @@ main(int ac, char **av)
9d8fd3ad
SS		 799
800 /* Chdir to the root directory so that the current disk can be
801 unmounted if desired. */
802- chdir("/");
803+ (void) chdir("/");
804
805 /* ignore SIGPIPE */
806 signal(SIGPIPE, SIG_IGN);
Arne's tree of IPFire 3.x.