]>
Commit | Line | Data |
---|---|---|
9d8fd3ad SS |
1 | diff -up openssh-5.9p1/auth-pam.c.coverity openssh-5.9p1/auth-pam.c |
2 | --- openssh-5.9p1/auth-pam.c.coverity 2009-07-12 14:07:21.000000000 +0200 | |
3 | +++ openssh-5.9p1/auth-pam.c 2011-09-14 08:09:47.074520582 +0200 | |
4 | @@ -216,7 +216,12 @@ pthread_join(sp_pthread_t thread, void * | |
5 | if (sshpam_thread_status != -1) | |
6 | return (sshpam_thread_status); | |
7 | signal(SIGCHLD, sshpam_oldsig); | |
8 | - waitpid(thread, &status, 0); | |
9 | + while (waitpid(thread, &status, 0) < 0) { | |
10 | + if (errno == EINTR) | |
11 | + continue; | |
12 | + fatal("%s: waitpid: %s", __func__, | |
13 | + strerror(errno)); | |
14 | + } | |
15 | return (status); | |
16 | } | |
17 | #endif | |
18 | diff -up openssh-5.9p1/channels.c.coverity openssh-5.9p1/channels.c | |
19 | --- openssh-5.9p1/channels.c.coverity 2011-06-23 00:31:57.000000000 +0200 | |
20 | +++ openssh-5.9p1/channels.c 2011-09-14 08:09:47.556582810 +0200 | |
21 | @@ -229,11 +229,11 @@ channel_register_fds(Channel *c, int rfd | |
22 | channel_max_fd = MAX(channel_max_fd, wfd); | |
23 | channel_max_fd = MAX(channel_max_fd, efd); | |
24 | ||
25 | - if (rfd != -1) | |
26 | + if (rfd >= 0) | |
27 | fcntl(rfd, F_SETFD, FD_CLOEXEC); | |
28 | - if (wfd != -1 && wfd != rfd) | |
29 | + if (wfd >= 0 && wfd != rfd) | |
30 | fcntl(wfd, F_SETFD, FD_CLOEXEC); | |
31 | - if (efd != -1 && efd != rfd && efd != wfd) | |
32 | + if (efd >= 0 && efd != rfd && efd != wfd) | |
33 | fcntl(efd, F_SETFD, FD_CLOEXEC); | |
34 | ||
35 | c->rfd = rfd; | |
36 | @@ -248,11 +248,11 @@ channel_register_fds(Channel *c, int rfd | |
37 | ||
38 | /* enable nonblocking mode */ | |
39 | if (nonblock) { | |
40 | - if (rfd != -1) | |
41 | + if (rfd >= 0) | |
42 | set_nonblock(rfd); | |
43 | - if (wfd != -1) | |
44 | + if (wfd >= 0) | |
45 | set_nonblock(wfd); | |
46 | - if (efd != -1) | |
47 | + if (efd >= 0) | |
48 | set_nonblock(efd); | |
49 | } | |
50 | } | |
51 | diff -up openssh-5.9p1/clientloop.c.coverity openssh-5.9p1/clientloop.c | |
52 | --- openssh-5.9p1/clientloop.c.coverity 2011-06-23 00:31:58.000000000 +0200 | |
53 | +++ openssh-5.9p1/clientloop.c 2011-09-14 08:17:41.556521887 +0200 | |
54 | @@ -1970,14 +1970,15 @@ client_input_global_request(int type, u_ | |
55 | char *rtype; | |
56 | int want_reply; | |
57 | int success = 0; | |
58 | +/* success is still 0 the packet is allways SSH2_MSG_REQUEST_FAILURE, isn't it? */ | |
59 | ||
60 | rtype = packet_get_string(NULL); | |
61 | want_reply = packet_get_char(); | |
62 | debug("client_input_global_request: rtype %s want_reply %d", | |
63 | rtype, want_reply); | |
64 | if (want_reply) { | |
65 | - packet_start(success ? | |
66 | - SSH2_MSG_REQUEST_SUCCESS : SSH2_MSG_REQUEST_FAILURE); | |
67 | + packet_start(/*success ? | |
68 | + SSH2_MSG_REQUEST_SUCCESS :*/ SSH2_MSG_REQUEST_FAILURE); | |
69 | packet_send(); | |
70 | packet_write_wait(); | |
71 | } | |
72 | diff -up openssh-5.9p1/key.c.coverity openssh-5.9p1/key.c | |
73 | --- openssh-5.9p1/key.c.coverity 2011-05-20 11:03:08.000000000 +0200 | |
74 | +++ openssh-5.9p1/key.c 2011-09-14 08:09:47.803458435 +0200 | |
75 | @@ -803,8 +803,10 @@ key_read(Key *ret, char **cpp) | |
76 | success = 1; | |
77 | /*XXXX*/ | |
78 | key_free(k); | |
79 | +/*XXXX | |
80 | if (success != 1) | |
81 | break; | |
82 | +XXXX*/ | |
83 | /* advance cp: skip whitespace and data */ | |
84 | while (*cp == ' ' || *cp == '\t') | |
85 | cp++; | |
86 | diff -up openssh-5.9p1/misc.c.coverity openssh-5.9p1/misc.c | |
87 | diff -up openssh-5.9p1/monitor.c.coverity openssh-5.9p1/monitor.c | |
88 | --- openssh-5.9p1/monitor.c.coverity 2011-08-05 22:15:18.000000000 +0200 | |
89 | +++ openssh-5.9p1/monitor.c 2011-09-14 08:09:47.914584009 +0200 | |
90 | @@ -420,7 +420,7 @@ monitor_child_preauth(Authctxt *_authctx | |
91 | } | |
92 | ||
93 | /* Drain any buffered messages from the child */ | |
94 | - while (pmonitor->m_log_recvfd != -1 && monitor_read_log(pmonitor) == 0) | |
95 | + while (pmonitor->m_log_recvfd >= 0 && monitor_read_log(pmonitor) == 0) | |
96 | ; | |
97 | ||
98 | if (!authctxt->valid) | |
99 | @@ -1161,6 +1161,10 @@ mm_answer_keyallowed(int sock, Buffer *m | |
100 | break; | |
101 | } | |
102 | } | |
103 | + | |
104 | + debug3("%s: key %p is %s", | |
105 | + __func__, key, allowed ? "allowed" : "not allowed"); | |
106 | + | |
107 | if (key != NULL) | |
108 | key_free(key); | |
109 | ||
110 | @@ -1182,9 +1186,6 @@ mm_answer_keyallowed(int sock, Buffer *m | |
111 | xfree(chost); | |
112 | } | |
113 | ||
114 | - debug3("%s: key %p is %s", | |
115 | - __func__, key, allowed ? "allowed" : "not allowed"); | |
116 | - | |
117 | buffer_clear(m); | |
118 | buffer_put_int(m, allowed); | |
119 | buffer_put_int(m, forced_command != NULL); | |
120 | diff -up openssh-5.9p1/monitor_wrap.c.coverity openssh-5.9p1/monitor_wrap.c | |
121 | --- openssh-5.9p1/monitor_wrap.c.coverity 2011-09-14 08:11:36.480500123 +0200 | |
122 | +++ openssh-5.9p1/monitor_wrap.c 2011-09-14 08:14:11.279520598 +0200 | |
123 | @@ -707,10 +707,10 @@ mm_pty_allocate(int *ptyfd, int *ttyfd, | |
124 | if ((tmp1 = dup(pmonitor->m_recvfd)) == -1 || | |
125 | (tmp2 = dup(pmonitor->m_recvfd)) == -1) { | |
126 | error("%s: cannot allocate fds for pty", __func__); | |
127 | - if (tmp1 > 0) | |
128 | + if (tmp1 >= 0) | |
129 | close(tmp1); | |
130 | - if (tmp2 > 0) | |
131 | - close(tmp2); | |
132 | + /*DEAD CODE if (tmp2 >= 0) | |
133 | + close(tmp2);*/ | |
134 | return 0; | |
135 | } | |
136 | close(tmp1); | |
137 | diff -up openssh-5.9p1/openbsd-compat/bindresvport.c.coverity openssh-5.9p1/openbsd-compat/bindresvport.c | |
138 | --- openssh-5.9p1/openbsd-compat/bindresvport.c.coverity 2010-12-03 00:50:26.000000000 +0100 | |
139 | +++ openssh-5.9p1/openbsd-compat/bindresvport.c 2011-09-14 08:09:48.084459344 +0200 | |
140 | @@ -58,7 +58,7 @@ bindresvport_sa(int sd, struct sockaddr | |
141 | struct sockaddr_in6 *in6; | |
142 | u_int16_t *portp; | |
143 | u_int16_t port; | |
144 | - socklen_t salen; | |
145 | + socklen_t salen = sizeof(struct sockaddr_storage); | |
146 | int i; | |
147 | ||
148 | if (sa == NULL) { | |
149 | diff -up openssh-5.9p1/packet.c.coverity openssh-5.9p1/packet.c | |
150 | --- openssh-5.9p1/packet.c.coverity 2011-05-15 00:58:15.000000000 +0200 | |
151 | +++ openssh-5.9p1/packet.c 2011-09-14 08:09:48.184587842 +0200 | |
152 | @@ -1177,6 +1177,7 @@ packet_read_poll1(void) | |
153 | case DEATTACK_DETECTED: | |
154 | packet_disconnect("crc32 compensation attack: " | |
155 | "network attack detected"); | |
156 | + break; | |
157 | case DEATTACK_DOS_DETECTED: | |
158 | packet_disconnect("deattack denial of " | |
159 | "service detected"); | |
160 | @@ -1684,7 +1685,7 @@ void | |
161 | packet_write_wait(void) | |
162 | { | |
163 | fd_set *setp; | |
164 | - int ret, ms_remain; | |
165 | + int ret, ms_remain = 0; | |
166 | struct timeval start, timeout, *timeoutp = NULL; | |
167 | ||
168 | setp = (fd_set *)xcalloc(howmany(active_state->connection_out + 1, | |
169 | diff -up openssh-5.9p1/progressmeter.c.coverity openssh-5.9p1/progressmeter.c | |
170 | --- openssh-5.9p1/progressmeter.c.coverity 2006-08-05 04:39:40.000000000 +0200 | |
171 | +++ openssh-5.9p1/progressmeter.c 2011-09-14 08:09:48.300586004 +0200 | |
172 | @@ -65,7 +65,7 @@ static void update_progress_meter(int); | |
173 | ||
174 | static time_t start; /* start progress */ | |
175 | static time_t last_update; /* last progress update */ | |
176 | -static char *file; /* name of the file being transferred */ | |
177 | +static const char *file; /* name of the file being transferred */ | |
178 | static off_t end_pos; /* ending position of transfer */ | |
179 | static off_t cur_pos; /* transfer position as of last refresh */ | |
180 | static volatile off_t *counter; /* progress counter */ | |
181 | @@ -247,7 +247,7 @@ update_progress_meter(int ignore) | |
182 | } | |
183 | ||
184 | void | |
185 | -start_progress_meter(char *f, off_t filesize, off_t *ctr) | |
186 | +start_progress_meter(const char *f, off_t filesize, off_t *ctr) | |
187 | { | |
188 | start = last_update = time(NULL); | |
189 | file = f; | |
190 | diff -up openssh-5.9p1/progressmeter.h.coverity openssh-5.9p1/progressmeter.h | |
191 | --- openssh-5.9p1/progressmeter.h.coverity 2006-03-26 05:30:02.000000000 +0200 | |
192 | +++ openssh-5.9p1/progressmeter.h 2011-09-14 08:09:48.420645724 +0200 | |
193 | @@ -23,5 +23,5 @@ | |
194 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
195 | */ | |
196 | ||
197 | -void start_progress_meter(char *, off_t, off_t *); | |
198 | +void start_progress_meter(const char *, off_t, off_t *); | |
199 | void stop_progress_meter(void); | |
200 | diff -up openssh-5.9p1/scp.c.coverity openssh-5.9p1/scp.c | |
201 | --- openssh-5.9p1/scp.c.coverity 2011-01-06 12:41:21.000000000 +0100 | |
202 | +++ openssh-5.9p1/scp.c 2011-09-14 08:09:48.531505457 +0200 | |
203 | @@ -155,7 +155,7 @@ killchild(int signo) | |
204 | { | |
205 | if (do_cmd_pid > 1) { | |
206 | kill(do_cmd_pid, signo ? signo : SIGTERM); | |
207 | - waitpid(do_cmd_pid, NULL, 0); | |
208 | + (void) waitpid(do_cmd_pid, NULL, 0); | |
209 | } | |
210 | ||
211 | if (signo) | |
212 | diff -up openssh-5.9p1/servconf.c.coverity openssh-5.9p1/servconf.c | |
213 | --- openssh-5.9p1/servconf.c.coverity 2011-06-23 00:30:03.000000000 +0200 | |
214 | +++ openssh-5.9p1/servconf.c 2011-09-14 08:30:17.557468182 +0200 | |
215 | @@ -609,7 +609,7 @@ match_cfg_line(char **condition, int lin | |
216 | debug3("checking syntax for 'Match %s'", cp); | |
217 | else | |
218 | debug3("checking match for '%s' user %s host %s addr %s", cp, | |
219 | - user ? user : "(null)", host ? host : "(null)", | |
220 | + user /* User is not NULL ? user : "(null)" */, host ? host : "(null)", | |
221 | address ? address : "(null)"); | |
222 | ||
223 | while ((attrib = strdelim(&cp)) && *attrib != '\0') { | |
224 | @@ -1171,7 +1171,7 @@ process_server_config_line(ServerOptions | |
225 | fatal("%s line %d: Missing subsystem name.", | |
226 | filename, linenum); | |
227 | if (!*activep) { | |
228 | - arg = strdelim(&cp); | |
229 | + /*arg =*/ (void) strdelim(&cp); | |
230 | break; | |
231 | } | |
232 | for (i = 0; i < options->num_subsystems; i++) | |
233 | @@ -1262,8 +1262,9 @@ process_server_config_line(ServerOptions | |
234 | if (*activep && *charptr == NULL) { | |
235 | *charptr = tilde_expand_filename(arg, getuid()); | |
236 | /* increase optional counter */ | |
237 | - if (intptr != NULL) | |
238 | - *intptr = *intptr + 1; | |
239 | + /* DEAD CODE intptr is still NULL ;) | |
240 | + if (intptr != NULL) | |
241 | + *intptr = *intptr + 1; */ | |
242 | } | |
243 | break; | |
244 | ||
245 | diff -up openssh-5.9p1/serverloop.c.coverity openssh-5.9p1/serverloop.c | |
246 | --- openssh-5.9p1/serverloop.c.coverity 2011-05-20 11:02:50.000000000 +0200 | |
247 | +++ openssh-5.9p1/serverloop.c 2011-09-14 08:09:48.793586380 +0200 | |
248 | @@ -147,13 +147,13 @@ notify_setup(void) | |
249 | static void | |
250 | notify_parent(void) | |
251 | { | |
252 | - if (notify_pipe[1] != -1) | |
253 | + if (notify_pipe[1] >= 0) | |
254 | write(notify_pipe[1], "", 1); | |
255 | } | |
256 | static void | |
257 | notify_prepare(fd_set *readset) | |
258 | { | |
259 | - if (notify_pipe[0] != -1) | |
260 | + if (notify_pipe[0] >= 0) | |
261 | FD_SET(notify_pipe[0], readset); | |
262 | } | |
263 | static void | |
264 | @@ -161,8 +161,8 @@ notify_done(fd_set *readset) | |
265 | { | |
266 | char c; | |
267 | ||
268 | - if (notify_pipe[0] != -1 && FD_ISSET(notify_pipe[0], readset)) | |
269 | - while (read(notify_pipe[0], &c, 1) != -1) | |
270 | + if (notify_pipe[0] >= 0 && FD_ISSET(notify_pipe[0], readset)) | |
271 | + while (read(notify_pipe[0], &c, 1) >= 0) | |
272 | debug2("notify_done: reading"); | |
273 | } | |
274 | ||
275 | @@ -330,7 +330,7 @@ wait_until_can_do_something(fd_set **rea | |
276 | * If we have buffered data, try to write some of that data | |
277 | * to the program. | |
278 | */ | |
279 | - if (fdin != -1 && buffer_len(&stdin_buffer) > 0) | |
280 | + if (fdin >= 0 && buffer_len(&stdin_buffer) > 0) | |
281 | FD_SET(fdin, *writesetp); | |
282 | } | |
283 | notify_prepare(*readsetp); | |
284 | @@ -470,7 +470,7 @@ process_output(fd_set *writeset) | |
285 | int len; | |
286 | ||
287 | /* Write buffered data to program stdin. */ | |
288 | - if (!compat20 && fdin != -1 && FD_ISSET(fdin, writeset)) { | |
289 | + if (!compat20 && fdin >= 0 && FD_ISSET(fdin, writeset)) { | |
290 | data = buffer_ptr(&stdin_buffer); | |
291 | dlen = buffer_len(&stdin_buffer); | |
292 | len = write(fdin, data, dlen); | |
293 | @@ -583,7 +583,7 @@ server_loop(pid_t pid, int fdin_arg, int | |
294 | set_nonblock(fdin); | |
295 | set_nonblock(fdout); | |
296 | /* we don't have stderr for interactive terminal sessions, see below */ | |
297 | - if (fderr != -1) | |
298 | + if (fderr >= 0) | |
299 | set_nonblock(fderr); | |
300 | ||
301 | if (!(datafellows & SSH_BUG_IGNOREMSG) && isatty(fdin)) | |
302 | @@ -607,7 +607,7 @@ server_loop(pid_t pid, int fdin_arg, int | |
303 | max_fd = MAX(connection_in, connection_out); | |
304 | max_fd = MAX(max_fd, fdin); | |
305 | max_fd = MAX(max_fd, fdout); | |
306 | - if (fderr != -1) | |
307 | + if (fderr >= 0) | |
308 | max_fd = MAX(max_fd, fderr); | |
309 | #endif | |
310 | ||
311 | @@ -637,7 +637,7 @@ server_loop(pid_t pid, int fdin_arg, int | |
312 | * If we have received eof, and there is no more pending | |
313 | * input data, cause a real eof by closing fdin. | |
314 | */ | |
315 | - if (stdin_eof && fdin != -1 && buffer_len(&stdin_buffer) == 0) { | |
316 | + if (stdin_eof && fdin >= 0 && buffer_len(&stdin_buffer) == 0) { | |
317 | if (fdin != fdout) | |
318 | close(fdin); | |
319 | else | |
320 | @@ -735,15 +735,15 @@ server_loop(pid_t pid, int fdin_arg, int | |
321 | buffer_free(&stderr_buffer); | |
322 | ||
323 | /* Close the file descriptors. */ | |
324 | - if (fdout != -1) | |
325 | + if (fdout >= 0) | |
326 | close(fdout); | |
327 | fdout = -1; | |
328 | fdout_eof = 1; | |
329 | - if (fderr != -1) | |
330 | + if (fderr >= 0) | |
331 | close(fderr); | |
332 | fderr = -1; | |
333 | fderr_eof = 1; | |
334 | - if (fdin != -1) | |
335 | + if (fdin >= 0) | |
336 | close(fdin); | |
337 | fdin = -1; | |
338 | ||
339 | @@ -937,7 +937,7 @@ server_input_window_size(int type, u_int | |
340 | ||
341 | debug("Window change received."); | |
342 | packet_check_eom(); | |
343 | - if (fdin != -1) | |
344 | + if (fdin >= 0) | |
345 | pty_change_window_size(fdin, row, col, xpixel, ypixel); | |
346 | } | |
347 | ||
348 | @@ -990,7 +990,7 @@ server_request_tun(void) | |
349 | } | |
350 | ||
351 | tun = packet_get_int(); | |
352 | - if (forced_tun_device != -1) { | |
353 | + if (forced_tun_device >= 0) { | |
354 | if (tun != SSH_TUNID_ANY && forced_tun_device != tun) | |
355 | goto done; | |
356 | tun = forced_tun_device; | |
357 | diff -up openssh-5.9p1/sftp-client.c.coverity openssh-5.9p1/sftp-client.c | |
358 | --- openssh-5.9p1/sftp-client.c.coverity 2010-12-04 23:02:48.000000000 +0100 | |
359 | +++ openssh-5.9p1/sftp-client.c 2011-09-14 08:09:48.910470343 +0200 | |
360 | @@ -149,7 +149,7 @@ get_msg(struct sftp_conn *conn, Buffer * | |
361 | } | |
362 | ||
363 | static void | |
364 | -send_string_request(struct sftp_conn *conn, u_int id, u_int code, char *s, | |
365 | +send_string_request(struct sftp_conn *conn, u_int id, u_int code, const char *s, | |
366 | u_int len) | |
367 | { | |
368 | Buffer msg; | |
369 | @@ -165,7 +165,7 @@ send_string_request(struct sftp_conn *co | |
370 | ||
371 | static void | |
372 | send_string_attrs_request(struct sftp_conn *conn, u_int id, u_int code, | |
373 | - char *s, u_int len, Attrib *a) | |
374 | + const char *s, u_int len, Attrib *a) | |
375 | { | |
376 | Buffer msg; | |
377 | ||
378 | @@ -422,7 +422,7 @@ sftp_proto_version(struct sftp_conn *con | |
379 | } | |
380 | ||
381 | int | |
382 | -do_close(struct sftp_conn *conn, char *handle, u_int handle_len) | |
383 | +do_close(struct sftp_conn *conn, const char *handle, u_int handle_len) | |
384 | { | |
385 | u_int id, status; | |
386 | Buffer msg; | |
387 | @@ -447,7 +447,7 @@ do_close(struct sftp_conn *conn, char *h | |
388 | ||
389 | ||
390 | static int | |
391 | -do_lsreaddir(struct sftp_conn *conn, char *path, int printflag, | |
392 | +do_lsreaddir(struct sftp_conn *conn, const char *path, int printflag, | |
393 | SFTP_DIRENT ***dir) | |
394 | { | |
395 | Buffer msg; | |
396 | @@ -571,7 +571,7 @@ do_lsreaddir(struct sftp_conn *conn, cha | |
397 | } | |
398 | ||
399 | int | |
400 | -do_readdir(struct sftp_conn *conn, char *path, SFTP_DIRENT ***dir) | |
401 | +do_readdir(struct sftp_conn *conn, const char *path, SFTP_DIRENT ***dir) | |
402 | { | |
403 | return(do_lsreaddir(conn, path, 0, dir)); | |
404 | } | |
405 | @@ -589,7 +589,7 @@ void free_sftp_dirents(SFTP_DIRENT **s) | |
406 | } | |
407 | ||
408 | int | |
409 | -do_rm(struct sftp_conn *conn, char *path) | |
410 | +do_rm(struct sftp_conn *conn, const char *path) | |
411 | { | |
412 | u_int status, id; | |
413 | ||
414 | @@ -604,7 +604,7 @@ do_rm(struct sftp_conn *conn, char *path | |
415 | } | |
416 | ||
417 | int | |
418 | -do_mkdir(struct sftp_conn *conn, char *path, Attrib *a, int printflag) | |
419 | +do_mkdir(struct sftp_conn *conn, const char *path, Attrib *a, int printflag) | |
420 | { | |
421 | u_int status, id; | |
422 | ||
423 | @@ -620,7 +620,7 @@ do_mkdir(struct sftp_conn *conn, char *p | |
424 | } | |
425 | ||
426 | int | |
427 | -do_rmdir(struct sftp_conn *conn, char *path) | |
428 | +do_rmdir(struct sftp_conn *conn, const char *path) | |
429 | { | |
430 | u_int status, id; | |
431 | ||
432 | @@ -636,7 +636,7 @@ do_rmdir(struct sftp_conn *conn, char *p | |
433 | } | |
434 | ||
435 | Attrib * | |
436 | -do_stat(struct sftp_conn *conn, char *path, int quiet) | |
437 | +do_stat(struct sftp_conn *conn, const char *path, int quiet) | |
438 | { | |
439 | u_int id; | |
440 | ||
441 | @@ -650,7 +650,7 @@ do_stat(struct sftp_conn *conn, char *pa | |
442 | } | |
443 | ||
444 | Attrib * | |
445 | -do_lstat(struct sftp_conn *conn, char *path, int quiet) | |
446 | +do_lstat(struct sftp_conn *conn, const char *path, int quiet) | |
447 | { | |
448 | u_int id; | |
449 | ||
450 | @@ -684,7 +684,7 @@ do_fstat(struct sftp_conn *conn, char *h | |
451 | #endif | |
452 | ||
453 | int | |
454 | -do_setstat(struct sftp_conn *conn, char *path, Attrib *a) | |
455 | +do_setstat(struct sftp_conn *conn, const char *path, Attrib *a) | |
456 | { | |
457 | u_int status, id; | |
458 | ||
459 | @@ -701,7 +701,7 @@ do_setstat(struct sftp_conn *conn, char | |
460 | } | |
461 | ||
462 | int | |
463 | -do_fsetstat(struct sftp_conn *conn, char *handle, u_int handle_len, | |
464 | +do_fsetstat(struct sftp_conn *conn, const char *handle, u_int handle_len, | |
465 | Attrib *a) | |
466 | { | |
467 | u_int status, id; | |
468 | @@ -718,12 +718,12 @@ do_fsetstat(struct sftp_conn *conn, char | |
469 | } | |
470 | ||
471 | char * | |
472 | -do_realpath(struct sftp_conn *conn, char *path) | |
473 | +do_realpath(struct sftp_conn *conn, const char *path) | |
474 | { | |
475 | Buffer msg; | |
476 | u_int type, expected_id, count, id; | |
477 | char *filename, *longname; | |
478 | - Attrib *a; | |
479 | +/*UNUSED Attrib *a; */ | |
480 | ||
481 | expected_id = id = conn->msg_id++; | |
482 | send_string_request(conn, id, SSH2_FXP_REALPATH, path, | |
483 | @@ -754,7 +754,7 @@ do_realpath(struct sftp_conn *conn, char | |
484 | ||
485 | filename = buffer_get_string(&msg, NULL); | |
486 | longname = buffer_get_string(&msg, NULL); | |
487 | - a = decode_attrib(&msg); | |
488 | + /*a =*/ (void) decode_attrib(&msg); | |
489 | ||
490 | debug3("SSH_FXP_REALPATH %s -> %s", path, filename); | |
491 | ||
492 | @@ -766,7 +766,7 @@ do_realpath(struct sftp_conn *conn, char | |
493 | } | |
494 | ||
495 | int | |
496 | -do_rename(struct sftp_conn *conn, char *oldpath, char *newpath) | |
497 | +do_rename(struct sftp_conn *conn, const char *oldpath, const char *newpath) | |
498 | { | |
499 | Buffer msg; | |
500 | u_int status, id; | |
501 | @@ -800,7 +800,7 @@ do_rename(struct sftp_conn *conn, char * | |
502 | } | |
503 | ||
504 | int | |
505 | -do_hardlink(struct sftp_conn *conn, char *oldpath, char *newpath) | |
506 | +do_hardlink(struct sftp_conn *conn, const char *oldpath, const char *newpath) | |
507 | { | |
508 | Buffer msg; | |
509 | u_int status, id; | |
510 | @@ -833,7 +833,7 @@ do_hardlink(struct sftp_conn *conn, char | |
511 | } | |
512 | ||
513 | int | |
514 | -do_symlink(struct sftp_conn *conn, char *oldpath, char *newpath) | |
515 | +do_symlink(struct sftp_conn *conn, const char *oldpath, const char *newpath) | |
516 | { | |
517 | Buffer msg; | |
518 | u_int status, id; | |
519 | @@ -984,7 +984,7 @@ send_read_request(struct sftp_conn *conn | |
520 | } | |
521 | ||
522 | int | |
523 | -do_download(struct sftp_conn *conn, char *remote_path, char *local_path, | |
524 | +do_download(struct sftp_conn *conn, const char *remote_path, const char *local_path, | |
525 | Attrib *a, int pflag) | |
526 | { | |
527 | Attrib junk; | |
528 | @@ -1223,7 +1223,7 @@ do_download(struct sftp_conn *conn, char | |
529 | } | |
530 | ||
531 | static int | |
532 | -download_dir_internal(struct sftp_conn *conn, char *src, char *dst, | |
533 | +download_dir_internal(struct sftp_conn *conn, const char *src, const char *dst, | |
534 | Attrib *dirattrib, int pflag, int printflag, int depth) | |
535 | { | |
536 | int i, ret = 0; | |
537 | @@ -1313,7 +1313,7 @@ download_dir_internal(struct sftp_conn * | |
538 | } | |
539 | ||
540 | int | |
541 | -download_dir(struct sftp_conn *conn, char *src, char *dst, | |
542 | +download_dir(struct sftp_conn *conn, const char *src, const char *dst, | |
543 | Attrib *dirattrib, int pflag, int printflag) | |
544 | { | |
545 | char *src_canon; | |
546 | @@ -1331,7 +1331,7 @@ download_dir(struct sftp_conn *conn, cha | |
547 | } | |
548 | ||
549 | int | |
550 | -do_upload(struct sftp_conn *conn, char *local_path, char *remote_path, | |
551 | +do_upload(struct sftp_conn *conn, const char *local_path, const char *remote_path, | |
552 | int pflag) | |
553 | { | |
554 | int local_fd; | |
555 | @@ -1514,7 +1514,7 @@ do_upload(struct sftp_conn *conn, char * | |
556 | } | |
557 | ||
558 | static int | |
559 | -upload_dir_internal(struct sftp_conn *conn, char *src, char *dst, | |
560 | +upload_dir_internal(struct sftp_conn *conn, const char *src, const char *dst, | |
561 | int pflag, int printflag, int depth) | |
562 | { | |
563 | int ret = 0, status; | |
564 | @@ -1605,7 +1605,7 @@ upload_dir_internal(struct sftp_conn *co | |
565 | } | |
566 | ||
567 | int | |
568 | -upload_dir(struct sftp_conn *conn, char *src, char *dst, int printflag, | |
569 | +upload_dir(struct sftp_conn *conn, const char *src, const char *dst, int printflag, | |
570 | int pflag) | |
571 | { | |
572 | char *dst_canon; | |
573 | @@ -1622,7 +1622,7 @@ upload_dir(struct sftp_conn *conn, char | |
574 | } | |
575 | ||
576 | char * | |
577 | -path_append(char *p1, char *p2) | |
578 | +path_append(const char *p1, const char *p2) | |
579 | { | |
580 | char *ret; | |
581 | size_t len = strlen(p1) + strlen(p2) + 2; | |
582 | diff -up openssh-5.9p1/sftp-client.h.coverity openssh-5.9p1/sftp-client.h | |
583 | --- openssh-5.9p1/sftp-client.h.coverity 2010-12-04 23:02:48.000000000 +0100 | |
584 | +++ openssh-5.9p1/sftp-client.h 2011-09-14 08:09:49.021583940 +0200 | |
585 | @@ -56,49 +56,49 @@ struct sftp_conn *do_init(int, int, u_in | |
586 | u_int sftp_proto_version(struct sftp_conn *); | |
587 | ||
588 | /* Close file referred to by 'handle' */ | |
589 | -int do_close(struct sftp_conn *, char *, u_int); | |
590 | +int do_close(struct sftp_conn *, const char *, u_int); | |
591 | ||
592 | /* Read contents of 'path' to NULL-terminated array 'dir' */ | |
593 | -int do_readdir(struct sftp_conn *, char *, SFTP_DIRENT ***); | |
594 | +int do_readdir(struct sftp_conn *, const char *, SFTP_DIRENT ***); | |
595 | ||
596 | /* Frees a NULL-terminated array of SFTP_DIRENTs (eg. from do_readdir) */ | |
597 | void free_sftp_dirents(SFTP_DIRENT **); | |
598 | ||
599 | /* Delete file 'path' */ | |
600 | -int do_rm(struct sftp_conn *, char *); | |
601 | +int do_rm(struct sftp_conn *, const char *); | |
602 | ||
603 | /* Create directory 'path' */ | |
604 | -int do_mkdir(struct sftp_conn *, char *, Attrib *, int); | |
605 | +int do_mkdir(struct sftp_conn *, const char *, Attrib *, int); | |
606 | ||
607 | /* Remove directory 'path' */ | |
608 | -int do_rmdir(struct sftp_conn *, char *); | |
609 | +int do_rmdir(struct sftp_conn *, const char *); | |
610 | ||
611 | /* Get file attributes of 'path' (follows symlinks) */ | |
612 | -Attrib *do_stat(struct sftp_conn *, char *, int); | |
613 | +Attrib *do_stat(struct sftp_conn *, const char *, int); | |
614 | ||
615 | /* Get file attributes of 'path' (does not follow symlinks) */ | |
616 | -Attrib *do_lstat(struct sftp_conn *, char *, int); | |
617 | +Attrib *do_lstat(struct sftp_conn *, const char *, int); | |
618 | ||
619 | /* Set file attributes of 'path' */ | |
620 | -int do_setstat(struct sftp_conn *, char *, Attrib *); | |
621 | +int do_setstat(struct sftp_conn *, const char *, Attrib *); | |
622 | ||
623 | /* Set file attributes of open file 'handle' */ | |
624 | -int do_fsetstat(struct sftp_conn *, char *, u_int, Attrib *); | |
625 | +int do_fsetstat(struct sftp_conn *, const char *, u_int, Attrib *); | |
626 | ||
627 | /* Canonicalise 'path' - caller must free result */ | |
628 | -char *do_realpath(struct sftp_conn *, char *); | |
629 | +char *do_realpath(struct sftp_conn *, const char *); | |
630 | ||
631 | /* Get statistics for filesystem hosting file at "path" */ | |
632 | int do_statvfs(struct sftp_conn *, const char *, struct sftp_statvfs *, int); | |
633 | ||
634 | /* Rename 'oldpath' to 'newpath' */ | |
635 | -int do_rename(struct sftp_conn *, char *, char *); | |
636 | +int do_rename(struct sftp_conn *, const char *, const char *); | |
637 | ||
638 | /* Link 'oldpath' to 'newpath' */ | |
639 | -int do_hardlink(struct sftp_conn *, char *, char *); | |
640 | +int do_hardlink(struct sftp_conn *, const char *, const char *); | |
641 | ||
642 | -/* Rename 'oldpath' to 'newpath' */ | |
643 | -int do_symlink(struct sftp_conn *, char *, char *); | |
644 | +/* Symlink 'oldpath' to 'newpath' */ | |
645 | +int do_symlink(struct sftp_conn *, const char *, const char *); | |
646 | ||
647 | /* XXX: add callbacks to do_download/do_upload so we can do progress meter */ | |
648 | ||
649 | @@ -106,27 +106,27 @@ int do_symlink(struct sftp_conn *, char | |
650 | * Download 'remote_path' to 'local_path'. Preserve permissions and times | |
651 | * if 'pflag' is set | |
652 | */ | |
653 | -int do_download(struct sftp_conn *, char *, char *, Attrib *, int); | |
654 | +int do_download(struct sftp_conn *, const char *, const char *, Attrib *, int); | |
655 | ||
656 | /* | |
657 | * Recursively download 'remote_directory' to 'local_directory'. Preserve | |
658 | * times if 'pflag' is set | |
659 | */ | |
660 | -int download_dir(struct sftp_conn *, char *, char *, Attrib *, int, int); | |
661 | +int download_dir(struct sftp_conn *, const char *, const char *, Attrib *, int, int); | |
662 | ||
663 | /* | |
664 | * Upload 'local_path' to 'remote_path'. Preserve permissions and times | |
665 | * if 'pflag' is set | |
666 | */ | |
667 | -int do_upload(struct sftp_conn *, char *, char *, int); | |
668 | +int do_upload(struct sftp_conn *, const char *, const char *, int); | |
669 | ||
670 | /* | |
671 | * Recursively upload 'local_directory' to 'remote_directory'. Preserve | |
672 | * times if 'pflag' is set | |
673 | */ | |
674 | -int upload_dir(struct sftp_conn *, char *, char *, int, int); | |
675 | +int upload_dir(struct sftp_conn *, const char *, const char *, int, int); | |
676 | ||
677 | /* Concatenate paths, taking care of slashes. Caller must free result. */ | |
678 | -char *path_append(char *, char *); | |
679 | +char *path_append(const char *, const char *); | |
680 | ||
681 | #endif | |
682 | diff -up openssh-5.9p1/sftp.c.coverity openssh-5.9p1/sftp.c | |
683 | --- openssh-5.9p1/sftp.c.coverity 2010-12-04 23:02:48.000000000 +0100 | |
684 | +++ openssh-5.9p1/sftp.c 2011-09-14 08:09:49.468493585 +0200 | |
685 | @@ -206,7 +206,7 @@ killchild(int signo) | |
686 | { | |
687 | if (sshpid > 1) { | |
688 | kill(sshpid, SIGTERM); | |
689 | - waitpid(sshpid, NULL, 0); | |
690 | + (void) waitpid(sshpid, NULL, 0); | |
691 | } | |
692 | ||
693 | _exit(1); | |
694 | @@ -316,7 +316,7 @@ local_do_ls(const char *args) | |
695 | ||
696 | /* Strip one path (usually the pwd) from the start of another */ | |
697 | static char * | |
698 | -path_strip(char *path, char *strip) | |
699 | +path_strip(const char *path, const char *strip) | |
700 | { | |
701 | size_t len; | |
702 | ||
703 | @@ -334,7 +334,7 @@ path_strip(char *path, char *strip) | |
704 | } | |
705 | ||
706 | static char * | |
707 | -make_absolute(char *p, char *pwd) | |
708 | +make_absolute(char *p, const char *pwd) | |
709 | { | |
710 | char *abs_str; | |
711 | ||
712 | @@ -482,7 +482,7 @@ parse_df_flags(const char *cmd, char **a | |
713 | } | |
714 | ||
715 | static int | |
716 | -is_dir(char *path) | |
717 | +is_dir(const char *path) | |
718 | { | |
719 | struct stat sb; | |
720 | ||
721 | @@ -494,7 +494,7 @@ is_dir(char *path) | |
722 | } | |
723 | ||
724 | static int | |
725 | -remote_is_dir(struct sftp_conn *conn, char *path) | |
726 | +remote_is_dir(struct sftp_conn *conn, const char *path) | |
727 | { | |
728 | Attrib *a; | |
729 | ||
730 | @@ -508,7 +508,7 @@ remote_is_dir(struct sftp_conn *conn, ch | |
731 | ||
732 | /* Check whether path returned from glob(..., GLOB_MARK, ...) is a directory */ | |
733 | static int | |
734 | -pathname_is_dir(char *pathname) | |
735 | +pathname_is_dir(const char *pathname) | |
736 | { | |
737 | size_t l = strlen(pathname); | |
738 | ||
739 | @@ -516,7 +516,7 @@ pathname_is_dir(char *pathname) | |
740 | } | |
741 | ||
742 | static int | |
743 | -process_get(struct sftp_conn *conn, char *src, char *dst, char *pwd, | |
744 | +process_get(struct sftp_conn *conn, const char *src, const char *dst, const char *pwd, | |
745 | int pflag, int rflag) | |
746 | { | |
747 | char *abs_src = NULL; | |
748 | @@ -590,7 +590,7 @@ out: | |
749 | } | |
750 | ||
751 | static int | |
752 | -process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd, | |
753 | +process_put(struct sftp_conn *conn, const char *src, const char *dst, const char *pwd, | |
754 | int pflag, int rflag) | |
755 | { | |
756 | char *tmp_dst = NULL; | |
757 | @@ -695,7 +695,7 @@ sdirent_comp(const void *aa, const void | |
758 | ||
759 | /* sftp ls.1 replacement for directories */ | |
760 | static int | |
761 | -do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag) | |
762 | +do_ls_dir(struct sftp_conn *conn, const char *path, const char *strip_path, int lflag) | |
763 | { | |
764 | int n; | |
765 | u_int c = 1, colspace = 0, columns = 1; | |
766 | @@ -780,10 +780,10 @@ do_ls_dir(struct sftp_conn *conn, char * | |
767 | ||
768 | /* sftp ls.1 replacement which handles path globs */ | |
769 | static int | |
770 | -do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path, | |
771 | +do_globbed_ls(struct sftp_conn *conn, const char *path, const char *strip_path, | |
772 | int lflag) | |
773 | { | |
774 | - Attrib *a = NULL; | |
775 | +/*UNUSED Attrib *a = NULL;*/ | |
776 | char *fname, *lname; | |
777 | glob_t g; | |
778 | int err; | |
779 | @@ -828,7 +828,7 @@ do_globbed_ls(struct sftp_conn *conn, ch | |
780 | colspace = width / columns; | |
781 | } | |
782 | ||
783 | - for (i = 0; g.gl_pathv[i] && !interrupted; i++, a = NULL) { | |
784 | + for (i = 0; g.gl_pathv[i] && !interrupted; i++/*, a = NULL*/) { | |
785 | fname = path_strip(g.gl_pathv[i], strip_path); | |
786 | if (lflag & LS_LONG_VIEW) { | |
787 | if (g.gl_statv[i] == NULL) { | |
788 | @@ -861,7 +861,7 @@ do_globbed_ls(struct sftp_conn *conn, ch | |
789 | } | |
790 | ||
791 | static int | |
792 | -do_df(struct sftp_conn *conn, char *path, int hflag, int iflag) | |
793 | +do_df(struct sftp_conn *conn, const char *path, int hflag, int iflag) | |
794 | { | |
795 | struct sftp_statvfs st; | |
796 | char s_used[FMT_SCALED_STRSIZE]; | |
797 | diff -up openssh-5.9p1/ssh-agent.c.coverity openssh-5.9p1/ssh-agent.c | |
798 | --- openssh-5.9p1/ssh-agent.c.coverity 2011-06-03 06:14:16.000000000 +0200 | |
799 | +++ openssh-5.9p1/ssh-agent.c 2011-09-14 08:09:49.572460295 +0200 | |
800 | @@ -1147,8 +1147,8 @@ main(int ac, char **av) | |
801 | sanitise_stdfd(); | |
802 | ||
803 | /* drop */ | |
804 | - setegid(getgid()); | |
805 | - setgid(getgid()); | |
806 | + (void) setegid(getgid()); | |
807 | + (void) setgid(getgid()); | |
808 | ||
809 | #if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE) | |
810 | /* Disable ptrace on Linux without sgid bit */ | |
811 | diff -up openssh-5.9p1/sshd.c.coverity openssh-5.9p1/sshd.c | |
812 | --- openssh-5.9p1/sshd.c.coverity 2011-06-23 11:45:51.000000000 +0200 | |
813 | +++ openssh-5.9p1/sshd.c 2011-09-14 08:09:49.687509968 +0200 | |
814 | @@ -676,8 +676,10 @@ privsep_preauth(Authctxt *authctxt) | |
815 | if (getuid() == 0 || geteuid() == 0) | |
816 | privsep_preauth_child(); | |
817 | setproctitle("%s", "[net]"); | |
818 | - if (box != NULL) | |
819 | + if (box != NULL) { | |
820 | ssh_sandbox_child(box); | |
821 | + xfree(box); | |
822 | + } | |
823 | ||
824 | return 0; | |
825 | } | |
826 | @@ -1302,6 +1304,9 @@ server_accept_loop(int *sock_in, int *so | |
827 | if (num_listen_socks < 0) | |
828 | break; | |
829 | } | |
830 | + | |
831 | + if (fdset != NULL) | |
832 | + xfree(fdset); | |
833 | } | |
834 | ||
835 | ||
836 | @@ -1774,7 +1779,7 @@ main(int ac, char **av) | |
837 | ||
838 | /* Chdir to the root directory so that the current disk can be | |
839 | unmounted if desired. */ | |
840 | - chdir("/"); | |
841 | + (void) chdir("/"); | |
842 | ||
843 | /* ignore SIGPIPE */ | |
844 | signal(SIGPIPE, SIG_IGN); |