]> git.ipfire.org Git - people/ms/ipfire-3.x.git/blob - openssh/patches/openssh-6.1p1-coverity.patch
tinc: Update to 1.0.19.
[people/ms/ipfire-3.x.git] / openssh / patches / openssh-6.1p1-coverity.patch
1 diff -up openssh-6.1p1/auth-pam.c.coverity openssh-6.1p1/auth-pam.c
2 --- openssh-6.1p1/auth-pam.c.coverity 2009-07-12 14:07:21.000000000 +0200
3 +++ openssh-6.1p1/auth-pam.c 2012-09-14 21:16:41.264906486 +0200
4 @@ -216,7 +216,12 @@ pthread_join(sp_pthread_t thread, void *
5 if (sshpam_thread_status != -1)
6 return (sshpam_thread_status);
7 signal(SIGCHLD, sshpam_oldsig);
8 - waitpid(thread, &status, 0);
9 + while (waitpid(thread, &status, 0) < 0) {
10 + if (errno == EINTR)
11 + continue;
12 + fatal("%s: waitpid: %s", __func__,
13 + strerror(errno));
14 + }
15 return (status);
16 }
17 #endif
18 diff -up openssh-6.1p1/clientloop.c.coverity openssh-6.1p1/clientloop.c
19 --- openssh-6.1p1/clientloop.c.coverity 2012-06-20 14:31:27.000000000 +0200
20 +++ openssh-6.1p1/clientloop.c 2012-09-14 21:16:41.267906501 +0200
21 @@ -2006,14 +2006,15 @@ client_input_global_request(int type, u_
22 char *rtype;
23 int want_reply;
24 int success = 0;
25 +/* success is still 0 the packet is allways SSH2_MSG_REQUEST_FAILURE, isn't it? */
26
27 rtype = packet_get_string(NULL);
28 want_reply = packet_get_char();
29 debug("client_input_global_request: rtype %s want_reply %d",
30 rtype, want_reply);
31 if (want_reply) {
32 - packet_start(success ?
33 - SSH2_MSG_REQUEST_SUCCESS : SSH2_MSG_REQUEST_FAILURE);
34 + packet_start(/*success ?
35 + SSH2_MSG_REQUEST_SUCCESS :*/ SSH2_MSG_REQUEST_FAILURE);
36 packet_send();
37 packet_write_wait();
38 }
39 diff -up openssh-6.1p1/channels.c.coverity openssh-6.1p1/channels.c
40 --- openssh-6.1p1/channels.c.coverity 2012-04-23 10:21:05.000000000 +0200
41 +++ openssh-6.1p1/channels.c 2012-09-14 21:16:41.272906528 +0200
42 @@ -232,11 +232,11 @@ channel_register_fds(Channel *c, int rfd
43 channel_max_fd = MAX(channel_max_fd, wfd);
44 channel_max_fd = MAX(channel_max_fd, efd);
45
46 - if (rfd != -1)
47 + if (rfd >= 0)
48 fcntl(rfd, F_SETFD, FD_CLOEXEC);
49 - if (wfd != -1 && wfd != rfd)
50 + if (wfd >= 0 && wfd != rfd)
51 fcntl(wfd, F_SETFD, FD_CLOEXEC);
52 - if (efd != -1 && efd != rfd && efd != wfd)
53 + if (efd >= 0 && efd != rfd && efd != wfd)
54 fcntl(efd, F_SETFD, FD_CLOEXEC);
55
56 c->rfd = rfd;
57 @@ -251,11 +251,11 @@ channel_register_fds(Channel *c, int rfd
58
59 /* enable nonblocking mode */
60 if (nonblock) {
61 - if (rfd != -1)
62 + if (rfd >= 0)
63 set_nonblock(rfd);
64 - if (wfd != -1)
65 + if (wfd >= 0)
66 set_nonblock(wfd);
67 - if (efd != -1)
68 + if (efd >= 0)
69 set_nonblock(efd);
70 }
71 }
72 diff -up openssh-6.1p1/key.c.coverity openssh-6.1p1/key.c
73 --- openssh-6.1p1/key.c.coverity 2012-06-30 12:05:02.000000000 +0200
74 +++ openssh-6.1p1/key.c 2012-09-14 21:16:41.274906537 +0200
75 @@ -808,8 +808,10 @@ key_read(Key *ret, char **cpp)
76 success = 1;
77 /*XXXX*/
78 key_free(k);
79 +/*XXXX
80 if (success != 1)
81 break;
82 +XXXX*/
83 /* advance cp: skip whitespace and data */
84 while (*cp == ' ' || *cp == '\t')
85 cp++;
86 diff -up openssh-6.1p1/monitor.c.coverity openssh-6.1p1/monitor.c
87 --- openssh-6.1p1/monitor.c.coverity 2012-06-30 00:33:17.000000000 +0200
88 +++ openssh-6.1p1/monitor.c 2012-09-14 21:16:41.277906552 +0200
89 @@ -420,7 +420,7 @@ monitor_child_preauth(Authctxt *_authctx
90 }
91
92 /* Drain any buffered messages from the child */
93 - while (pmonitor->m_log_recvfd != -1 && monitor_read_log(pmonitor) == 0)
94 + while (pmonitor->m_log_recvfd >= 0 && monitor_read_log(pmonitor) == 0)
95 ;
96
97 if (!authctxt->valid)
98 @@ -1159,6 +1159,10 @@ mm_answer_keyallowed(int sock, Buffer *m
99 break;
100 }
101 }
102 +
103 + debug3("%s: key %p is %s",
104 + __func__, key, allowed ? "allowed" : "not allowed");
105 +
106 if (key != NULL)
107 key_free(key);
108
109 @@ -1180,9 +1184,6 @@ mm_answer_keyallowed(int sock, Buffer *m
110 xfree(chost);
111 }
112
113 - debug3("%s: key %p is %s",
114 - __func__, key, allowed ? "allowed" : "not allowed");
115 -
116 buffer_clear(m);
117 buffer_put_int(m, allowed);
118 buffer_put_int(m, forced_command != NULL);
119 diff -up openssh-6.1p1/monitor_wrap.c.coverity openssh-6.1p1/monitor_wrap.c
120 --- openssh-6.1p1/monitor_wrap.c.coverity 2011-06-20 06:42:23.000000000 +0200
121 +++ openssh-6.1p1/monitor_wrap.c 2012-09-14 21:16:41.280906568 +0200
122 @@ -707,10 +707,10 @@ mm_pty_allocate(int *ptyfd, int *ttyfd,
123 if ((tmp1 = dup(pmonitor->m_recvfd)) == -1 ||
124 (tmp2 = dup(pmonitor->m_recvfd)) == -1) {
125 error("%s: cannot allocate fds for pty", __func__);
126 - if (tmp1 > 0)
127 + if (tmp1 >= 0)
128 close(tmp1);
129 - if (tmp2 > 0)
130 - close(tmp2);
131 + /*DEAD CODE if (tmp2 >= 0)
132 + close(tmp2);*/
133 return 0;
134 }
135 close(tmp1);
136 diff -up openssh-6.1p1/openbsd-compat/bindresvport.c.coverity openssh-6.1p1/openbsd-compat/bindresvport.c
137 --- openssh-6.1p1/openbsd-compat/bindresvport.c.coverity 2010-12-03 00:50:26.000000000 +0100
138 +++ openssh-6.1p1/openbsd-compat/bindresvport.c 2012-09-14 21:16:41.281906573 +0200
139 @@ -58,7 +58,7 @@ bindresvport_sa(int sd, struct sockaddr
140 struct sockaddr_in6 *in6;
141 u_int16_t *portp;
142 u_int16_t port;
143 - socklen_t salen;
144 + socklen_t salen = sizeof(struct sockaddr_storage);
145 int i;
146
147 if (sa == NULL) {
148 diff -up openssh-6.1p1/packet.c.coverity openssh-6.1p1/packet.c
149 --- openssh-6.1p1/packet.c.coverity 2012-03-09 00:28:07.000000000 +0100
150 +++ openssh-6.1p1/packet.c 2012-09-14 21:16:41.284906588 +0200
151 @@ -1177,6 +1177,7 @@ packet_read_poll1(void)
152 case DEATTACK_DETECTED:
153 packet_disconnect("crc32 compensation attack: "
154 "network attack detected");
155 + break;
156 case DEATTACK_DOS_DETECTED:
157 packet_disconnect("deattack denial of "
158 "service detected");
159 @@ -1678,7 +1679,7 @@ void
160 packet_write_wait(void)
161 {
162 fd_set *setp;
163 - int ret, ms_remain;
164 + int ret, ms_remain = 0;
165 struct timeval start, timeout, *timeoutp = NULL;
166
167 setp = (fd_set *)xcalloc(howmany(active_state->connection_out + 1,
168 diff -up openssh-6.1p1/progressmeter.c.coverity openssh-6.1p1/progressmeter.c
169 --- openssh-6.1p1/progressmeter.c.coverity 2006-08-05 04:39:40.000000000 +0200
170 +++ openssh-6.1p1/progressmeter.c 2012-09-14 21:16:41.285906593 +0200
171 @@ -65,7 +65,7 @@ static void update_progress_meter(int);
172
173 static time_t start; /* start progress */
174 static time_t last_update; /* last progress update */
175 -static char *file; /* name of the file being transferred */
176 +static const char *file; /* name of the file being transferred */
177 static off_t end_pos; /* ending position of transfer */
178 static off_t cur_pos; /* transfer position as of last refresh */
179 static volatile off_t *counter; /* progress counter */
180 @@ -247,7 +247,7 @@ update_progress_meter(int ignore)
181 }
182
183 void
184 -start_progress_meter(char *f, off_t filesize, off_t *ctr)
185 +start_progress_meter(const char *f, off_t filesize, off_t *ctr)
186 {
187 start = last_update = time(NULL);
188 file = f;
189 diff -up openssh-6.1p1/progressmeter.h.coverity openssh-6.1p1/progressmeter.h
190 --- openssh-6.1p1/progressmeter.h.coverity 2006-03-26 05:30:02.000000000 +0200
191 +++ openssh-6.1p1/progressmeter.h 2012-09-14 21:16:41.286906598 +0200
192 @@ -23,5 +23,5 @@
193 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
194 */
195
196 -void start_progress_meter(char *, off_t, off_t *);
197 +void start_progress_meter(const char *, off_t, off_t *);
198 void stop_progress_meter(void);
199 diff -up openssh-6.1p1/scp.c.coverity openssh-6.1p1/scp.c
200 --- openssh-6.1p1/scp.c.coverity 2011-09-22 13:38:01.000000000 +0200
201 +++ openssh-6.1p1/scp.c 2012-09-14 21:16:41.288906608 +0200
202 @@ -155,7 +155,7 @@ killchild(int signo)
203 {
204 if (do_cmd_pid > 1) {
205 kill(do_cmd_pid, signo ? signo : SIGTERM);
206 - waitpid(do_cmd_pid, NULL, 0);
207 + (void) waitpid(do_cmd_pid, NULL, 0);
208 }
209
210 if (signo)
211 diff -up openssh-6.1p1/servconf.c.coverity openssh-6.1p1/servconf.c
212 --- openssh-6.1p1/servconf.c.coverity 2012-07-31 04:22:38.000000000 +0200
213 +++ openssh-6.1p1/servconf.c 2012-09-14 21:16:41.291906623 +0200
214 @@ -1249,7 +1249,7 @@ process_server_config_line(ServerOptions
215 fatal("%s line %d: Missing subsystem name.",
216 filename, linenum);
217 if (!*activep) {
218 - arg = strdelim(&cp);
219 + /*arg =*/ (void) strdelim(&cp);
220 break;
221 }
222 for (i = 0; i < options->num_subsystems; i++)
223 @@ -1340,8 +1340,9 @@ process_server_config_line(ServerOptions
224 if (*activep && *charptr == NULL) {
225 *charptr = tilde_expand_filename(arg, getuid());
226 /* increase optional counter */
227 - if (intptr != NULL)
228 - *intptr = *intptr + 1;
229 + /* DEAD CODE intptr is still NULL ;)
230 + if (intptr != NULL)
231 + *intptr = *intptr + 1; */
232 }
233 break;
234
235 diff -up openssh-6.1p1/serverloop.c.coverity openssh-6.1p1/serverloop.c
236 --- openssh-6.1p1/serverloop.c.coverity 2012-06-20 14:31:27.000000000 +0200
237 +++ openssh-6.1p1/serverloop.c 2012-09-14 21:16:41.294906638 +0200
238 @@ -147,13 +147,13 @@ notify_setup(void)
239 static void
240 notify_parent(void)
241 {
242 - if (notify_pipe[1] != -1)
243 + if (notify_pipe[1] >= 0)
244 write(notify_pipe[1], "", 1);
245 }
246 static void
247 notify_prepare(fd_set *readset)
248 {
249 - if (notify_pipe[0] != -1)
250 + if (notify_pipe[0] >= 0)
251 FD_SET(notify_pipe[0], readset);
252 }
253 static void
254 @@ -161,8 +161,8 @@ notify_done(fd_set *readset)
255 {
256 char c;
257
258 - if (notify_pipe[0] != -1 && FD_ISSET(notify_pipe[0], readset))
259 - while (read(notify_pipe[0], &c, 1) != -1)
260 + if (notify_pipe[0] >= 0 && FD_ISSET(notify_pipe[0], readset))
261 + while (read(notify_pipe[0], &c, 1) >= 0)
262 debug2("notify_done: reading");
263 }
264
265 @@ -336,7 +336,7 @@ wait_until_can_do_something(fd_set **rea
266 * If we have buffered data, try to write some of that data
267 * to the program.
268 */
269 - if (fdin != -1 && buffer_len(&stdin_buffer) > 0)
270 + if (fdin >= 0 && buffer_len(&stdin_buffer) > 0)
271 FD_SET(fdin, *writesetp);
272 }
273 notify_prepare(*readsetp);
274 @@ -476,7 +476,7 @@ process_output(fd_set *writeset)
275 int len;
276
277 /* Write buffered data to program stdin. */
278 - if (!compat20 && fdin != -1 && FD_ISSET(fdin, writeset)) {
279 + if (!compat20 && fdin >= 0 && FD_ISSET(fdin, writeset)) {
280 data = buffer_ptr(&stdin_buffer);
281 dlen = buffer_len(&stdin_buffer);
282 len = write(fdin, data, dlen);
283 @@ -589,7 +589,7 @@ server_loop(pid_t pid, int fdin_arg, int
284 set_nonblock(fdin);
285 set_nonblock(fdout);
286 /* we don't have stderr for interactive terminal sessions, see below */
287 - if (fderr != -1)
288 + if (fderr >= 0)
289 set_nonblock(fderr);
290
291 if (!(datafellows & SSH_BUG_IGNOREMSG) && isatty(fdin))
292 @@ -613,7 +613,7 @@ server_loop(pid_t pid, int fdin_arg, int
293 max_fd = MAX(connection_in, connection_out);
294 max_fd = MAX(max_fd, fdin);
295 max_fd = MAX(max_fd, fdout);
296 - if (fderr != -1)
297 + if (fderr >= 0)
298 max_fd = MAX(max_fd, fderr);
299 #endif
300
301 @@ -643,7 +643,7 @@ server_loop(pid_t pid, int fdin_arg, int
302 * If we have received eof, and there is no more pending
303 * input data, cause a real eof by closing fdin.
304 */
305 - if (stdin_eof && fdin != -1 && buffer_len(&stdin_buffer) == 0) {
306 + if (stdin_eof && fdin >= 0 && buffer_len(&stdin_buffer) == 0) {
307 if (fdin != fdout)
308 close(fdin);
309 else
310 @@ -741,15 +741,15 @@ server_loop(pid_t pid, int fdin_arg, int
311 buffer_free(&stderr_buffer);
312
313 /* Close the file descriptors. */
314 - if (fdout != -1)
315 + if (fdout >= 0)
316 close(fdout);
317 fdout = -1;
318 fdout_eof = 1;
319 - if (fderr != -1)
320 + if (fderr >= 0)
321 close(fderr);
322 fderr = -1;
323 fderr_eof = 1;
324 - if (fdin != -1)
325 + if (fdin >= 0)
326 close(fdin);
327 fdin = -1;
328
329 @@ -943,7 +943,7 @@ server_input_window_size(int type, u_int
330
331 debug("Window change received.");
332 packet_check_eom();
333 - if (fdin != -1)
334 + if (fdin >= 0)
335 pty_change_window_size(fdin, row, col, xpixel, ypixel);
336 }
337
338 @@ -996,7 +996,7 @@ server_request_tun(void)
339 }
340
341 tun = packet_get_int();
342 - if (forced_tun_device != -1) {
343 + if (forced_tun_device >= 0) {
344 if (tun != SSH_TUNID_ANY && forced_tun_device != tun)
345 goto done;
346 tun = forced_tun_device;
347 diff -up openssh-6.1p1/sftp.c.coverity openssh-6.1p1/sftp.c
348 --- openssh-6.1p1/sftp.c.coverity 2012-06-30 00:33:32.000000000 +0200
349 +++ openssh-6.1p1/sftp.c 2012-09-14 21:16:41.297906653 +0200
350 @@ -206,7 +206,7 @@ killchild(int signo)
351 {
352 if (sshpid > 1) {
353 kill(sshpid, SIGTERM);
354 - waitpid(sshpid, NULL, 0);
355 + (void) waitpid(sshpid, NULL, 0);
356 }
357
358 _exit(1);
359 @@ -316,7 +316,7 @@ local_do_ls(const char *args)
360
361 /* Strip one path (usually the pwd) from the start of another */
362 static char *
363 -path_strip(char *path, char *strip)
364 +path_strip(const char *path, const char *strip)
365 {
366 size_t len;
367
368 @@ -334,7 +334,7 @@ path_strip(char *path, char *strip)
369 }
370
371 static char *
372 -make_absolute(char *p, char *pwd)
373 +make_absolute(char *p, const char *pwd)
374 {
375 char *abs_str;
376
377 @@ -482,7 +482,7 @@ parse_df_flags(const char *cmd, char **a
378 }
379
380 static int
381 -is_dir(char *path)
382 +is_dir(const char *path)
383 {
384 struct stat sb;
385
386 @@ -494,7 +494,7 @@ is_dir(char *path)
387 }
388
389 static int
390 -remote_is_dir(struct sftp_conn *conn, char *path)
391 +remote_is_dir(struct sftp_conn *conn, const char *path)
392 {
393 Attrib *a;
394
395 @@ -508,7 +508,7 @@ remote_is_dir(struct sftp_conn *conn, ch
396
397 /* Check whether path returned from glob(..., GLOB_MARK, ...) is a directory */
398 static int
399 -pathname_is_dir(char *pathname)
400 +pathname_is_dir(const char *pathname)
401 {
402 size_t l = strlen(pathname);
403
404 @@ -516,7 +516,7 @@ pathname_is_dir(char *pathname)
405 }
406
407 static int
408 -process_get(struct sftp_conn *conn, char *src, char *dst, char *pwd,
409 +process_get(struct sftp_conn *conn, const char *src, const char *dst, const char *pwd,
410 int pflag, int rflag)
411 {
412 char *abs_src = NULL;
413 @@ -590,7 +590,7 @@ out:
414 }
415
416 static int
417 -process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd,
418 +process_put(struct sftp_conn *conn, const char *src, const char *dst, const char *pwd,
419 int pflag, int rflag)
420 {
421 char *tmp_dst = NULL;
422 @@ -695,7 +695,7 @@ sdirent_comp(const void *aa, const void
423
424 /* sftp ls.1 replacement for directories */
425 static int
426 -do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag)
427 +do_ls_dir(struct sftp_conn *conn, const char *path, const char *strip_path, int lflag)
428 {
429 int n;
430 u_int c = 1, colspace = 0, columns = 1;
431 @@ -780,7 +780,7 @@ do_ls_dir(struct sftp_conn *conn, char *
432
433 /* sftp ls.1 replacement which handles path globs */
434 static int
435 -do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path,
436 +do_globbed_ls(struct sftp_conn *conn, const char *path, const char *strip_path,
437 int lflag)
438 {
439 char *fname, *lname;
440 @@ -861,7 +861,7 @@ do_globbed_ls(struct sftp_conn *conn, ch
441 }
442
443 static int
444 -do_df(struct sftp_conn *conn, char *path, int hflag, int iflag)
445 +do_df(struct sftp_conn *conn, const char *path, int hflag, int iflag)
446 {
447 struct sftp_statvfs st;
448 char s_used[FMT_SCALED_STRSIZE];
449 diff -up openssh-6.1p1/sftp-client.c.coverity openssh-6.1p1/sftp-client.c
450 --- openssh-6.1p1/sftp-client.c.coverity 2012-07-02 14:15:39.000000000 +0200
451 +++ openssh-6.1p1/sftp-client.c 2012-09-14 21:18:16.891332281 +0200
452 @@ -149,7 +149,7 @@ get_msg(struct sftp_conn *conn, Buffer *
453 }
454
455 static void
456 -send_string_request(struct sftp_conn *conn, u_int id, u_int code, char *s,
457 +send_string_request(struct sftp_conn *conn, u_int id, u_int code, const char *s,
458 u_int len)
459 {
460 Buffer msg;
461 @@ -165,7 +165,7 @@ send_string_request(struct sftp_conn *co
462
463 static void
464 send_string_attrs_request(struct sftp_conn *conn, u_int id, u_int code,
465 - char *s, u_int len, Attrib *a)
466 + const char *s, u_int len, Attrib *a)
467 {
468 Buffer msg;
469
470 @@ -422,7 +422,7 @@ sftp_proto_version(struct sftp_conn *con
471 }
472
473 int
474 -do_close(struct sftp_conn *conn, char *handle, u_int handle_len)
475 +do_close(struct sftp_conn *conn, const char *handle, u_int handle_len)
476 {
477 u_int id, status;
478 Buffer msg;
479 @@ -447,7 +447,7 @@ do_close(struct sftp_conn *conn, char *h
480
481
482 static int
483 -do_lsreaddir(struct sftp_conn *conn, char *path, int printflag,
484 +do_lsreaddir(struct sftp_conn *conn, const char *path, int printflag,
485 SFTP_DIRENT ***dir)
486 {
487 Buffer msg;
488 @@ -572,7 +572,7 @@ do_lsreaddir(struct sftp_conn *conn, cha
489 }
490
491 int
492 -do_readdir(struct sftp_conn *conn, char *path, SFTP_DIRENT ***dir)
493 +do_readdir(struct sftp_conn *conn, const char *path, SFTP_DIRENT ***dir)
494 {
495 return(do_lsreaddir(conn, path, 0, dir));
496 }
497 @@ -590,7 +590,7 @@ void free_sftp_dirents(SFTP_DIRENT **s)
498 }
499
500 int
501 -do_rm(struct sftp_conn *conn, char *path)
502 +do_rm(struct sftp_conn *conn, const char *path)
503 {
504 u_int status, id;
505
506 @@ -605,7 +605,7 @@ do_rm(struct sftp_conn *conn, char *path
507 }
508
509 int
510 -do_mkdir(struct sftp_conn *conn, char *path, Attrib *a, int printflag)
511 +do_mkdir(struct sftp_conn *conn, const char *path, Attrib *a, int printflag)
512 {
513 u_int status, id;
514
515 @@ -621,7 +621,7 @@ do_mkdir(struct sftp_conn *conn, char *p
516 }
517
518 int
519 -do_rmdir(struct sftp_conn *conn, char *path)
520 +do_rmdir(struct sftp_conn *conn, const char *path)
521 {
522 u_int status, id;
523
524 @@ -637,7 +637,7 @@ do_rmdir(struct sftp_conn *conn, char *p
525 }
526
527 Attrib *
528 -do_stat(struct sftp_conn *conn, char *path, int quiet)
529 +do_stat(struct sftp_conn *conn, const char *path, int quiet)
530 {
531 u_int id;
532
533 @@ -651,7 +651,7 @@ do_stat(struct sftp_conn *conn, char *pa
534 }
535
536 Attrib *
537 -do_lstat(struct sftp_conn *conn, char *path, int quiet)
538 +do_lstat(struct sftp_conn *conn, const char *path, int quiet)
539 {
540 u_int id;
541
542 @@ -685,7 +685,7 @@ do_fstat(struct sftp_conn *conn, char *h
543 #endif
544
545 int
546 -do_setstat(struct sftp_conn *conn, char *path, Attrib *a)
547 +do_setstat(struct sftp_conn *conn, const char *path, Attrib *a)
548 {
549 u_int status, id;
550
551 @@ -702,7 +702,7 @@ do_setstat(struct sftp_conn *conn, char
552 }
553
554 int
555 -do_fsetstat(struct sftp_conn *conn, char *handle, u_int handle_len,
556 +do_fsetstat(struct sftp_conn *conn, const char *handle, u_int handle_len,
557 Attrib *a)
558 {
559 u_int status, id;
560 @@ -719,7 +719,7 @@ do_fsetstat(struct sftp_conn *conn, char
561 }
562
563 char *
564 -do_realpath(struct sftp_conn *conn, char *path)
565 +do_realpath(struct sftp_conn *conn, const char *path)
566 {
567 Buffer msg;
568 u_int type, expected_id, count, id;
569 @@ -768,7 +768,7 @@ do_realpath(struct sftp_conn *conn, char
570 }
571
572 int
573 -do_rename(struct sftp_conn *conn, char *oldpath, char *newpath)
574 +do_rename(struct sftp_conn *conn, const char *oldpath, const char *newpath)
575 {
576 Buffer msg;
577 u_int status, id;
578 @@ -802,7 +802,7 @@ do_rename(struct sftp_conn *conn, char *
579 }
580
581 int
582 -do_hardlink(struct sftp_conn *conn, char *oldpath, char *newpath)
583 +do_hardlink(struct sftp_conn *conn, const char *oldpath, const char *newpath)
584 {
585 Buffer msg;
586 u_int status, id;
587 @@ -835,7 +835,7 @@ do_hardlink(struct sftp_conn *conn, char
588 }
589
590 int
591 -do_symlink(struct sftp_conn *conn, char *oldpath, char *newpath)
592 +do_symlink(struct sftp_conn *conn, const char *oldpath, const char *newpath)
593 {
594 Buffer msg;
595 u_int status, id;
596 @@ -987,7 +987,7 @@ send_read_request(struct sftp_conn *conn
597 }
598
599 int
600 -do_download(struct sftp_conn *conn, char *remote_path, char *local_path,
601 +do_download(struct sftp_conn *conn, const char *remote_path, const char *local_path,
602 Attrib *a, int pflag)
603 {
604 Attrib junk;
605 @@ -1226,7 +1226,7 @@ do_download(struct sftp_conn *conn, char
606 }
607
608 static int
609 -download_dir_internal(struct sftp_conn *conn, char *src, char *dst,
610 +download_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
611 Attrib *dirattrib, int pflag, int printflag, int depth)
612 {
613 int i, ret = 0;
614 @@ -1316,7 +1316,7 @@ download_dir_internal(struct sftp_conn *
615 }
616
617 int
618 -download_dir(struct sftp_conn *conn, char *src, char *dst,
619 +download_dir(struct sftp_conn *conn, const char *src, const char *dst,
620 Attrib *dirattrib, int pflag, int printflag)
621 {
622 char *src_canon;
623 @@ -1334,7 +1334,7 @@ download_dir(struct sftp_conn *conn, cha
624 }
625
626 int
627 -do_upload(struct sftp_conn *conn, char *local_path, char *remote_path,
628 +do_upload(struct sftp_conn *conn, const char *local_path, const char *remote_path,
629 int pflag)
630 {
631 int local_fd;
632 @@ -1517,7 +1517,7 @@ do_upload(struct sftp_conn *conn, char *
633 }
634
635 static int
636 -upload_dir_internal(struct sftp_conn *conn, char *src, char *dst,
637 +upload_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
638 int pflag, int printflag, int depth)
639 {
640 int ret = 0, status;
641 @@ -1608,7 +1608,7 @@ upload_dir_internal(struct sftp_conn *co
642 }
643
644 int
645 -upload_dir(struct sftp_conn *conn, char *src, char *dst, int printflag,
646 +upload_dir(struct sftp_conn *conn, const char *src, const char *dst, int printflag,
647 int pflag)
648 {
649 char *dst_canon;
650 @@ -1625,7 +1625,7 @@ upload_dir(struct sftp_conn *conn, char
651 }
652
653 char *
654 -path_append(char *p1, char *p2)
655 +path_append(const char *p1, const char *p2)
656 {
657 char *ret;
658 size_t len = strlen(p1) + strlen(p2) + 2;
659 diff -up openssh-6.1p1/sftp-client.h.coverity openssh-6.1p1/sftp-client.h
660 --- openssh-6.1p1/sftp-client.h.coverity 2010-12-04 23:02:48.000000000 +0100
661 +++ openssh-6.1p1/sftp-client.h 2012-09-14 21:16:41.301906674 +0200
662 @@ -56,49 +56,49 @@ struct sftp_conn *do_init(int, int, u_in
663 u_int sftp_proto_version(struct sftp_conn *);
664
665 /* Close file referred to by 'handle' */
666 -int do_close(struct sftp_conn *, char *, u_int);
667 +int do_close(struct sftp_conn *, const char *, u_int);
668
669 /* Read contents of 'path' to NULL-terminated array 'dir' */
670 -int do_readdir(struct sftp_conn *, char *, SFTP_DIRENT ***);
671 +int do_readdir(struct sftp_conn *, const char *, SFTP_DIRENT ***);
672
673 /* Frees a NULL-terminated array of SFTP_DIRENTs (eg. from do_readdir) */
674 void free_sftp_dirents(SFTP_DIRENT **);
675
676 /* Delete file 'path' */
677 -int do_rm(struct sftp_conn *, char *);
678 +int do_rm(struct sftp_conn *, const char *);
679
680 /* Create directory 'path' */
681 -int do_mkdir(struct sftp_conn *, char *, Attrib *, int);
682 +int do_mkdir(struct sftp_conn *, const char *, Attrib *, int);
683
684 /* Remove directory 'path' */
685 -int do_rmdir(struct sftp_conn *, char *);
686 +int do_rmdir(struct sftp_conn *, const char *);
687
688 /* Get file attributes of 'path' (follows symlinks) */
689 -Attrib *do_stat(struct sftp_conn *, char *, int);
690 +Attrib *do_stat(struct sftp_conn *, const char *, int);
691
692 /* Get file attributes of 'path' (does not follow symlinks) */
693 -Attrib *do_lstat(struct sftp_conn *, char *, int);
694 +Attrib *do_lstat(struct sftp_conn *, const char *, int);
695
696 /* Set file attributes of 'path' */
697 -int do_setstat(struct sftp_conn *, char *, Attrib *);
698 +int do_setstat(struct sftp_conn *, const char *, Attrib *);
699
700 /* Set file attributes of open file 'handle' */
701 -int do_fsetstat(struct sftp_conn *, char *, u_int, Attrib *);
702 +int do_fsetstat(struct sftp_conn *, const char *, u_int, Attrib *);
703
704 /* Canonicalise 'path' - caller must free result */
705 -char *do_realpath(struct sftp_conn *, char *);
706 +char *do_realpath(struct sftp_conn *, const char *);
707
708 /* Get statistics for filesystem hosting file at "path" */
709 int do_statvfs(struct sftp_conn *, const char *, struct sftp_statvfs *, int);
710
711 /* Rename 'oldpath' to 'newpath' */
712 -int do_rename(struct sftp_conn *, char *, char *);
713 +int do_rename(struct sftp_conn *, const char *, const char *);
714
715 /* Link 'oldpath' to 'newpath' */
716 -int do_hardlink(struct sftp_conn *, char *, char *);
717 +int do_hardlink(struct sftp_conn *, const char *, const char *);
718
719 -/* Rename 'oldpath' to 'newpath' */
720 -int do_symlink(struct sftp_conn *, char *, char *);
721 +/* Symlink 'oldpath' to 'newpath' */
722 +int do_symlink(struct sftp_conn *, const char *, const char *);
723
724 /* XXX: add callbacks to do_download/do_upload so we can do progress meter */
725
726 @@ -106,27 +106,27 @@ int do_symlink(struct sftp_conn *, char
727 * Download 'remote_path' to 'local_path'. Preserve permissions and times
728 * if 'pflag' is set
729 */
730 -int do_download(struct sftp_conn *, char *, char *, Attrib *, int);
731 +int do_download(struct sftp_conn *, const char *, const char *, Attrib *, int);
732
733 /*
734 * Recursively download 'remote_directory' to 'local_directory'. Preserve
735 * times if 'pflag' is set
736 */
737 -int download_dir(struct sftp_conn *, char *, char *, Attrib *, int, int);
738 +int download_dir(struct sftp_conn *, const char *, const char *, Attrib *, int, int);
739
740 /*
741 * Upload 'local_path' to 'remote_path'. Preserve permissions and times
742 * if 'pflag' is set
743 */
744 -int do_upload(struct sftp_conn *, char *, char *, int);
745 +int do_upload(struct sftp_conn *, const char *, const char *, int);
746
747 /*
748 * Recursively upload 'local_directory' to 'remote_directory'. Preserve
749 * times if 'pflag' is set
750 */
751 -int upload_dir(struct sftp_conn *, char *, char *, int, int);
752 +int upload_dir(struct sftp_conn *, const char *, const char *, int, int);
753
754 /* Concatenate paths, taking care of slashes. Caller must free result. */
755 -char *path_append(char *, char *);
756 +char *path_append(const char *, const char *);
757
758 #endif
759 diff -up openssh-6.1p1/ssh-agent.c.coverity openssh-6.1p1/ssh-agent.c
760 --- openssh-6.1p1/ssh-agent.c.coverity 2011-06-03 06:14:16.000000000 +0200
761 +++ openssh-6.1p1/ssh-agent.c 2012-09-14 21:16:41.303906683 +0200
762 @@ -1147,8 +1147,8 @@ main(int ac, char **av)
763 sanitise_stdfd();
764
765 /* drop */
766 - setegid(getgid());
767 - setgid(getgid());
768 + (void) setegid(getgid());
769 + (void) setgid(getgid());
770
771 #if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE)
772 /* Disable ptrace on Linux without sgid bit */
773 diff -up openssh-6.1p1/sshd.c.coverity openssh-6.1p1/sshd.c
774 --- openssh-6.1p1/sshd.c.coverity 2012-07-31 04:21:34.000000000 +0200
775 +++ openssh-6.1p1/sshd.c 2012-09-14 21:16:41.307906705 +0200
776 @@ -682,8 +682,10 @@ privsep_preauth(Authctxt *authctxt)
777 if (getuid() == 0 || geteuid() == 0)
778 privsep_preauth_child();
779 setproctitle("%s", "[net]");
780 - if (box != NULL)
781 + if (box != NULL) {
782 ssh_sandbox_child(box);
783 + xfree(box);
784 + }
785
786 return 0;
787 }
788 @@ -1311,6 +1313,9 @@ server_accept_loop(int *sock_in, int *so
789 if (num_listen_socks < 0)
790 break;
791 }
792 +
793 + if (fdset != NULL)
794 + xfree(fdset);
795 }
796
797
798 @@ -1768,7 +1773,7 @@ main(int ac, char **av)
799
800 /* Chdir to the root directory so that the current disk can be
801 unmounted if desired. */
802 - chdir("/");
803 + (void) chdir("/");
804
805 /* ignore SIGPIPE */
806 signal(SIGPIPE, SIG_IGN);