Annotate fs_check_call (CID #1271307) (#4778)

The unlink() call (the use of the toctou) does check its return
code. Also, it's not liwted among the UseSet functions in "TOCTTOU
Vulnerabilities in Unix-Style File Systems: An Anatomical Study",
https://www.usenix.org/legacy/events/fast05/tech/full_papers/wei/wei.pdf

diff --git a/src/listen/control/proto_control_unix.c b/src/listen/control/proto_control_unix.c
index 1669c02881a8e20bed21e42abcd0ceef7b2c9685..97417e01c89fcf12a6f5ea85398905217029bd4f 100644 (file)
--- a/src/listen/control/proto_control_unix.c
+++ b/src/listen/control/proto_control_unix.c
@@ -414,6 +414,7 @@ static int fr_server_domain_socket_peercred(char const *path, uid_t UNUSED uid,
        /*
         *      Check the path.
         */
+       /* coverity[fs_check_call] */
        if (stat(path, &buf) < 0) {
                if (errno != ENOENT) {
                        fr_strerror_printf("Failed to stat %s: %s", path, fr_syserror(errno));