clang analysis fixes, assert arc4random buffer in init,

no check for already checked delegation pointer in iterator,
in testcode check for NULL packet matches, in perf do not copy
from NULL start list when growing capacity.  Adjust host and file
only when present in test header read to please checker.  In
testcode for unknown macro operand give zero result. Initialise the
passed argv array in test code.  In test code add EDNS data
segment copy only when nonempty.

git-svn-id: file:///svn/unbound/trunk@5070 be551aaa-1e26-0410-a405-d3ace91eadb9

diff --git a/compat/arc4random.c b/compat/arc4random.c
index bcef0ec90f8aa47696f492f9fcbd3d05015ea71c..b536d3143d422120900557ce03f3dde8f240ad94 100644 (file)
--- a/compat/arc4random.c
+++ b/compat/arc4random.c
@@ -140,6 +140,7 @@ nodevrandom:
 static inline void
 _rs_init(u_char *buf, size_t n)
 {
+       assert(buf);
        if (n < KEYSZ + IVSZ)
                return;
 

diff --git a/doc/Changelog b/doc/Changelog
index b3fd66c1465415144eb53c322e482787e5f6e914..3bd7d86c4710b89aaa1d30abdab30a72e73438bf 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -2,6 +2,14 @@
        - Newer aclocal and libtoolize used for generating configure scripts,
          aclocal 1.16.1 and libtoolize 2.4.6.
        - Fix unit test for python 3.7 new keyword 'async'.
+       - clang analysis fixes, assert arc4random buffer in init,
+         no check for already checked delegation pointer in iterator,
+         in testcode check for NULL packet matches, in perf do not copy
+         from NULL start list when growing capacity.  Adjust host and file
+         only when present in test header read to please checker.  In
+         testcode for unknown macro operand give zero result. Initialise the
+         passed argv array in test code.  In test code add EDNS data
+         segment copy only when nonempty.
 
 23 January 2018: Wouter
        - Patch from Manabu Sonoda with tls-ciphers and tls-ciphersuites

diff --git a/iterator/iterator.c b/iterator/iterator.c
index 7a62e128129ccffcaa6015824db55e266cbc9d02..a3b52806a8893452f38057cd2777806da2e3d832 100644 (file)
--- a/iterator/iterator.c
+++ b/iterator/iterator.c
@@ -2299,7 +2299,7 @@ processQueryTargets(struct module_qstate* qstate, struct iter_qstate* iq,
                errinf(qstate, "auth zone lookup failed, fallback is off");
                return error_response(qstate, id, LDNS_RCODE_SERVFAIL);
        }
-       if(iq->dp && iq->dp->auth_dp) {
+       if(iq->dp->auth_dp) {
                /* we wanted to fallback, but had no delegpt, only the
                 * auth zone generated delegpt, create an actual one */
                iq->auth_zone_avoid = 1;

diff --git a/testcode/fake_event.c b/testcode/fake_event.c
index 016f70e3d7d64f77a0d6631db804e05539b4f1d9..4fb9bc8ed683f01e2eedffdaa4210a490fcc5083 100644 (file)
--- a/testcode/fake_event.c
+++ b/testcode/fake_event.c
@@ -385,7 +385,7 @@ answer_callback_from_entry(struct replay_runtime* runtime,
        repinfo.addrlen = pend->addrlen;
        memcpy(&repinfo.addr, &pend->addr, pend->addrlen);
        if(!pend->serviced) {
-               if(entry->reply_list->next &&
+               if(entry && entry->reply_list->next &&
                        pend->tcp_pkt_counter < count_reply_packets(entry)) {
                        /* go to next packet next time */
                        pend->tcp_pkt_counter++;
@@ -509,7 +509,7 @@ fake_pending_callback(struct replay_runtime* runtime,
        repinfo.addrlen = p->addrlen;
        memcpy(&repinfo.addr, &p->addr, p->addrlen);
        if(!p->serviced) {
-               if(todo->match->reply_list->next && !error &&
+               if(todo->match && todo->match->reply_list->next && !error &&
                        p->tcp_pkt_counter < count_reply_packets(todo->match)) {
                        /* go to next packet next time */
                        p->tcp_pkt_counter++;

diff --git a/testcode/perf.c b/testcode/perf.c
index 32a5307edb1587b4ad78b28113e2af1295471309..8e4c5fe9113ec1b60717324e46efa7311875cfaf 100644 (file)
--- a/testcode/perf.c
+++ b/testcode/perf.c
@@ -513,10 +513,12 @@ qlist_grow_capacity(struct perfinfo* info)
        uint8_t** d = (uint8_t**)calloc(sizeof(uint8_t*), newcap);
        size_t* l = (size_t*)calloc(sizeof(size_t), newcap);
        if(!d || !l) fatal_exit("out of memory");
-       memcpy(d, info->qlist_data, sizeof(uint8_t*)*
-               info->qlist_capacity);
-       memcpy(l, info->qlist_len, sizeof(size_t)*
-               info->qlist_capacity);
+       if(info->qlist_data)
+               memcpy(d, info->qlist_data, sizeof(uint8_t*)*
+                       info->qlist_capacity);
+       if(info->qlist_len)
+               memcpy(l, info->qlist_len, sizeof(size_t)*
+                       info->qlist_capacity);
        free(info->qlist_data);
        free(info->qlist_len);
        info->qlist_data = d;

diff --git a/testcode/petal.c b/testcode/petal.c
index e1f5f43417e3a94398742c1179cb801a01054cbc..a733017a470bbfec606ba5177faabfce410a0bf7 100644 (file)
--- a/testcode/petal.c
+++ b/testcode/petal.c
@@ -323,9 +323,9 @@ file_name_is_safe(char* s)
        return 1;
 }
 
-/** adjust host and filename */
+/** adjust host */
 static void
-adjust_host_file(char* host, char* file)
+adjust_host(char* host)
 {
        size_t i, len;
        /* remove a port number if present */
@@ -335,6 +335,13 @@ adjust_host_file(char* host, char* file)
        len = strlen(host);
        for(i=0; i<len; i++)
                host[i] = tolower((unsigned char)host[i]);
+}
+
+/** adjust filename */
+static void
+adjust_file(char* file)
+{
+       size_t i, len;
        len = strlen(file);
        for(i=0; i<len; i++)
                file[i] = tolower((unsigned char)file[i]);
@@ -534,7 +541,8 @@ service_ssl(SSL* ssl, struct sockaddr_storage* from, socklen_t falen)
        if(!read_http_headers(ssl, file, sizeof(file), host, sizeof(host),
                &vs))
                return;
-       adjust_host_file(host, file);
+       if(host[0] != 0) adjust_host(host);
+       if(file[0] != 0) adjust_file(file);
        if(host[0] == 0 || !host_name_is_safe(host))
                (void)strlcpy(host, "default", sizeof(host));
        if(!file_name_is_safe(file)) {

diff --git a/testcode/replay.c b/testcode/replay.c
index 93a600425ca12d8a31a0abac3113a312242d654a..84ce50441b1e9afbbf9aa0d17e95ad8cae35fe9d 100644 (file)
--- a/testcode/replay.c
+++ b/testcode/replay.c
@@ -715,6 +715,7 @@ perform_arith(double x, char op, double y, double* res)
                *res = x*y;
                break;
        default:
+               *res = 0;
                return 0;
        }
 

diff --git a/testcode/testbound.c b/testcode/testbound.c
index cea74c593540cd7b90260f30f156a015baa93991..246bc6735b450aac4fb19f3816289b1e1dd23224 100644 (file)
--- a/testcode/testbound.c
+++ b/testcode/testbound.c
@@ -344,6 +344,7 @@ main(int argc, char* argv[])
 
        /* we do not want the test to depend on the timezone */
        (void)putenv("TZ=UTC");
+       memset(pass_argv, 0, sizeof(pass_argv));
 
        log_init(NULL, 0, NULL);
        /* determine commandline options for the daemon */

diff --git a/testcode/testpkts.c b/testcode/testpkts.c
index 1d89c38fc8f1ca30a5c2e457466c53f48d076718..6c90567aa321a772410f139ca4657edcd6f387e6 100644 (file)
--- a/testcode/testpkts.c
+++ b/testcode/testpkts.c
@@ -513,7 +513,8 @@ add_edns(uint8_t* pktbuf, size_t pktsize, int do_flag, uint8_t *ednsdata,
        if(*pktlen + sizeof(edns) + ednslen > pktsize)
                error("not enough space for EDNS OPT record");
        memmove(pktbuf+*pktlen, edns, sizeof(edns));
-       memmove(pktbuf+*pktlen+sizeof(edns), ednsdata, ednslen);
+       if(ednsdata && ednslen)
+               memmove(pktbuf+*pktlen+sizeof(edns), ednsdata, ednslen);
        sldns_write_uint16(pktbuf+10, LDNS_ARCOUNT(pktbuf)+1);
        *pktlen += (sizeof(edns) + ednslen);
 }