From: Remi Gacogne Date: Thu, 31 Dec 2015 13:24:20 +0000 (+0100) Subject: Fix several issues reported by coverity X-Git-Tag: dnsdist-1.0.0-alpha2~125^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b841314c1b2de950eaaba081b127dbf70f4bc3f5;p=thirdparty%2Fpdns.git Fix several issues reported by coverity --- diff --git a/pdns/iputils.hh b/pdns/iputils.hh index e15d26a954..e2b9741f69 100644 --- a/pdns/iputils.hh +++ b/pdns/iputils.hh @@ -657,7 +657,7 @@ public: } if (node) { for(auto it = _nodes.begin(); it != _nodes.end(); it++) - if (node->node4.get() == *it) _nodes.erase(it); + if (node->node6.get() == *it) _nodes.erase(it); node->node6.reset(); } } diff --git a/pdns/lua-pdns.cc b/pdns/lua-pdns.cc index 22eaaacf2f..879d0c1a5e 100644 --- a/pdns/lua-pdns.cc +++ b/pdns/lua-pdns.cc @@ -230,7 +230,7 @@ void popResourceRecordsTable(lua_State *lua, const DNSName &query, vector(tmpnum); + rr.d_class = tmpnum; } diff --git a/pdns/pdns_recursor.cc b/pdns/pdns_recursor.cc index 83991f7c97..42f2e239ca 100644 --- a/pdns/pdns_recursor.cc +++ b/pdns/pdns_recursor.cc @@ -945,7 +945,7 @@ void startDoResolve(void *p) g_stats.answersSlow++; uint64_t newLat=(uint64_t)(spent*1000000); - newLat = min(newLat,(uint64_t)(g_networkTimeoutMsec*1000)); // outliers of several minutes exist.. + newLat = min(newLat,(uint64_t)(((uint64_t) g_networkTimeoutMsec)*1000)); // outliers of several minutes exist.. g_stats.avgLatencyUsec=(1-1.0/g_latencyStatSize)*g_stats.avgLatencyUsec + (float)newLat/g_latencyStatSize; // no worries, we do this for packet cache hits elsewhere // cout<d_mdp.d_qname<<"\t"<getUsec()<<"\t"< conn=any_cast >(var); if(conn->state==TCPConnection::BYTE0) { - int bytes=recv(conn->getFD(), conn->data, 2, 0); + ssize_t bytes=recv(conn->getFD(), conn->data, 2, 0); if(bytes==1) conn->state=TCPConnection::BYTE1; if(bytes==2) { @@ -1019,7 +1019,7 @@ void handleRunningTCPQuestion(int fd, FDMultiplexer::funcparam_t& var) } } else if(conn->state==TCPConnection::BYTE1) { - int bytes=recv(conn->getFD(), conn->data+1, 1, 0); + ssize_t bytes=recv(conn->getFD(), conn->data+1, 1, 0); if(bytes==1) { conn->state=TCPConnection::GETQUESTION; conn->qlen=(((unsigned char)conn->data[0]) << 8)+ (unsigned char)conn->data[1]; @@ -1033,13 +1033,13 @@ void handleRunningTCPQuestion(int fd, FDMultiplexer::funcparam_t& var) } } else if(conn->state==TCPConnection::GETQUESTION) { - int bytes=recv(conn->getFD(), conn->data + conn->bytesread, conn->qlen - conn->bytesread, 0); - if(!bytes || bytes < 0) { + ssize_t bytes=recv(conn->getFD(), conn->data + conn->bytesread, conn->qlen - conn->bytesread, 0); + if(!bytes || bytes < 0 || bytes > UINT16_MAX) { L<d_remote.toString() <<" disconnected while reading question body"<removeReadFD(fd); return; } - conn->bytesread+=bytes; + conn->bytesread+=(uint16_t)bytes; if(conn->bytesread==conn->qlen) { t_fdm->removeReadFD(fd); // should no longer awake ourselves when there is data to read @@ -1085,7 +1085,7 @@ void handleNewTCPQuestion(int fd, FDMultiplexer::funcparam_t& ) ComboAddress addr; socklen_t addrlen=sizeof(addr); int newsock=(int)accept(fd, (struct sockaddr*)&addr, &addrlen); - if(newsock>0) { + if(newsock>=0) { if(MT->numProcesses() > g_maxMThreads) { g_stats.overCapacityDrops++; closesocket(newsock); @@ -1639,8 +1639,10 @@ void broadcastFunction(const pipefunc_t& func, bool skipSelf) ThreadMSG* tmsg = new ThreadMSG(); tmsg->func = func; tmsg->wantAnswer = true; - if(write(tps.writeToThread, &tmsg, sizeof(tmsg)) != sizeof(tmsg)) + if(write(tps.writeToThread, &tmsg, sizeof(tmsg)) != sizeof(tmsg)) { + delete tmsg; unixDie("write to thread pipe returned wrong size or error"); + } string* resp; if(read(tps.readFromThread, &resp, sizeof(resp)) != sizeof(resp)) @@ -1668,8 +1670,10 @@ void distributeAsyncFunction(const string& packet, const pipefunc_t& func) tmsg->func = func; tmsg->wantAnswer = false; - if(write(tps.writeToThread, &tmsg, sizeof(tmsg)) != sizeof(tmsg)) + if(write(tps.writeToThread, &tmsg, sizeof(tmsg)) != sizeof(tmsg)) { + delete tmsg; unixDie("write to thread pipe returned wrong size or error"); + } } void handlePipeRequest(int fd, FDMultiplexer::funcparam_t& var) @@ -1743,9 +1747,10 @@ template T broadcastAccFunction(const boost::function& func, bool tmsg->func = boost::bind(voider, func); tmsg->wantAnswer = true; - if(write(tps.writeToThread, &tmsg, sizeof(tmsg)) != sizeof(tmsg)) + if(write(tps.writeToThread, &tmsg, sizeof(tmsg)) != sizeof(tmsg)) { + delete tmsg; unixDie("write to thread pipe returned wrong size or error"); - + } T* resp; if(read(tps.readFromThread, &resp, sizeof(resp)) != sizeof(resp)) diff --git a/pdns/pubsuffix.hh b/pdns/pubsuffix.hh index abf9570aaf..a91cd12f87 100644 --- a/pdns/pubsuffix.hh +++ b/pdns/pubsuffix.hh @@ -1,3 +1,3 @@ #ifndef PDNS_PUBSUFFIX_HH -extern const char* g_pubsuffix; +extern const char* g_pubsuffix[]; #endif diff --git a/pdns/rec_channel.cc b/pdns/rec_channel.cc index a539643e48..50ddcef444 100644 --- a/pdns/rec_channel.cc +++ b/pdns/rec_channel.cc @@ -114,7 +114,8 @@ void RecursorControlChannel::send(const std::string& msg, const std::string* rem memset(&remoteaddr, 0, sizeof(remoteaddr)); remoteaddr.sun_family=AF_UNIX; - strcpy(remoteaddr.sun_path, remote->c_str()); + strncpy(remoteaddr.sun_path, remote->c_str(), sizeof(remoteaddr.sun_path)); + remoteaddr.sun_path[sizeof(remoteaddr.sun_path)-1] = '\0'; if(::sendto(d_fd, msg.c_str(), msg.length(), 0, (struct sockaddr*) &remoteaddr, sizeof(remoteaddr) ) < 0) throw PDNSException("Unable to send message over control channel '"+*remote+"': "+string(strerror(errno))); diff --git a/pdns/rec_channel_rec.cc b/pdns/rec_channel_rec.cc index 15a33ab9a8..e1f7a4130a 100644 --- a/pdns/rec_channel_rec.cc +++ b/pdns/rec_channel_rec.cc @@ -776,7 +776,7 @@ namespace { void sortPublicSuffixList() { - for(const char** p=&g_pubsuffix; *p; ++p) { + for(const char** p=g_pubsuffix; *p; ++p) { string low=toLower(*p); vector parts; diff --git a/pdns/resolver.cc b/pdns/resolver.cc index d0eafe6ecb..9c35d28655 100644 --- a/pdns/resolver.cc +++ b/pdns/resolver.cc @@ -158,6 +158,8 @@ uint16_t Resolver::sendResolve(const ComboAddress& remote, const ComboAddress& l } else { // try to make socket sock = makeQuerySocket(local, true); + if (sock < 0) + throw ResolverException("Unable to create socket to "+remote.toStringWithPort()+": "+stringerror()); setNonBlocking( sock ); locals[lstr] = sock; } @@ -385,6 +387,8 @@ AXFRRetriever::AXFRRetriever(const ComboAddress& remote, d_sock = -1; try { d_sock = makeQuerySocket(local, false); // make a TCP socket + if (d_sock < 0) + throw ResolverException("Error creating socket for AXFR request to "+d_remote.toStringWithPort()); d_buf = shared_array(new char[65536]); d_remote = remote; // mostly for error reporting this->connect(); @@ -430,6 +434,7 @@ AXFRRetriever::AXFRRetriever(const ComboAddress& remote, catch(...) { if(d_sock >= 0) close(d_sock); + d_sock = -1; throw; } } diff --git a/pdns/syncres.hh b/pdns/syncres.hh index 17d4ede5fe..d892dd0c51 100644 --- a/pdns/syncres.hh +++ b/pdns/syncres.hh @@ -610,9 +610,9 @@ public: { return d_fd; } - enum stateenum {BYTE0, BYTE1, GETQUESTION, DONE} state; - int qlen; - int bytesread; + enum stateenum {BYTE0, BYTE1, GETQUESTION, DONE} state{BYTE0}; + uint16_t qlen{0}; + uint16_t bytesread{0}; const ComboAddress d_remote; char data[65535]; // damn diff --git a/pdns/validate.cc b/pdns/validate.cc index e37933eaf5..7714f2e09a 100644 --- a/pdns/validate.cc +++ b/pdns/validate.cc @@ -69,7 +69,10 @@ static dState getDenial(cspmap_t &validrrsets, DNSName qname, uint16_t qtype) if(qtype == QType::DS && optout) return INSECURE; } } - dState ret; + /* NODATA is not really appropriate here, but we + just need to return something else than INSECURE. + */ + dState ret = NODATA; return ret; }