From: Victor Julien <vjulien@oisf.net>
Date: Tue, 15 Feb 2022 06:56:57 +0000 (+0100)
Subject: swf: fix coverity warnings
X-Git-Tag: suricata-5.0.9~93
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c259621773e2d44527ff2e5c74c998fea7f1687a;p=thirdparty%2Fsuricata.git

swf: fix coverity warnings

*** CID 1499365:    (UNINIT)
/src/util-file-swf-decompression.c: 98 in FileSwfZlibDecompression()
92         infstream.avail_in = (uInt)compressed_data_len;
93         infstream.next_in = (Bytef *)compressed_data;
94         infstream.avail_out = (uInt)decompressed_data_len;
95         infstream.next_out = (Bytef *)decompressed_data;
96
97         inflateInit(&infstream);

>>>     CID 1499365:    (UNINIT)
>>>     Using uninitialized value "infstream.total_out" when calling "inflate".
98         int result = inflate(&infstream, Z_NO_FLUSH);
99         switch(result) {
100             case Z_STREAM_END:
101                 break;
102             case Z_OK:
103                 break;

/src/util-file-swf-decompression.c: 98 in FileSwfZlibDecompression()
92         infstream.avail_in = (uInt)compressed_data_len;
93         infstream.next_in = (Bytef *)compressed_data;
94         infstream.avail_out = (uInt)decompressed_data_len;
95         infstream.next_out = (Bytef *)decompressed_data;
96
97         inflateInit(&infstream);

>>>     CID 1499365:    (UNINIT)
>>>     Using uninitialized value "infstream.total_out" when calling "inflate".
98         int result = inflate(&infstream, Z_NO_FLUSH);
99         switch(result) {
100             case Z_STREAM_END:
101                 break;
102             case Z_OK:
103                 break;

*** CID 1499363:  Error handling issues  (CHECKED_RETURN)
/src/util-file-swf-decompression.c: 97 in FileSwfZlibDecompression()
91
92         infstream.avail_in = (uInt)compressed_data_len;
93         infstream.next_in = (Bytef *)compressed_data;
94         infstream.avail_out = (uInt)decompressed_data_len;
95         infstream.next_out = (Bytef *)decompressed_data;
96
>>>     CID 1499363:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "inflateInit_(&infstream, "1.2.11", 112)" without checking return value. This library function may fail and return an error code.
97         inflateInit(&infstream);
98         int result = inflate(&infstream, Z_NO_FLUSH);
99         switch(result) {
100             case Z_STREAM_END:
101                 break;
102             case Z_OK:

Bug: #5079.
(cherry picked from commit e1f7c63fa8ed9ee787f89776162ca221573ef227)
---

diff --git a/src/util-file-swf-decompression.c b/src/util-file-swf-decompression.c
index f0a17918cc..71ca6eda86 100644
--- a/src/util-file-swf-decompression.c
+++ b/src/util-file-swf-decompression.c
@@ -85,6 +85,7 @@ int FileSwfZlibDecompression(DetectEngineThreadCtx *det_ctx,
 {
     int ret = 1;
     z_stream infstream;
+    memset(&infstream, 0, sizeof(infstream));
     infstream.zalloc = Z_NULL;
     infstream.zfree = Z_NULL;
     infstream.opaque = Z_NULL;
@@ -94,8 +95,13 @@ int FileSwfZlibDecompression(DetectEngineThreadCtx *det_ctx,
     infstream.avail_out = (uInt)decompressed_data_len;
     infstream.next_out = (Bytef *)decompressed_data;
 
-    inflateInit(&infstream);
-    int result = inflate(&infstream, Z_NO_FLUSH);
+    int result = inflateInit(&infstream);
+    if (result != Z_OK) {
+        DetectEngineSetEvent(det_ctx, FILE_DECODER_EVENT_Z_UNKNOWN_ERROR);
+        return 0;
+    }
+
+    result = inflate(&infstream, Z_NO_FLUSH);
     switch(result) {
         case Z_STREAM_END:
             break;