From a3655b7bf64b7e016602d0b2bec450d27575816e Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Mon, 15 Oct 2012 13:12:53 -0400 Subject: [PATCH 3/4] Fixes for problems discovered by coverity scan. Related: rhbz#1085434 Signed-off-by: Peter Jones --- extlinux/main.c | 9 ++++++++- libfat/fat.h | 9 +++++++-- libinstaller/advio.c | 17 +++++++++-------- libinstaller/syslxcom.c | 8 ++++++++ libinstaller/syslxint.h | 10 +++++++--- linux/syslinux.c | 3 --- mtools/syslinux.c | 1 + utils/Makefile | 2 +- utils/isohybrid.c | 20 ++++++++++++++------ 9 files changed, 55 insertions(+), 24 deletions(-) diff --git a/extlinux/main.c b/extlinux/main.c index e574051..a461533 100755 --- a/extlinux/main.c +++ b/extlinux/main.c @@ -292,7 +292,12 @@ int patch_file_and_bootblock(int fd, const char *dir, int devfd) nsect = (boot_image_len + SECTOR_SIZE - 1) >> SECTOR_SHIFT; nsect += 2; /* Two sectors for the ADV */ sectp = alloca(sizeof(sector_t) * nsect); - if (fs_type == EXT2 || fs_type == VFAT) { + if (sectp == NULL) { + perror("alloca"); + exit(1); + } + memset(sectp, '\0', sizeof(sector_t) * nsect); + if (fd >= 0 && (fs_type == EXT2 || fs_type == VFAT)) { if (sectmap(fd, sectp, nsect)) { perror("bmap"); exit(1); @@ -423,6 +428,8 @@ int ext2_fat_install_file(const char *path, int devfd, struct stat *rst) /* Map the file, and patch the initial sector accordingly */ modbytes = patch_file_and_bootblock(fd, path, devfd); + if (modbytes < 0) + goto bail; /* Write the patch area again - this relies on the file being overwritten in place! */ diff --git a/libfat/fat.h b/libfat/fat.h index b4e32f7..acafdb6 100644 --- a/libfat/fat.h +++ b/libfat/fat.h @@ -23,8 +23,13 @@ /* The poor excuse FAT has for a superblock -- in the boot sector */ struct fat_bootsect { - le8_t bsJump[3]; /* Jump to code */ - char bsOemName[8]; /* Formatting program */ + union { + struct { + uint8_t bsJump[3]; /* Jump to code */ + char bsOemName[8]; /* Formatting program */ + }; + uint8_t bsHead[11]; + }; le16_t bsBytesPerSec; /* Bytes/sector */ le8_t bsSecPerClust; /* Sectors/cluster */ le16_t bsResSectors; /* Reserved sectors */ diff --git a/libinstaller/advio.c b/libinstaller/advio.c index 56f607d..01894f2 100644 --- a/libinstaller/advio.c +++ b/libinstaller/advio.c @@ -135,15 +135,16 @@ int write_adv(const char *path, const char *cfg) xst.st_dev != st.st_dev || xst.st_size != st.st_size) { fprintf(stderr, "%s: race condition on write\n", file); err = -2; + } else { + /* Write our own version ... */ + if (xpwrite(fd, syslinux_adv, 2 * ADV_SIZE, + st.st_size - 2 * ADV_SIZE) != 2 * ADV_SIZE) { + err = -1; + } + + sync(); + set_attributes(fd); } - /* Write our own version ... */ - if (xpwrite(fd, syslinux_adv, 2 * ADV_SIZE, - st.st_size - 2 * ADV_SIZE) != 2 * ADV_SIZE) { - err = -1; - } - - sync(); - set_attributes(fd); } } diff --git a/libinstaller/syslxcom.c b/libinstaller/syslxcom.c index a6a8339..dae81bc 100644 --- a/libinstaller/syslxcom.c +++ b/libinstaller/syslxcom.c @@ -87,6 +87,9 @@ ssize_t xpwrite(int fd, const void *buf, size_t count, off_t offset) ssize_t rv; ssize_t done = 0; + if (fd < 0) + die(strerror(EBADF)); + while (count) { rv = pwrite(fd, bufp, count, offset); if (rv == 0) { @@ -279,6 +282,11 @@ static int sectmap_fib(int fd, sector_t *sectors, int nsectors) */ int sectmap(int fd, sector_t *sectors, int nsectors) { + if (fd < 0) { + errno = EBADF; + return -1; + } + if (!sectmap_fie(fd, sectors, nsectors)) return 0; diff --git a/libinstaller/syslxint.h b/libinstaller/syslxint.h index 7c9da51..8d39f74 100644 --- a/libinstaller/syslxint.h +++ b/libinstaller/syslxint.h @@ -193,8 +193,13 @@ struct syslinux_extent { /* FAT bootsector format, also used by other disk-based derivatives */ struct boot_sector { - uint8_t bsJump[3]; - char bsOemName[8]; + union { + struct { + uint8_t bsJump[3]; + char bsOemName[8]; + }; + uint8_t bsHead[11]; + }; uint16_t bsBytesPerSec; uint8_t bsSecPerClust; uint16_t bsResSectors; @@ -241,7 +246,6 @@ struct boot_sector { uint16_t bsSignature; } __attribute__ ((packed)); -#define bsHead bsJump #define bsHeadLen offsetof(struct boot_sector, bsBytesPerSec) #define bsCode bs32.Code /* The common safe choice */ #define bsCodeLen (offsetof(struct boot_sector, bsSignature) - \ diff --git a/linux/syslinux.c b/linux/syslinux.c index c7a9ecc..6e23a7a 100755 --- a/linux/syslinux.c +++ b/linux/syslinux.c @@ -335,9 +335,6 @@ int main(int argc, char *argv[]) snprintf(mntname, sizeof mntname, "syslinux.mnt.%lu.%d", (unsigned long)mypid, i); - if (lstat(mntname, &dst) != -1 || errno != ENOENT) - continue; - rv = mkdir(mntname, 0000); if (rv == -1) { diff --git a/mtools/syslinux.c b/mtools/syslinux.c index ac189c6..4bec0e3 100755 --- a/mtools/syslinux.c +++ b/mtools/syslinux.c @@ -208,6 +208,7 @@ int main(int argc, char *argv[]) !mtools_conf) die_err(tmpdir); + umask(077); mtc_fd = mkstemp(mtools_conf); if (mtc_fd < 0 || !(mtc = fdopen(mtc_fd, "w"))) die_err(mtools_conf); diff --git a/utils/Makefile b/utils/Makefile index 44cb54f..4fabe04 100644 --- a/utils/Makefile +++ b/utils/Makefile @@ -51,7 +51,7 @@ isohdpfx.c: $(ISOHDPFX) isohdpfxarray.pl $(PERL) isohdpfxarray.pl $(ISOHDPFX) > $@ isohybrid: isohybrid.o isohdpfx.o - $(CC) $(LDFLAGS) -luuid -o $@ $^ + $(CC) $(LDFLAGS) -fshort-wchar -luuid -o $@ $^ gethostip: gethostip.o $(CC) $(LDFLAGS) -o $@ $^ diff --git a/utils/isohybrid.c b/utils/isohybrid.c index ac04bfd..865c114 100644 --- a/utils/isohybrid.c +++ b/utils/isohybrid.c @@ -357,6 +357,8 @@ check_option(int argc, char *argv[]) case ':': errx(1, "option `-%c' takes an argument", optopt); + printh(); + exit(0); default: case '?': if (optopt) @@ -618,7 +620,7 @@ initialise_mbr(uint8_t *mbr) bsect = (offset % sector) + 1; bcyle = offset / (head * sector); - bsect += (bcyle & 0x300) >> 2; + bsect += bcyle >> 2; bcyle &= 0xFF; ehead = head - 1; @@ -792,7 +794,7 @@ initialise_gpt(uint8_t *gpt, uint32_t current, uint32_t alternate, int primary) memcpy(part->partTypeGUID, basic_partition, sizeof(uuid_t)); part->firstLBA = lendian_64(0); part->lastLBA = lendian_64(psize); - memcpy(part->name, "ISOHybrid ISO", 28); + memcpy(part->name, L"ISOHybrid ISO", 28); gpt += sizeof(struct gpt_part_header); part++; @@ -801,7 +803,7 @@ initialise_gpt(uint8_t *gpt, uint32_t current, uint32_t alternate, int primary) memcpy(part->partTypeGUID, basic_partition, sizeof(uuid_t)); part->firstLBA = lendian_64(efi_lba * 4); part->lastLBA = lendian_64(part->firstLBA + efi_count - 1); - memcpy(part->name, "ISOHybrid", 20); + memcpy(part->name, L"ISOHybrid", 20); gpt += sizeof(struct gpt_part_header); @@ -814,7 +816,7 @@ initialise_gpt(uint8_t *gpt, uint32_t current, uint32_t alternate, int primary) memcpy(part->partTypeGUID, hfs_partition, sizeof(uuid_t)); part->firstLBA = lendian_64(mac_lba * 4); part->lastLBA = lendian_64(part->firstLBA + mac_count - 1); - memcpy(part->name, "ISOHybrid", 20); + memcpy(part->name, L"ISOHybrid", 20); part--; } @@ -891,7 +893,11 @@ main(int argc, char *argv[]) size_t orig_gpt_size, free_space, gpt_size; struct iso_primary_descriptor descriptor; - prog = strcpy(alloca(strlen(argv[0]) + 1), argv[0]); + prog = alloca(strlen(argv[0]) + 1); + if (!prog) + err(1, ""); + strcpy(prog, argv[0]); + i = check_option(argc, argv); argc -= i; argv += i; @@ -1097,7 +1103,9 @@ main(int argc, char *argv[]) initialise_apm(buf, APM_OFFSET); - fseek(fp, APM_OFFSET, SEEK_SET); + if (fseek(fp, APM_OFFSET, SEEK_SET)) + err(1, "%s: seek error - 7", argv[0]); + fwrite(buf, sizeof(char), apm_size, fp); } -- 1.9.3