From: Jeremy Harris Date: Thu, 3 Mar 2016 22:55:34 +0000 (+0000) Subject: tidying: coverity issues X-Git-Tag: exim-4_87_RC6~8 X-Git-Url: https://git.exim.org/users/jgh/exim.git/commitdiff_plain/806c3df997132e99f4abade6d00be18930695408 tidying: coverity issues --- diff --git a/src/src/dcc.c b/src/src/dcc.c index b03690ca6..c374cf91c 100644 --- a/src/src/dcc.c +++ b/src/src/dcc.c @@ -216,9 +216,9 @@ dcc_process(uschar **listptr) } } else { /* connecting to the dccifd UNIX socket */ - bzero((char *)&serv_addr,sizeof(serv_addr)); + bzero(&serv_addr, sizeof(serv_addr)); serv_addr.sun_family = AF_UNIX; - Ustrcpy(serv_addr.sun_path, sockpath); + Ustrncpy(serv_addr.sun_path, sockpath, sizeof(serv_addr.sun_path)); if ((sockfd = socket(AF_UNIX, SOCK_STREAM,0)) < 0){ DEBUG(D_acl) debug_printf("DCC: Creating UNIX socket connection failed: %s\n", strerror(errno)); diff --git a/src/src/dns.c b/src/src/dns.c index bb6693254..17152d9a6 100644 --- a/src/src/dns.c +++ b/src/src/dns.c @@ -868,7 +868,7 @@ BOOL secure_so_far = TRUE; for (i = 0; i < 10; i++) { - uschar data[256]; + uschar * data; dns_record *rr, cname_rr, type_rr; dns_scan dnss; int datalen, rc; @@ -918,7 +918,7 @@ for (i = 0; i < 10; i++) /* If any data records of the correct type were found, we are done. */ - if (type_rr.data != NULL) + if (type_rr.data) { if (!secure_so_far) /* mark insecure if any element of CNAME chain was */ dns_set_insecure(dnsa); @@ -930,10 +930,14 @@ for (i = 0; i < 10; i++) have had a failure from dns_lookup). However code against the possibility of its not existing. */ - if (cname_rr.data == NULL) return DNS_FAIL; + if (!cname_rr.data) + return DNS_FAIL; + + data = store_get(256); datalen = dn_expand(dnsa->answer, dnsa->answer + dnsa->answerlen, - cname_rr.data, (DN_EXPAND_ARG4_TYPE)data, sizeof(data)); - if (datalen < 0) return DNS_FAIL; + cname_rr.data, (DN_EXPAND_ARG4_TYPE)data, 256); + if (datalen < 0) + return DNS_FAIL; name = data; if (!dns_is_secure(dnsa)) diff --git a/src/src/exim_dbutil.c b/src/src/exim_dbutil.c index 417a42db6..262e39044 100644 --- a/src/src/exim_dbutil.c +++ b/src/src/exim_dbutil.c @@ -259,7 +259,7 @@ uschar buffer[256]; ensures that Exim has exclusive use of the database before it even tries to open it. If there is a database, there should be a lock file in existence. */ -sprintf(CS buffer, "%s/db/%s.lockfile", spool_directory, name); +sprintf(CS buffer, "%s/db/%.200s.lockfile", spool_directory, name); dbblock->lockfd = Uopen(buffer, flags, 0); if (dbblock->lockfd < 0) diff --git a/src/src/routers/queryprogram.c b/src/src/routers/queryprogram.c index 018e4c831..9970c8299 100644 --- a/src/src/routers/queryprogram.c +++ b/src/src/routers/queryprogram.c @@ -214,6 +214,7 @@ ugid.uid_set = ugid.gid_set = FALSE; /* Set up the propagated data block with the current address_data and the errors address and extra header stuff. */ +bzero(&addr_prop, sizeof(addr_prop)); addr_prop.address_data = deliver_address_data; rc = rf_get_errors_address(addr, rblock, verify, &addr_prop.errors_address); diff --git a/src/src/spam.c b/src/src/spam.c index 6a0ca3c20..51ae88f50 100644 --- a/src/src/spam.c +++ b/src/src/spam.c @@ -139,7 +139,7 @@ long rnd, weights; unsigned pri; static BOOL srandomed = FALSE; -/* seedup, if we have only 1 server */ +/* speedup, if we have only 1 server */ if (num_servers == 1) return (spamds[0]->is_failed ? -1 : 0); diff --git a/src/src/spool_in.c b/src/src/spool_in.c index 59192ef30..992e08886 100644 --- a/src/src/spool_in.c +++ b/src/src/spool_in.c @@ -473,11 +473,13 @@ for (;;) int index, count; uschar name[20]; /* Need plenty of space for %d format */ tree_node *node; - if (sscanf(CS big_buffer + 5, "%d %d", &index, &count) != 2) + if ( sscanf(CS big_buffer + 5, "%d %d", &index, &count) != 2 + || index >= 20 + ) goto SPOOL_FORMAT_ERROR; if (index < 10) (void) string_format(name, sizeof(name), "%c%d", 'c', index); - else if (index < 20) /* ignore out-of-range index */ + else (void) string_format(name, sizeof(name), "%c%d", 'm', index - 10); node = acl_var_create(name); node->data.ptr = store_get(count + 1); diff --git a/src/src/transport.c b/src/src/transport.c index 13f3c07fc..c14b60f4e 100644 --- a/src/src/transport.c +++ b/src/src/transport.c @@ -1205,7 +1205,7 @@ transport_write_message(address_item *addr, int fd, int options, BOOL use_crlf; BOOL last_filter_was_NL = TRUE; int rc, len, yield, fd_read, fd_write, save_errno; -int pfd[2]; +int pfd[2] = {-1, -1}; pid_t filter_pid, write_pid; transport_filter_timed_out = FALSE; diff --git a/src/src/verify.c b/src/src/verify.c index 6aa425a54..3d4f88550 100644 --- a/src/src/verify.c +++ b/src/src/verify.c @@ -458,7 +458,7 @@ can do it there for the non-rcpt-verify case. For this we keep an addresscount. && port == cutthrough.host.port ) { - uschar * resp; + uschar * resp = NULL; /* Match! Send the RCPT TO, append the addr, set done */ done = @@ -485,7 +485,7 @@ can do it there for the non-rcpt-verify case. For this we keep an addresscount. else { cancel_cutthrough_connection("recipient rejected"); - if (errno == ETIMEDOUT) + if (!resp || errno == ETIMEDOUT) { HDEBUG(D_verify) debug_printf("SMTP timeout\n"); }