Bug #6899
closed
coverity problems in localedef
100%
Description
usr/src/cmd/localedef/ctype.c
Line 276: CID 1338565 (#1 of 1): Buffer not null terminated (BUFFER_SIZE_WARNING) 2. buffer_size_warning: Calling strncpy with a maximum size argument of 32 bytes on destination array rl.encoding of size 32 bytes might leave the destination string unterminated.
The line is: (void) strncpy(rl.encoding, get_wide_encoding(), sizeof (rl.encoding));
So the third argument needs to have -1 appended. This is at present harmless since the encoding names are all short enough not to trip on this.
Line 348: CID 1338557 (#1 of 1): Operands don't affect result (CONSTANT_EXPRESSION_RESULT) result_independent_of_operands: ctn->ctype & 0x2000L & (ctn->ctype & (66816L /* (0x400L | 0x100L) | 0x10000L */)) is always 0 regardless of the values of its operands. This occurs as the logical operand of if.
This line is the error:
if ((ctn->ctype & _ISPUNCT) &
(ctn->ctype & (_ISDIGIT|_ISALPHA|_ISXDIGIT)))
conflict++;
The first "&" should be &&. Its harmless in that the check should always be false anyway, but we should fix.
Line 429: CID 1338540 (#1 of 1): Resource leak (RESOURCE_LEAK) 127. leaked_storage: Variable up going out of scope leaks the storage it points to CID 1338541 (#1 of 1): Resource leak (RESOURCE_LEAK) 127. leaked_storage: Variable lo going out of scope leaks the storage it points to. CID 1338566 (#1 of 1): Resource leak (RESOURCE_LEAK) 127. leaked_storage: Variable ct going out of scope leaks the storage it points to.
We should add conditional frees at the end of the function:
if (up != NULL) free(up); if (ct != NULL) free(ct); if (lo != NULL) free(lo);
Additionally the return from the failure to write any of these needs to probably have a goto statement to the end of the function, where the free routines noted above are.
/usr/src/cmd/localedef/time.c
Line 74 (Breaks from switch) Line 80: CID 1338535 (#1 of 1): Resource leak (RESOURCE_LEAK) 6. leaked_storage: Variable str going out of scope leaks the storage it points to.
This one is actually a leak of the str. We should probably just do free(str) before the break.Thanks to Pedro Giffuni from the FreeBSD team for sending these to me.
None of these issues are terribly urgent, but this makes a nice bite-size bug for a new contributor to handle.
Updated by Gary Mills about 7 years ago
In userland, you don't need to check a pointer against NULL before freeing it. NULL is a valid pointer in this case.
Updated by Garrett D'Amore about 7 years ago
Good point Gary... I am so used to kernel land where this isn't an option... :-) (but kmem_free(NULL, 0) does work)
Updated by Yuri Pankov about 6 years ago
- Status changed from New to In Progress
- Assignee set to Yuri Pankov
Updated by Electric Monk about 6 years ago
- Status changed from In Progress to Closed
- % Done changed from 0 to 100
git commit e1508819051004d7be493a04ee515905ae412142
commit e1508819051004d7be493a04ee515905ae412142
Author: Yuri Pankov <yuri.pankov@nexenta.com>
Date: 2017-03-04T17:05:09.000Z
6899 coverity problems in localedef
Reviewed by: Toomas Soome <tsoome@me.com>
Reviewed by: Vitaliy Gusev <gusev.vitaliy@icloud.com>
Approved by: Robert Mustacchi <rm@joyent.com>