* [Cluster-devel] [coverity] liblogthread
@ 2011-10-10 8:45 Fabio M. Di Nitto
2011-10-10 8:45 ` [Cluster-devel] [PATCH 1/4] liblogthread: call to localtime needs return value check Fabio M. Di Nitto
` (4 more replies)
0 siblings, 5 replies; 7+ messages in thread
From: Fabio M. Di Nitto @ 2011-10-10 8:45 UTC (permalink / raw)
To: cluster-devel.redhat.com
This is the first patchset to address some issues spotted by Coverity scan.
Original errors/warnings:
Analysis summary report:
------------------------
Files analyzed : 1
Total LoC input to cov-analyze : 12453
Functions analyzed : 11
Paths analyzed : 243
New defects found : 8 Total
1 ATOMICITY
3 BUFFER_SIZE_WARNING
1 MISSING_LOCK
1 NULL_RETURNS
1 PW.NOT_COMPATIBLE_WITH_PREVIOUS_DECL
1 SECURE_CODING
Elapsed time: 00:00:00
Processing 8 C/C++ errors.
0% 10 20 30 40 50 60 70 80 90 100%
|----|----|----|----|----|----|----|----|----|----|
***************************************************
Processed 8 C/C++ errors.
After fixes:
Analysis summary report:
------------------------
Files analyzed : 1
Total LoC input to cov-analyze : 12475
Functions analyzed : 12
Paths analyzed : 250
New defects found : 2 Total
1 ATOMICITY
1 PW.NOT_COMPATIBLE_WITH_PREVIOUS_DECL
Elapsed time: 00:00:01
Processing 2 C/C++ errors.
0% 10 20 30 40 50 60 70 80 90 100%
|----|----|----|----|----|----|----|----|----|----|
***************************************************
Processed 2 C/C++ errors.
NOTES:
PW.NOT_COMPATIBLE_WITH_PREVIOUS_DECL can be safely ignored as it is an incompatible
declaration between system gcc and coverity headers.
The remaining ATOMICITY error appears to be bogus.
^ permalink raw reply [flat|nested] 7+ messages in thread* [Cluster-devel] [PATCH 1/4] liblogthread: call to localtime needs return value check 2011-10-10 8:45 [Cluster-devel] [coverity] liblogthread Fabio M. Di Nitto @ 2011-10-10 8:45 ` Fabio M. Di Nitto 2011-10-10 8:56 ` Steven Whitehouse 2011-10-10 8:45 ` [Cluster-devel] [PATCH 2/4] liblogthread: make sure there is space for \0 end string Fabio M. Di Nitto ` (3 subsequent siblings) 4 siblings, 1 reply; 7+ messages in thread From: Fabio M. Di Nitto @ 2011-10-10 8:45 UTC (permalink / raw) To: cluster-devel.redhat.com Spotted by Coverity Scan Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com> --- :100644 100644 ba96a2a... 4f8354a... M common/liblogthread/liblogthread.c common/liblogthread/liblogthread.c | 9 ++++++++- 1 files changed, 8 insertions(+), 1 deletions(-) diff --git a/common/liblogthread/liblogthread.c b/common/liblogthread/liblogthread.c index ba96a2a..4f8354a 100644 --- a/common/liblogthread/liblogthread.c +++ b/common/liblogthread/liblogthread.c @@ -42,8 +42,15 @@ static FILE *logt_logfile_fp; static char *_time(time_t *t) { static char buf[64]; + struct tm *tm; + + tm = localtime(t); + if (!tm) { + strncpy(buf, "unknown time", sizeof(buf) - 1); + } else { + strftime(buf, sizeof(buf), "%b %d %T", tm); + } - strftime(buf, sizeof(buf), "%b %d %T", localtime(t)); return buf; } -- 1.7.4.4 ^ permalink raw reply related [flat|nested] 7+ messages in thread
* [Cluster-devel] [PATCH 1/4] liblogthread: call to localtime needs return value check 2011-10-10 8:45 ` [Cluster-devel] [PATCH 1/4] liblogthread: call to localtime needs return value check Fabio M. Di Nitto @ 2011-10-10 8:56 ` Steven Whitehouse 0 siblings, 0 replies; 7+ messages in thread From: Steven Whitehouse @ 2011-10-10 8:56 UTC (permalink / raw) To: cluster-devel.redhat.com Hi, On Mon, 2011-10-10 at 10:45 +0200, Fabio M. Di Nitto wrote: > Spotted by Coverity Scan > > Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com> > --- > :100644 100644 ba96a2a... 4f8354a... M common/liblogthread/liblogthread.c > common/liblogthread/liblogthread.c | 9 ++++++++- > 1 files changed, 8 insertions(+), 1 deletions(-) > > diff --git a/common/liblogthread/liblogthread.c b/common/liblogthread/liblogthread.c > index ba96a2a..4f8354a 100644 > --- a/common/liblogthread/liblogthread.c > +++ b/common/liblogthread/liblogthread.c > @@ -42,8 +42,15 @@ static FILE *logt_logfile_fp; > static char *_time(time_t *t) > { > static char buf[64]; > + struct tm *tm; > + > + tm = localtime(t); > + if (!tm) { > + strncpy(buf, "unknown time", sizeof(buf) - 1); > + } else { > + strftime(buf, sizeof(buf), "%b %d %T", tm); > + } > > - strftime(buf, sizeof(buf), "%b %d %T", localtime(t)); > return buf; > } > I'm wondering under just what circumstances localtime would return NULL... since the returned buffer is static, there is no allocation that could fail. Since the time_t is just seconds since the epoc, all possible values are valid. Maybe if it was passed a NULL time_t * perhaps, but that is, I suspect impossible. So I'm wondering whether this is a false positive, Steve. ^ permalink raw reply [flat|nested] 7+ messages in thread
* [Cluster-devel] [PATCH 2/4] liblogthread: make sure there is space for \0 end string 2011-10-10 8:45 [Cluster-devel] [coverity] liblogthread Fabio M. Di Nitto 2011-10-10 8:45 ` [Cluster-devel] [PATCH 1/4] liblogthread: call to localtime needs return value check Fabio M. Di Nitto @ 2011-10-10 8:45 ` Fabio M. Di Nitto 2011-10-10 8:45 ` [Cluster-devel] [PATCH 3/4] liblogthread: use snprintf as it is considered safer Fabio M. Di Nitto ` (2 subsequent siblings) 4 siblings, 0 replies; 7+ messages in thread From: Fabio M. Di Nitto @ 2011-10-10 8:45 UTC (permalink / raw) To: cluster-devel.redhat.com Spotted by Coverity Scan Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com> --- :100644 100644 4f8354a... 384f042... M common/liblogthread/liblogthread.c common/liblogthread/liblogthread.c | 10 +++++----- 1 files changed, 5 insertions(+), 5 deletions(-) diff --git a/common/liblogthread/liblogthread.c b/common/liblogthread/liblogthread.c index 4f8354a..384f042 100644 --- a/common/liblogthread/liblogthread.c +++ b/common/liblogthread/liblogthread.c @@ -128,7 +128,7 @@ static void _logt_print(int level, char *buf) head_ent = head_ent % num_ents; pending_ents++; - strncpy(e->str, buf, ENTRY_STR_LEN); + strncpy(e->str, buf, ENTRY_STR_LEN - 1); e->level = level; e->time = time(NULL); out: @@ -172,9 +172,9 @@ static void _conf(const char *name, int mode, int syslog_facility, logt_syslog_priority = syslog_priority; logt_logfile_priority = logfile_priority; if (name) - strncpy(logt_name, name, PATH_MAX); + strncpy(logt_name, name, PATH_MAX - 1); if (logfile) - strncpy(logt_logfile, logfile, PATH_MAX); + strncpy(logt_logfile, logfile, PATH_MAX - 1); if (logt_mode & LOG_MODE_OUTPUT_FILE && logt_logfile[0]) { if (logt_logfile_fp) { @@ -255,11 +255,11 @@ int logt_reinit(void) memset(name_tmp, 0, sizeof(name_tmp)); memset(file_tmp, 0, sizeof(file_tmp)); - strncpy(name_tmp, logt_name, sizeof(name_tmp)); + strncpy(name_tmp, logt_name, sizeof(name_tmp) - 1); if (!strlen(name_tmp)) return -1; if (strlen(logt_logfile)) - strncpy(file_tmp, logt_logfile, sizeof(file_tmp)); + strncpy(file_tmp, logt_logfile, sizeof(file_tmp) - 1); return logt_init(name_tmp, logt_mode, logt_syslog_facility, logt_syslog_priority, logt_logfile_priority, -- 1.7.4.4 ^ permalink raw reply related [flat|nested] 7+ messages in thread
* [Cluster-devel] [PATCH 3/4] liblogthread: use snprintf as it is considered safer 2011-10-10 8:45 [Cluster-devel] [coverity] liblogthread Fabio M. Di Nitto 2011-10-10 8:45 ` [Cluster-devel] [PATCH 1/4] liblogthread: call to localtime needs return value check Fabio M. Di Nitto 2011-10-10 8:45 ` [Cluster-devel] [PATCH 2/4] liblogthread: make sure there is space for \0 end string Fabio M. Di Nitto @ 2011-10-10 8:45 ` Fabio M. Di Nitto 2011-10-10 8:45 ` [Cluster-devel] [PATCH 4/4] liblogthread: make library thread safer Fabio M. Di Nitto 2011-10-10 14:54 ` [Cluster-devel] [coverity] liblogthread David Teigland 4 siblings, 0 replies; 7+ messages in thread From: Fabio M. Di Nitto @ 2011-10-10 8:45 UTC (permalink / raw) To: cluster-devel.redhat.com avoid security warning Spotted by Coverity Scan Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com> --- :100644 100644 384f042... 7230b2f... M common/liblogthread/liblogthread.c common/liblogthread/liblogthread.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/common/liblogthread/liblogthread.c b/common/liblogthread/liblogthread.c index 384f042..7230b2f 100644 --- a/common/liblogthread/liblogthread.c +++ b/common/liblogthread/liblogthread.c @@ -69,7 +69,7 @@ static void write_entry(int level, time_t *t, char *str) static void write_dropped(int level, time_t *t, int num) { char str[ENTRY_STR_LEN]; - sprintf(str, "dropped %d entries", num); + snprintf(str, sizeof(str) - 1, "dropped %d entries", num); write_entry(level, t, str); } -- 1.7.4.4 ^ permalink raw reply related [flat|nested] 7+ messages in thread
* [Cluster-devel] [PATCH 4/4] liblogthread: make library thread safer 2011-10-10 8:45 [Cluster-devel] [coverity] liblogthread Fabio M. Di Nitto ` (2 preceding siblings ...) 2011-10-10 8:45 ` [Cluster-devel] [PATCH 3/4] liblogthread: use snprintf as it is considered safer Fabio M. Di Nitto @ 2011-10-10 8:45 ` Fabio M. Di Nitto 2011-10-10 14:54 ` [Cluster-devel] [coverity] liblogthread David Teigland 4 siblings, 0 replies; 7+ messages in thread From: Fabio M. Di Nitto @ 2011-10-10 8:45 UTC (permalink / raw) To: cluster-devel.redhat.com - all public API should lock/unlock appropriately - internal _conf function is now lock-free, locking must be provided by callers. this saves different unlock/race/lock conditions. - make init and re-init thread safe and move common code to _init Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com> --- :100644 100644 7230b2f... 088d171... M common/liblogthread/liblogthread.c common/liblogthread/liblogthread.c | 51 ++++++++++++++++++++++++----------- 1 files changed, 35 insertions(+), 16 deletions(-) diff --git a/common/liblogthread/liblogthread.c b/common/liblogthread/liblogthread.c index 7230b2f..088d171 100644 --- a/common/liblogthread/liblogthread.c +++ b/common/liblogthread/liblogthread.c @@ -166,7 +166,6 @@ static void _conf(const char *name, int mode, int syslog_facility, { int fd; - pthread_mutex_lock(&mutex); logt_mode = mode; logt_syslog_facility = syslog_facility; logt_syslog_priority = syslog_priority; @@ -197,24 +196,22 @@ static void _conf(const char *name, int mode, int syslog_facility, closelog(); openlog(logt_name, LOG_CONS | LOG_PID, logt_syslog_facility); } - pthread_mutex_unlock(&mutex); } void logt_conf(const char *name, int mode, int syslog_facility, int syslog_priority, int logfile_priority, const char *logfile) { - if (!init) - return; + pthread_mutex_lock(&mutex); + if (init) + _conf(name, mode, syslog_facility, syslog_priority, logfile_priority, + logfile); - _conf(name, mode, syslog_facility, syslog_priority, logfile_priority, - logfile); + pthread_mutex_unlock(&mutex); } -int logt_init(const char *name, int mode, int syslog_facility, int syslog_priority, +static int _init(const char *name, int mode, int syslog_facility, int syslog_priority, int logfile_priority, const char *logfile) { - int rv; - if (init) return -1; @@ -224,18 +221,30 @@ int logt_init(const char *name, int mode, int syslog_facility, int syslog_priori ents = malloc(num_ents * sizeof(struct entry)); if (!ents) return -1; + memset(ents, 0, num_ents * sizeof(struct entry)); - rv = pthread_create(&thread_handle, NULL, thread_fn, NULL); - if (rv) { + if (pthread_create(&thread_handle, NULL, thread_fn, NULL)) { free(ents); return -1; } done = 0; init = 1; + return 0; } +int logt_init(const char *name, int mode, int syslog_facility, int syslog_priority, + int logfile_priority, const char *logfile) +{ + int rv = 0; + + pthread_mutex_lock(&mutex); + rv = _init(name, mode, syslog_facility, syslog_priority, + logfile_priority, logfile); + pthread_mutex_unlock(&mutex); + return rv; +} /* * Reinitialize logt w/ previous values (e.g. use after @@ -247,23 +256,33 @@ int logt_reinit(void) { char name_tmp[PATH_MAX]; char file_tmp[PATH_MAX]; + int rv = 0; - if (!done || init) - return -1; + pthread_mutex_lock(&mutex); + if (!done || init) { + rv = -1; + goto out; + } /* Use copies on the stack for these */ memset(name_tmp, 0, sizeof(name_tmp)); memset(file_tmp, 0, sizeof(file_tmp)); strncpy(name_tmp, logt_name, sizeof(name_tmp) - 1); - if (!strlen(name_tmp)) - return -1; + if (!strlen(name_tmp)) { + rv = -1; + goto out; + } if (strlen(logt_logfile)) strncpy(file_tmp, logt_logfile, sizeof(file_tmp) - 1); - return logt_init(name_tmp, logt_mode, logt_syslog_facility, + rv = _init(name_tmp, logt_mode, logt_syslog_facility, logt_syslog_priority, logt_logfile_priority, file_tmp); + +out: + pthread_mutex_unlock(&mutex); + return rv; } -- 1.7.4.4 ^ permalink raw reply related [flat|nested] 7+ messages in thread
* [Cluster-devel] [coverity] liblogthread 2011-10-10 8:45 [Cluster-devel] [coverity] liblogthread Fabio M. Di Nitto ` (3 preceding siblings ...) 2011-10-10 8:45 ` [Cluster-devel] [PATCH 4/4] liblogthread: make library thread safer Fabio M. Di Nitto @ 2011-10-10 14:54 ` David Teigland 4 siblings, 0 replies; 7+ messages in thread From: David Teigland @ 2011-10-10 14:54 UTC (permalink / raw) To: cluster-devel.redhat.com On Mon, Oct 10, 2011 at 10:45:17AM +0200, Fabio M. Di Nitto wrote: > This is the first patchset to address some issues spotted by Coverity scan. look fine ^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2011-10-10 14:54 UTC | newest] Thread overview: 7+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2011-10-10 8:45 [Cluster-devel] [coverity] liblogthread Fabio M. Di Nitto 2011-10-10 8:45 ` [Cluster-devel] [PATCH 1/4] liblogthread: call to localtime needs return value check Fabio M. Di Nitto 2011-10-10 8:56 ` Steven Whitehouse 2011-10-10 8:45 ` [Cluster-devel] [PATCH 2/4] liblogthread: make sure there is space for \0 end string Fabio M. Di Nitto 2011-10-10 8:45 ` [Cluster-devel] [PATCH 3/4] liblogthread: use snprintf as it is considered safer Fabio M. Di Nitto 2011-10-10 8:45 ` [Cluster-devel] [PATCH 4/4] liblogthread: make library thread safer Fabio M. Di Nitto 2011-10-10 14:54 ` [Cluster-devel] [coverity] liblogthread David Teigland
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).