dtlogin: Two additional coverity fixes

[oweals/cde.git] / cde / programs / dtlogin / session.c

diff --git a/cde/programs/dtlogin/session.c b/cde/programs/dtlogin/session.c
index 1b0e065a29eec1742813dcdd00db7ab1193f718f..cf6ce6d1819c350e5e6742940bd36c94b2dfe6ce 100644 (file)
--- a/cde/programs/dtlogin/session.c
+++ b/cde/programs/dtlogin/session.c
@@ -1,3 +1,25 @@
+/*
+ * CDE - Common Desktop Environment
+ *
+ * Copyright (c) 1993-2012, The Open Group. All rights reserved.
+ *
+ * These libraries and programs are free software; you can
+ * redistribute them and/or modify them under the terms of the GNU
+ * Lesser General Public License as published by the Free Software
+ * Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ *
+ * These libraries and programs are distributed in the hope that
+ * they will be useful, but WITHOUT ANY WARRANTY; without even the
+ * implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+ * PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with these librararies and programs; if not, write
+ * to the Free Software Foundation, Inc., 51 Franklin Street, Fifth
+ * Floor, Boston, MA 02110-1301 USA
+ */
 /* (c) Copyright 1997 The Open Group */
 /*                                                                      *
  * (c) Copyright 1993, 1994 Hewlett-Packard Company                     *
@@ -32,6 +54,7 @@
 #ifdef _AIX
 #ifdef _POWER
 #include <stdio.h>
+#include <errno.h>
 #include <sys/file.h>
 #endif /* _POWER */
 # include <usersec.h>
@@ -43,7 +66,11 @@
 # include <signal.h>
 # include <X11/Xatom.h>
 # include <setjmp.h>
+#if defined(__FreeBSD__) && OSMAJORVERSION > 8
+# include <utmpx.h>
+#else
 # include <utmp.h>
+#endif
 #include <unistd.h>
 #include <pwd.h>
 #include <dirent.h>
@@ -305,8 +332,7 @@ static int
 IOErrorHandler( Display *dpy )
 {
 
-    char *s = ((errno >= 0 && errno < sys_nerr) ? sys_errlist[errno]
-                                               : "unknown error");
+  const char *s = strerror(errno);
 
     LogError(ReadCatalog(
                        MC_LOG_SET,MC_LOG_FATAL_IO,MC_DEF_LOG_FATAL_IO),
@@ -618,8 +644,6 @@ int
 LoadXloginResources( struct display *d )
 {
     char       cmd[1024];
-    char       *language="";
-    char       *lang_key="";
     char       *authority="";
     char       *auth_key="";
     char        *resources = NULL;
@@ -631,14 +655,14 @@ LoadXloginResources( struct display *d )
         if (access (resources, R_OK) != 0) {
             /** fallback to the C locale for resources **/
            Debug("LoadXloginResources - cant access %s\n", resources);
-            Debug("\t %s.  Falling back to C.\n", sys_errlist[errno]);
+            Debug("\t %s.  Falling back to C.\n", strerror(errno));
             free(resources);
             resources = _ExpandLang(d->resources, "C");
             if (access (resources, R_OK) != 0) {
                 /** can't find a resource file, so bail **/
                Debug("LoadXloginResources - cant access %s.\n", resources);
                 Debug("\t %s.  Unable to find resource file.\n",
-                     sys_errlist[errno]);
+                     strerror(errno));
                 free(resources);
                 return(-1);
             }
@@ -649,28 +673,6 @@ LoadXloginResources( struct display *d )
                auth_key = "XAUTHORITY=";
        }
 
-       if (d->language && strlen(d->language) > 0 ) {
-               language = strdup(d->language);
-               lang_key = "-D";
-       }
-
-       /*
-        *  replace any "-" or "." in the language name with "_". The C
-        *  preprocessor used by xrdb does not accept "-" or "." in a name.
-        */
-        
-       while ( (p = strchr(language, '-')) != NULL ) {
-           *p = '_';
-       }
-        
-       while ( (p = strchr(language, '.')) != NULL ) {
-           *p = '_';
-       }
-                   
-       if ( strlen(language) > 0 )
-           free(language);
-
-
        Debug("LoadXloginResources - loading resource db from %s\n", resources);
        if((XresourceDB = XrmGetFileDatabase(resources)) == NULL)
           Debug("LoadXloginResources - Loading resource db from %s failed\n",
@@ -687,7 +689,10 @@ LoadXloginResources( struct display *d )
                        auth_key, authority, d->xrdb, d->name, tmpname);
        Debug ("Loading resource file: %s\n", cmd);
 
-       system (cmd);  
+       if(-1 == system (cmd)) {
+           Debug ("system() failed on cmd '%s'\n", cmd);
+            return -1;
+        }
 
        if (debugLevel <= 10)
          if (unlink (tmpname) == -1)
@@ -734,7 +739,7 @@ LoadAltDtsResources(struct display *d)
     if ( XrmGetResource(XresourceDB,
                    "Dtlogin*altDts",  "Dtlogin*AltDts",
                    &rmtype, &rmvalue ) ) {
-               strcpy(tempbuf,rmvalue.addr);
+               snprintf(tempbuf, sizeof(tempbuf), "%s", rmvalue.addr);
                i = atoi(tempbuf);
     }
 
@@ -747,7 +752,7 @@ LoadAltDtsResources(struct display *d)
         if (access (resources, R_OK) != 0)
        {
             Debug("LoadAltDtsResources- cant access %s.\n", resources);
-            Debug("\t %s.  Falling back to C.\n", sys_errlist[errno]);
+            Debug("\t %s.  Falling back to C.\n", strerror(errno));
 
             if (resources)
            {
@@ -759,21 +764,18 @@ LoadAltDtsResources(struct display *d)
             if (access (resources, R_OK) != 0)
            {
                 Debug("LoadAltDtsResources- cant access %s.\n", resources);
-                Debug("\t %s.\n", sys_errlist[errno]);
+                Debug("\t %s.\n", strerror(errno));
            }
            else
-              strcpy(dirname[j], resources);
+              snprintf(dirname[j], sizeof(dirname[j]), "%s", resources);
        }
        else {
-            strcpy(dirname[j],resources);
+            snprintf(dirname[j], sizeof(dirname[j]), "%s", resources);
             Debug("LoadAltDtsResources- found resource dir %s\n", dirname[j]);
        }
 
-        if (resources)
-       {
-           free (resources);
-           resources = NULL;
-       }
+       free (resources);
+       resources = NULL;
     }
 
 
@@ -800,18 +802,18 @@ LoadAltDtsResources(struct display *d)
                    {
                         Debug("LoadAltDtsResources- cant access %s.\n",
                              resources);
-                        Debug("\t %s.\n", sys_errlist[errno]);
+                        Debug("\t %s.\n", strerror(errno));
                         continue;
                    }
 
                     if (file_count == 0) {
-                        file_list = malloc (list_incr * sizeof(char **));
+                        file_list = malloc (list_incr * sizeof(char *));
                         num_allocated += list_incr;
                     }
                     if (file_count + 1 > num_allocated) {
                         num_allocated += list_incr;
                         file_list = realloc (file_list,
-                                             num_allocated * sizeof(char **));
+                                             num_allocated * sizeof(char *));
                     }
                     file_list[file_count] = strdup (res_file);
                     file_count++;
@@ -836,9 +838,9 @@ LoadAltDtsResources(struct display *d)
             * remove the trailing spaces 
             */
            if(strchr(rmvalue.addr,' '))
-               strcpy(tempbuf, strtok(rmvalue.addr," "));
+               snprintf(tempbuf, sizeof(tempbuf), "%s", strtok(rmvalue.addr," "));
            else
-               strcpy(tempbuf, rmvalue.addr);
+               snprintf(tempbuf, sizeof(tempbuf), "%s", rmvalue.addr);
 
            if ((strcmp(tempbuf, "True") == 0) || 
                 (strcmp(tempbuf, "TRUE") == 0))  {
@@ -1268,7 +1270,7 @@ StartClient( struct verify_info *verify, struct display *d, int *pidp )
        }
 #endif
 
-#ifndef sun
+#if !defined(sun) && !defined(CSRG_BASED)
        Account(d, user, NULL, getpid(), USER_PROCESS, status);
 #endif
 
@@ -1493,7 +1495,9 @@ StartClient( struct verify_info *verify, struct display *d, int *pidp )
 
 /* setpenv() will set gid for AIX */
 #if !defined (_AIX)
-       setgid (verify->groups[0]);
+       if(-1 == setgid (verify->groups[0])) {
+            perror(strerror(errno));
+        }
 #endif
 
 #    else  /* ! NGROUPS */
@@ -1545,7 +1549,9 @@ StartClient( struct verify_info *verify, struct display *d, int *pidp )
                        LogError (ReadCatalog(
                                MC_LOG_SET,MC_LOG_NO_HMDIR,MC_DEF_LOG_NO_HMDIR),
                                home, getEnv (verify->userEnviron, "USER"));
-                       chdir ("/");
+                       if(-1 == chdir ("/")) {
+                                perror(strerror(errno));
+                        }
                        verify->userEnviron = setEnv(verify->userEnviron, 
                                                     "HOME", "/");
                }
@@ -1626,6 +1632,12 @@ StartClient( struct verify_info *verify, struct display *d, int *pidp )
             failsafeArgv[i++] = "/usr/X/bin/xterm";
 #elif defined(__hpux)
            failsafeArgv[i++] = "/usr/bin/X11/hpterm";
+#elif defined(__OpenBSD__)
+           failsafeArgv[i++] = "/usr/X11R6/bin/xterm";
+#elif defined(__NetBSD__)
+           failsafeArgv[i++] = "/usr/X11R7/bin/xterm";
+#elif defined(__FreeBSD__)
+           failsafeArgv[i++] = "/usr/local/bin/xterm";
 #else
            failsafeArgv[i++] = "/usr/bin/X11/xterm";
 #endif
@@ -1714,7 +1726,7 @@ AbortClient( int pid )
                        MC_LOG_SET,MC_LOG_NO_KILLCL,MC_DEF_LOG_NO_KILLCL));
            case EINVAL:
            case ESRCH:
-               return;
+               return 0;
            }
        }
        if (!setjmp (tenaciousClient)) {
@@ -1729,6 +1741,7 @@ AbortClient( int pid )
            signal (SIGALRM, SIG_DFL);
        sig = SIGKILL;
     }
+    return 1;
 }
 
 int 
@@ -1765,6 +1778,7 @@ source( struct verify_info *verify, char *file )
     return 0;
 }
 
+/* returns 0 on failure, -1 on out of mem, and 1 on success */
 int 
 execute(char **argv, char **environ )
 {
@@ -1802,11 +1816,11 @@ execute(char **argv, char **environ )
         */
        f = fopen (argv[0], "r");
        if (!f)
-           return;
+           return 0;
        if (fgets (program, sizeof (program) - 1, f) == NULL)
        {
            fclose (f);
-           return;
+           return 0;
        }
        fclose (f);
        e = program + strlen (program) - 1;
@@ -1845,6 +1859,8 @@ execute(char **argv, char **environ )
            ;
        session_execve (newargv[0], newargv, environ);
     }
+
+    return 1;
 }
 
 
@@ -1899,8 +1915,10 @@ RunGreeter( struct display *d, struct greet_info *greet,
     char       *p;
     char       **env;
     char       *path;
-    struct greet_state state;
+    struct greet_state state = {};
     int        notify_dt;
+    int                dupfp = -1;
+    int                dupfp2 = -1;
 
 #ifdef __PASSWD_ETC
 #  ifndef U_NAMELEN
@@ -1951,8 +1969,12 @@ RunGreeter( struct display *d, struct greet_info *greet,
         *  set up communication pipes...
         */
         
-       pipe(response);
-       pipe(request);
+       if(-1 == pipe(response)) {
+            perror(strerror(errno));
+        }
+       if(-1 == pipe(request)) {
+            perror(strerror(errno));
+        }
        rbytes = 0;
 
 
@@ -2040,7 +2062,7 @@ RunGreeter( struct display *d, struct greet_info *greet,
            if ( d->langList && strlen(d->langList) > 0 )
                env = setEnv(env, LANGLIST,  d->langList);
 #if !defined (ENABLE_DYNAMIC_LANGLIST)
-           else if (languageList && strlen(languageList) > 0 )
+           else if (strlen(languageList) > 0 )
                env = setEnv(env, LANGLIST, languageList);
 #endif /* ENABLE_DYNAMIC_LANGLIST */
 
@@ -2080,7 +2102,10 @@ RunGreeter( struct display *d, struct greet_info *greet,
            * Writing to file descriptor 1 goes to response pipe instead.
            */
            close(1);
-           dup(response[1]);
+            dupfp = dup(response[1]);
+           if(-1 == dupfp) {
+                perror(strerror(errno));
+            }
            close(response[0]);
            close(response[1]);
 
@@ -2088,7 +2113,10 @@ RunGreeter( struct display *d, struct greet_info *greet,
            * Reading from file descriptor 0 reads from request pipe instead.
            */
            close(0);
-           dup(request[0]);
+            dupfp2 = dup(request[0]);
+           if(-1 == dupfp2) {
+                perror(strerror(errno));
+            }
            close(request[0]);
            close(request[1]);
 
@@ -2098,12 +2126,12 @@ RunGreeter( struct display *d, struct greet_info *greet,
             * figure out path to dtgreet...
             */
 
-           strcpy(msg, progName);
+           snprintf(msg, sizeof(msg), "%s", progName);
     
            if ((p = (char *) strrchr(msg, '/')) == NULL)
                strcpy(msg,"./");
            else
-               *(++p) = NULL;
+               *(++p) = '\0';
 
            strcat(msg,"dtgreet");
 
@@ -2391,7 +2419,11 @@ RunGreeter( struct display *d, struct greet_info *greet,
                * the master struct. When the user logs out, the
                * resource-specified language (if any) will reactivate.
                */
-               Debug("Greeter returned language '%s'\n", d->language);
+                if (d->language)
+                  Debug("Greeter returned language '%s'\n", d->language);
+                else
+                  Debug("Greeter returned language (NULL)\n");
+
 
                if (strcmp(d->language, "default") == 0) {
                    int len = strlen(defaultLanguage) + 1;
@@ -2899,7 +2931,9 @@ static void
 TellGreeter(
   RequestHeader *phdr)
 {
-  write(request[1], phdr, phdr->length);
+  if(-1 == write(request[1], phdr, phdr->length)) {
+    perror(strerror(errno));
+  }
 }
 
 static int