From 13d3e1db507bce18b785a3215be0ba80e241b166 Mon Sep 17 00:00:00 2001 From: Peter Howkins Date: Fri, 13 Apr 2018 00:54:04 +0100 Subject: [PATCH] dtlogin: coverity fixes --- cde/programs/dtlogin/account.c | 2 +- cde/programs/dtlogin/auth.c | 18 ++++++++++-------- cde/programs/dtlogin/choose.c | 2 +- cde/programs/dtlogin/dm.c | 9 +++++---- cde/programs/dtlogin/dm.h | 2 +- cde/programs/dtlogin/dtchooser.c | 6 ++++-- cde/programs/dtlogin/genauth.c | 6 ++---- cde/programs/dtlogin/session.c | 25 +++++++++++-------------- cde/programs/dtlogin/sysauth.c | 6 ++---- cde/programs/dtlogin/util.c | 8 ++++---- cde/programs/dtlogin/verify.c | 7 +++---- cde/programs/dtlogin/vgcallback.c | 5 ++--- cde/programs/dtlogin/vgmain.c | 4 +--- cde/programs/dtlogin/xdmauth.c | 12 +++++------- 14 files changed, 52 insertions(+), 60 deletions(-) diff --git a/cde/programs/dtlogin/account.c b/cde/programs/dtlogin/account.c index 828947f5..c9ff601a 100644 --- a/cde/programs/dtlogin/account.c +++ b/cde/programs/dtlogin/account.c @@ -262,7 +262,7 @@ Account( struct display *d, char *user, char *line, pid_t pid, if (type == LOGIN_PROCESS && d->displayType.location != Local ) { #ifndef SVR4 - strncpy(u->ut_host, d->name, sizeof(u->ut_host)); + snprintf(u->ut_host, sizeof(u->ut_host), "%s", d->name); #endif #ifdef __hpux u->ut_addr = 0; diff --git a/cde/programs/dtlogin/auth.c b/cde/programs/dtlogin/auth.c index 57755819..4b22081b 100644 --- a/cde/programs/dtlogin/auth.c +++ b/cde/programs/dtlogin/auth.c @@ -1094,8 +1094,10 @@ writeLocalAuth (FILE *file, Xauth *auth, char *name) #endif #ifdef TCPCONN fd = socket (AF_INET, SOCK_STREAM, 0); - DefineSelf (fd, file, auth); - close (fd); + if(fd != -1) { + DefineSelf (fd, file, auth); + close (fd); + } #endif #ifdef DNETCONN fd = socket (AF_DECnet, SOCK_STREAM, 0); @@ -1156,10 +1158,10 @@ SetUserAuthorization (struct display *d, struct verify_info *verify) home = getEnv (verify->userEnviron, "HOME"); lockStatus = LOCK_ERROR; if (home) { - strcpy (home_name, home); + snprintf(home_name, sizeof(home_name), "%s", home); if (home[strlen(home) - 1] != '/') - strcat (home_name, "/"); - strcat (home_name, ".Xauthority"); + snprintf(home_name, sizeof(home_name), "%s/", home_name); + snprintf(home_name, sizeof(home_name), "%s.Xauthority", home_name); Debug ("XauLockAuth %s\n", home_name); lockStatus = XauLockAuth (home_name, 1, 2, 10); Debug ("Lock is %d\n", lockStatus); @@ -1329,10 +1331,10 @@ RemoveUserAuthorization (struct display *d, struct verify_info *verify) if (!home) return; Debug ("RemoveUserAuthorization\n"); - strcpy (name, home); + snprintf(name, sizeof(name), "%s", home); if (home[strlen(home) - 1] != '/') - strcat (name, "/"); - strcat (name, ".Xauthority"); + snprintf(name, sizeof(name), "%s/", name); + snprintf(name, sizeof(name), "%s.Xauthority", name); Debug ("XauLockAuth %s\n", name); lockStatus = XauLockAuth (name, 1, 2, 10); Debug ("Lock is %d\n", lockStatus); diff --git a/cde/programs/dtlogin/choose.c b/cde/programs/dtlogin/choose.c index c600e518..e41d0bc5 100644 --- a/cde/programs/dtlogin/choose.c +++ b/cde/programs/dtlogin/choose.c @@ -466,7 +466,7 @@ RunChooser ( env = setEnv(env, LANGLIST, d->langList); #if !defined (ENABLE_DYNAMIC_LANGLIST) else - if (languageList && strlen(languageList) > 0 ) + if ( strlen(languageList) > 0 ) env = setEnv(env, LANGLIST, languageList); #endif /* ENABLE_DYNAMIC_LANGLIST */ if ( d->setup) diff --git a/cde/programs/dtlogin/dm.c b/cde/programs/dtlogin/dm.c index 6c415c2a..b90acb71 100644 --- a/cde/programs/dtlogin/dm.c +++ b/cde/programs/dtlogin/dm.c @@ -874,7 +874,7 @@ StartDisplay( bkup[0] = '\0'; if (d->authFile) - strcpy(bkup ,d->authFile); + snprintf(bkup, sizeof(bkup), "%s", d->authFile); LoadDisplayResources (d); @@ -1340,7 +1340,9 @@ StorePid( void ) * open it Read/Write. This will be transparent to HP-UX. */ pidFd = creat (pidFile, 0644); - close( pidFd ); + if(pidFd != -1) { + close( pidFd ); + } pidFd = open (pidFile, 2); } if (pidFd == -1 || !(pidFilePtr = fdopen (pidFd, "r+"))) @@ -1623,8 +1625,7 @@ GettyMessage( struct display *d, int msgnum ) if (quiet) return; - strcpy(buf,"/dev/"); - strcat(buf,d->gettyLine); + snprintf(buf, sizeof(buf), "/dev/%s", d->gettyLine); if ( (tf = fopen (buf, "a")) != NULL) { fprintf (tf, diff --git a/cde/programs/dtlogin/dm.h b/cde/programs/dtlogin/dm.h index 1d35f008..252cb260 100644 --- a/cde/programs/dtlogin/dm.h +++ b/cde/programs/dtlogin/dm.h @@ -991,7 +991,7 @@ extern char * login_defaults(struct passwd *p, /******************************* version.c **************************/ /******************************* xdmauth.c **************************/ #ifdef HASXDMAUTH -extern int XdmInitAuth( +extern void XdmInitAuth( #if NeedWidePrototypes unsigned int name_len, #else diff --git a/cde/programs/dtlogin/dtchooser.c b/cde/programs/dtlogin/dtchooser.c index 3bb9088b..e15442ab 100644 --- a/cde/programs/dtlogin/dtchooser.c +++ b/cde/programs/dtlogin/dtchooser.c @@ -663,7 +663,7 @@ MakeDialog( DialogType dtype ) int width; - FILE *fp, *fopen(); + FILE *fp = NULL, *fopen(); char buffer[128]; char *str; @@ -772,7 +772,9 @@ MakeDialog( DialogType dtype ) } } - fclose(fp); + if(fp) { + fclose(fp); + } XtSetArg(argt[i], XmNmessageString, xmstr ); i++; w = XmCreateInformationDialog(tlev, "copyright_msg", argt, i); diff --git a/cde/programs/dtlogin/genauth.c b/cde/programs/dtlogin/genauth.c index 089eb16d..784e9503 100644 --- a/cde/programs/dtlogin/genauth.c +++ b/cde/programs/dtlogin/genauth.c @@ -156,10 +156,8 @@ typedef struct auth_ks_struct { auth_cblock _; } auth_wrapper_schedule[16]; extern void _XdmcpWrapperToOddParity(); -static -longtochars (l, c) - long l; - unsigned char *c; +static void +longtochars (long l, unsigned char *c) { c[0] = (l >> 24) & 0xff; c[1] = (l >> 16) & 0xff; diff --git a/cde/programs/dtlogin/session.c b/cde/programs/dtlogin/session.c index 5bdb48c2..cf6ce6d1 100644 --- a/cde/programs/dtlogin/session.c +++ b/cde/programs/dtlogin/session.c @@ -739,7 +739,7 @@ LoadAltDtsResources(struct display *d) if ( XrmGetResource(XresourceDB, "Dtlogin*altDts", "Dtlogin*AltDts", &rmtype, &rmvalue ) ) { - strcpy(tempbuf,rmvalue.addr); + snprintf(tempbuf, sizeof(tempbuf), "%s", rmvalue.addr); i = atoi(tempbuf); } @@ -767,18 +767,15 @@ LoadAltDtsResources(struct display *d) Debug("\t %s.\n", strerror(errno)); } else - strcpy(dirname[j], resources); + snprintf(dirname[j], sizeof(dirname[j]), "%s", resources); } else { - strcpy(dirname[j],resources); + snprintf(dirname[j], sizeof(dirname[j]), "%s", resources); Debug("LoadAltDtsResources- found resource dir %s\n", dirname[j]); } - if (resources) - { - free (resources); - resources = NULL; - } + free (resources); + resources = NULL; } @@ -810,13 +807,13 @@ LoadAltDtsResources(struct display *d) } if (file_count == 0) { - file_list = malloc (list_incr * sizeof(char **)); + file_list = malloc (list_incr * sizeof(char *)); num_allocated += list_incr; } if (file_count + 1 > num_allocated) { num_allocated += list_incr; file_list = realloc (file_list, - num_allocated * sizeof(char **)); + num_allocated * sizeof(char *)); } file_list[file_count] = strdup (res_file); file_count++; @@ -841,9 +838,9 @@ LoadAltDtsResources(struct display *d) * remove the trailing spaces */ if(strchr(rmvalue.addr,' ')) - strcpy(tempbuf, strtok(rmvalue.addr," ")); + snprintf(tempbuf, sizeof(tempbuf), "%s", strtok(rmvalue.addr," ")); else - strcpy(tempbuf, rmvalue.addr); + snprintf(tempbuf, sizeof(tempbuf), "%s", rmvalue.addr); if ((strcmp(tempbuf, "True") == 0) || (strcmp(tempbuf, "TRUE") == 0)) { @@ -2065,7 +2062,7 @@ RunGreeter( struct display *d, struct greet_info *greet, if ( d->langList && strlen(d->langList) > 0 ) env = setEnv(env, LANGLIST, d->langList); #if !defined (ENABLE_DYNAMIC_LANGLIST) - else if (languageList && strlen(languageList) > 0 ) + else if (strlen(languageList) > 0 ) env = setEnv(env, LANGLIST, languageList); #endif /* ENABLE_DYNAMIC_LANGLIST */ @@ -2129,7 +2126,7 @@ RunGreeter( struct display *d, struct greet_info *greet, * figure out path to dtgreet... */ - strcpy(msg, progName); + snprintf(msg, sizeof(msg), "%s", progName); if ((p = (char *) strrchr(msg, '/')) == NULL) strcpy(msg,"./"); diff --git a/cde/programs/dtlogin/sysauth.c b/cde/programs/dtlogin/sysauth.c index 801138b9..30f3375c 100644 --- a/cde/programs/dtlogin/sysauth.c +++ b/cde/programs/dtlogin/sysauth.c @@ -2471,15 +2471,13 @@ Authenticate( struct display *d, char *name, char *passwd, char **msg ) */ - if ((p->pw_gid < 0) || - (setgid(p->pw_gid) == -1)) { + if (setgid(p->pw_gid) == -1) { Audit(p, " attempted to login - bad group id", 1); return(VF_BAD_GID); } - if ((p->pw_uid < 0) || - (seteuid(p->pw_uid) == -1)) { + if (seteuid(p->pw_uid) == -1) { Audit(p, " attempted to login - bad user id", 1); return(VF_BAD_UID); diff --git a/cde/programs/dtlogin/util.c b/cde/programs/dtlogin/util.c index ee8a0fcd..7841d5ed 100644 --- a/cde/programs/dtlogin/util.c +++ b/cde/programs/dtlogin/util.c @@ -201,7 +201,7 @@ makeEnv( char *name, char *value ) return 0; } - if (value && *value) { + if (*value) { sprintf (result, "%s=%s", name, value); } else { @@ -1144,11 +1144,11 @@ setLang( struct display *d, char **env , char *langptr) Debug("setLang(): langlist = NULL\n"); if (langptr) - strcpy(langlist, langptr); + snprintf(langlist, sizeof(langlist), "%s", langptr); else - strcpy(langlist, getEnv(env, "LANGLIST")); + snprintf(langlist, sizeof(langlist), "%s", getEnv(env, "LANGLIST")); - if (langlist && (int) strlen(langlist) > 0) { + if (strlen(langlist) > 0) { element = strtok(langlist, DELIM); while(element) { set_def_lang = FALSE; diff --git a/cde/programs/dtlogin/verify.c b/cde/programs/dtlogin/verify.c index a538db46..2a695bc4 100644 --- a/cde/programs/dtlogin/verify.c +++ b/cde/programs/dtlogin/verify.c @@ -192,8 +192,7 @@ Verify( } break; case NOTIFY_LAST_DT: - strcpy(last_sess,home); - strcat(last_sess,LAST_SESSION_FILE); + snprintf(last_sess, sizeof(last_sess), "%s%s", home, LAST_SESSION_FILE); if((lastsession = fopen(last_sess,"r")) == NULL) { /* @@ -380,7 +379,7 @@ userEnv( if (d->language && strlen(d->language) > 0) langlist = d->language; #else - else if (languageList && strlen(languageList) > 0 ) + else if ( strlen(languageList) > 0 ) langlist = languageList; #endif /* ENABLE_DYNAMIC_LANGLIST */ @@ -556,7 +555,7 @@ systemEnv( struct display *d, char *user, char *home ) else if (d->language && strlen(d->language) > 0 ) langlist = d->language; #else - else if (languageList && strlen(languageList) > 0 ) + else if ( strlen(languageList) > 0 ) langlist = languageList; #endif /* ENABLE_DYNAMIC_LANGLIST */ diff --git a/cde/programs/dtlogin/vgcallback.c b/cde/programs/dtlogin/vgcallback.c index b0863a20..a7a7aafe 100644 --- a/cde/programs/dtlogin/vgcallback.c +++ b/cde/programs/dtlogin/vgcallback.c @@ -448,7 +448,7 @@ EditPasswdCB(Widget w, XtPointer client, XtPointer call_data) if (cbs->text->ptr) { - strcpy(s, cbs->text->ptr); + snprintf(s, sizeof(buffer) - (s - buffer), "%s", cbs->text->ptr); s += cbs->text->length; } else @@ -1501,8 +1501,7 @@ RespondLangCB( Widget w, XtPointer client, XtPointer call) /** beginning of main. **/ char buff[128]; if (XmToggleButtonGadgetGetState(w)) { - strcpy(buff, "LANG="); - strcat(buff, client); + snprintf(buff, sizeof(buff), "LANG=%s", (char *) client); putenv(buff); execv(orig_argv[0], orig_argv); } diff --git a/cde/programs/dtlogin/vgmain.c b/cde/programs/dtlogin/vgmain.c index f26bcadc..1688110d 100644 --- a/cde/programs/dtlogin/vgmain.c +++ b/cde/programs/dtlogin/vgmain.c @@ -960,9 +960,7 @@ char *temp_p; char *host; host = GetDisplayName(); - strcpy(temp, host); - strcat(temp, " - "); - strcat(temp, rmvalue.addr + strlen(DISPLAYNAME)); + snprintf(temp, sizeof(temp), "%s - %s", host, rmvalue.addr + strlen(DISPLAYNAME)); xmstr = XmStringCreateLocalized(temp); } else { diff --git a/cde/programs/dtlogin/xdmauth.c b/cde/programs/dtlogin/xdmauth.c index 70e9eba8..75078c89 100644 --- a/cde/programs/dtlogin/xdmauth.c +++ b/cde/programs/dtlogin/xdmauth.c @@ -94,10 +94,8 @@ from the X Consortium. static char auth_name[256]; static int auth_name_len; -XdmPrintDataHex (s, a, l) - char *s; - char *a; - int l; +void +XdmPrintDataHex(const char *s, const char *a, int l) { int i; @@ -117,14 +115,14 @@ XdmPrintKey (s, k) #endif #ifdef XDMCP -XdmPrintArray8Hex (s, a) - char *s; - ARRAY8Ptr a; +void +XdmPrintArray8Hex(const char *s, ARRAY8Ptr a) { XdmPrintDataHex (s, (char *) a->data, a->length); } #endif +void XdmInitAuth (name_len, name) #if NeedWidePrototypes unsigned int name_len; -- 2.25.1