clang-tidy

alanking · Aug 21, 2023 · 319e017 · 319e017
1 parent 2fe8ccb
commit 319e017
Showing 1 changed file with 14 additions and 10 deletions.
diff --git a/plugins/database/src/db_plugin.cpp b/plugins/database/src/db_plugin.cpp
@@ -7102,7 +7102,6 @@ irods::error db_update_pam_password_op(
 //        _ctx.prop_map().get< icatSessionStruct >( ICSS_PROP, icss );
 
     char myTime[50];
-    char rBuf[200];
     int status;
     char passwordModifyTime[50];
     char *cVal[3];
@@ -7178,7 +7177,7 @@ irods::error db_update_pam_password_op(
         log_sql::debug("chlUpdateIrodsPamPassword SQL 3");
     }
 
-    std::array<char, MAX_PASSWORD_LEN + 2> stored_random_password;
+    std::array<char, MAX_PASSWORD_LEN + 2> stored_random_password{};
     cVal[0] = stored_random_password.data();
     iVal[0] = MAX_PASSWORD_LEN;
     cVal[1] = passwordModifyTime;
@@ -7205,6 +7204,7 @@ irods::error db_update_pam_password_op(
             cllBindVars[cllBindVarCount++] = myTime;
             cllBindVars[cllBindVarCount++] = expTime;
             cllBindVars[cllBindVarCount++] = selUserId;
+            // NOLINTNEXTLINE(cppcoreguidelines-pro-bounds-constant-array-index)
             cllBindVars[cllBindVarCount++] = stored_random_password.data();
             status =  cmlExecuteNoAnswerSql( "update R_USER_PASSWORD set modify_ts=?, pass_expiry_ts=? where user_id = ? and rcat_password = ?",
                                              &icss );
@@ -7228,24 +7228,27 @@ irods::error db_update_pam_password_op(
         return SUCCESS();
     }
 
-    std::array<char, MAX_PASSWORD_LEN> random_password;
-    std::array<char, MAX_PASSWORD_LEN> scrambled_random_password;
-    get64RandomBytes(rBuf);
+    std::array<char, MAX_PASSWORD_LEN> random_password{};
+    std::array<char, MAX_PASSWORD_LEN> scrambled_random_password{};
+    std::array<char, 64 + 1> random_bytes_buffer{};
+    get64RandomBytes(random_bytes_buffer);
 
     // This size must not exceed MAX_PASSWORD_LEN - 8 because the client uses this size check when attempting to
     // store the obfuscated password. Setting to 20 for historical reasons (this was the previous default).
-    constexpr std::uint8_t max_size_for_random_password = 20;
+    //constexpr std::uint8_t max_size_for_random_password = 20;
     std::uint8_t j = 0;
-    for (std::uint8_t i = 0; i < max_size_for_random_password; i++) {
-        char c = rBuf[i] & 0x7f;
+    for (std::uint8_t i = 0; i < random_password.size() - 1; i++) {
+        constexpr auto bitmask = 0x7f;
+        // NOLINTNEXTLINE(hicpp-signed-bitwise,bugprone-narrowing-conversions,cppcoreguidelines-narrowing-conversions)
+        char c = random_bytes_buf.at(i) & bitmask;
         if (c < '0') {
             c += '0';
         }
         if ((c > 'a' && c < 'z') || (c > 'A' && c < 'Z') || (c > '0' && c < '9')) {
-            random_password[j++] = c;
+            random_password.at(j++) = c;
         }
     }
-    random_password[j] = '\0';
+    random_password.at(j) = '\0';
 
     std::strncpy(scrambled_random_password.data(), random_password.data(), MAX_PASSWORD_LEN);
     icatScramble(scrambled_random_password.data());
@@ -7257,6 +7260,7 @@ irods::error db_update_pam_password_op(
     if (logSQL != 0)
         log_sql::debug("chlUpdateIrodsPamPassword SQL 5");
     cllBindVars[cllBindVarCount++] = selUserId;
+    // NOLINTNEXTLINE(cppcoreguidelines-pro-bounds-constant-array-index)
     cllBindVars[cllBindVarCount++] = scrambled_random_password.data();
     cllBindVars[cllBindVarCount++] = expTime;
     cllBindVars[cllBindVarCount++] = myTime;