Fix some coverity warnings

.github/workflows/coverity.yml

@@ -3,6 +3,8 @@ name: "Coverity Scan"
 on:
   push:
     branches: coverity_scan
+  pull_request:
+    branches: master
 
 jobs:
   ubuntu:

src/config_rmw.c

@@ -300,10 +300,17 @@ parse_line_waste(st_waste *waste_curr, struct Canfigger *node,
     char tmp[PATH_MAX];
     strcpy(tmp, waste_curr->parent);
     char *media_root_ptr = rmw_dirname(tmp);
+    if (!media_root_ptr)
+    {
+      fputs("Error getting media root pointer.\n\
+  char *media_root_ptr = rmw_dirname(tmp)\n", stderr);
+      exit(EXIT_FAILURE);
+    }
+
     if (!(waste_curr->media_root = malloc(strlen(media_root_ptr) + 1)))
       fatal_malloc();
     strcpy(waste_curr->media_root, media_root_ptr);
-    strcpy(tmp, waste_curr->media_root);
+    sn_check(snprintf(tmp, sizeof tmp, "%s", waste_curr->media_root), sizeof tmp);
     if (!lstat(rmw_dirname(tmp), &mp_st))
     {
       if (mp_st.st_dev == waste_curr->dev_num && !fake_media_root)

src/main.c

@@ -319,14 +319,27 @@ damage of 5000 hp. You feel satisfied.\n"));
       continue;
     }
 
+    int fd;
     struct stat st_file_arg;
     if (!lstat(argv[file_arg], &st_file_arg))
     {
+      // Avoid a potential TOCTOU race condition by opening the file
+      // before performing rename or clone
+      fd = open(argv[file_arg], O_RDONLY | (S_ISLNK(st_file_arg.st_mode) ? O_NOFOLLOW : 0));
+      if (fd == -1)
+        if (errno == ENOENT)
+        {
+            fprintf(stderr, "File does not exist: %s\n", argv[file_arg]);
+            return -1;
+        }
+
       st_target.dev_num = st_file_arg.st_dev;
       st_target.real_path = resolve_path(argv[file_arg], st_target.base_name);
+
       if (st_target.real_path == NULL)
       {
         n_err++;
+        close(fd);
         continue;
       }
     }
@@ -341,6 +354,7 @@ damage of 5000 hp. You feel satisfied.\n"));
     {
       puts(_("Skipping requested ReMoval of your HOME directory"));
       free(st_target.real_path);
+      close(fd);
       continue;
     }
 
@@ -350,6 +364,7 @@ damage of 5000 hp. You feel satisfied.\n"));
       {
         printf(_("Skipping requested ReMoval of %s\n"), st_target.real_path);
         free(st_target.real_path);
+        close(fd);
         continue;
       }
     }
@@ -374,6 +389,7 @@ damage of 5000 hp. You feel satisfied.\n"));
     if (is_protected)
     {
       free(st_target.real_path);
+      close(fd);
       continue;
     }
 
@@ -434,6 +450,10 @@ damage of 5000 hp. You feel satisfied.\n"));
           }
         }
 
+        if (close(fd) == -1)
+          fprintf(stderr, "close: %s\n\
+%s\n", strerror(errno), argv[file_arg]);
+
         if (r_result == 0)
         {
           if (verbose)

src/purging.c

@@ -209,7 +209,7 @@ get_pt_basename(const char *purge_target)
 {
   static char *pt_basename;
   static char pt_tmp[PATH_MAX];
-  strcpy(pt_tmp, purge_target);
+  sn_check(snprintf(pt_tmp, sizeof pt_tmp, "%s", purge_target), sizeof pt_tmp);
   pt_basename = basename(pt_tmp);
   return pt_basename;
 }

src/restore.c

@@ -135,7 +135,7 @@ restore(const char *src, st_time *st_time_var,
     {
       char *media_root = rmw_dirname(waste_parent);
       char *_tmp_str = join_paths(media_root, _dest);
-      strcpy(dest, _tmp_str);
+      sn_check(snprintf(dest, sizeof dest, "%s", _tmp_str), sizeof dest);
       free(_tmp_str);
     }
     free(_dest);