From e8572ef55b216f1669d92a3a7168c56f0e49d4ed Mon Sep 17 00:00:00 2001 From: andy5995 Date: Sat, 2 Nov 2024 01:21:48 -0500 Subject: [PATCH] Fix some coverity warnings --- .github/workflows/coverity.yml | 2 ++ src/config_rmw.c | 9 ++++++++- src/main.c | 20 ++++++++++++++++++++ src/purging.c | 2 +- src/restore.c | 2 +- 5 files changed, 32 insertions(+), 3 deletions(-) diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml index dd0ef7df..ccf5e409 100644 --- a/.github/workflows/coverity.yml +++ b/.github/workflows/coverity.yml @@ -3,6 +3,8 @@ name: "Coverity Scan" on: push: branches: coverity_scan + pull_request: + branches: master jobs: ubuntu: diff --git a/src/config_rmw.c b/src/config_rmw.c index 0386fa24..28082dbc 100644 --- a/src/config_rmw.c +++ b/src/config_rmw.c @@ -300,10 +300,17 @@ parse_line_waste(st_waste *waste_curr, struct Canfigger *node, char tmp[PATH_MAX]; strcpy(tmp, waste_curr->parent); char *media_root_ptr = rmw_dirname(tmp); + if (!media_root_ptr) + { + fputs("Error getting media root pointer.\n\ + char *media_root_ptr = rmw_dirname(tmp)\n", stderr); + exit(EXIT_FAILURE); + } + if (!(waste_curr->media_root = malloc(strlen(media_root_ptr) + 1))) fatal_malloc(); strcpy(waste_curr->media_root, media_root_ptr); - strcpy(tmp, waste_curr->media_root); + sn_check(snprintf(tmp, sizeof tmp, "%s", waste_curr->media_root), sizeof tmp); if (!lstat(rmw_dirname(tmp), &mp_st)) { if (mp_st.st_dev == waste_curr->dev_num && !fake_media_root) diff --git a/src/main.c b/src/main.c index b2c81dfa..85c750a4 100644 --- a/src/main.c +++ b/src/main.c @@ -319,14 +319,27 @@ damage of 5000 hp. You feel satisfied.\n")); continue; } + int fd; struct stat st_file_arg; if (!lstat(argv[file_arg], &st_file_arg)) { + // Avoid a potential TOCTOU race condition by opening the file + // before performing rename or clone + fd = open(argv[file_arg], O_RDONLY | (S_ISLNK(st_file_arg.st_mode) ? O_NOFOLLOW : 0)); + if (fd == -1) + if (errno == ENOENT) + { + fprintf(stderr, "File does not exist: %s\n", argv[file_arg]); + return -1; + } + st_target.dev_num = st_file_arg.st_dev; st_target.real_path = resolve_path(argv[file_arg], st_target.base_name); + if (st_target.real_path == NULL) { n_err++; + close(fd); continue; } } @@ -341,6 +354,7 @@ damage of 5000 hp. You feel satisfied.\n")); { puts(_("Skipping requested ReMoval of your HOME directory")); free(st_target.real_path); + close(fd); continue; } @@ -350,6 +364,7 @@ damage of 5000 hp. You feel satisfied.\n")); { printf(_("Skipping requested ReMoval of %s\n"), st_target.real_path); free(st_target.real_path); + close(fd); continue; } } @@ -374,6 +389,7 @@ damage of 5000 hp. You feel satisfied.\n")); if (is_protected) { free(st_target.real_path); + close(fd); continue; } @@ -434,6 +450,10 @@ damage of 5000 hp. You feel satisfied.\n")); } } + if (close(fd) == -1) + fprintf(stderr, "close: %s\n\ +%s\n", strerror(errno), argv[file_arg]); + if (r_result == 0) { if (verbose) diff --git a/src/purging.c b/src/purging.c index c11c347d..bd673a9e 100644 --- a/src/purging.c +++ b/src/purging.c @@ -209,7 +209,7 @@ get_pt_basename(const char *purge_target) { static char *pt_basename; static char pt_tmp[PATH_MAX]; - strcpy(pt_tmp, purge_target); + sn_check(snprintf(pt_tmp, sizeof pt_tmp, "%s", purge_target), sizeof pt_tmp); pt_basename = basename(pt_tmp); return pt_basename; } diff --git a/src/restore.c b/src/restore.c index 61dd8257..c12685bb 100644 --- a/src/restore.c +++ b/src/restore.c @@ -135,7 +135,7 @@ restore(const char *src, st_time *st_time_var, { char *media_root = rmw_dirname(waste_parent); char *_tmp_str = join_paths(media_root, _dest); - strcpy(dest, _tmp_str); + sn_check(snprintf(dest, sizeof dest, "%s", _tmp_str), sizeof dest); free(_tmp_str); } free(_dest);