Fix issues found by Coverity Scan

Resolves: rhbz#1602618
2018-08-13 17:58:35 +02:00 · 2018-08-13 17:58:35 +02:00 · bc759943d5
commit bc759943d5
parent b411626c82
8 changed files with 365 additions and 2 deletions
--- a/0001-Add-a-missing-va_end-call.patch
+++ b/0001-Add-a-missing-va_end-call.patch
@ -0,0 +1,28 @@
 From 6b93b699cc57c433ddd0f8a055c73a4b05b575fa Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Mon, 13 Aug 2018 14:39:42 +0200
 Subject: [PATCH 1/7] Add a missing va_end() call
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 Signed-off-by: Ondřej Lysoněk <olysonek@redhat.com>
 ---
 src/common.c | 1 +
 1 file changed, 1 insertion(+)
 diff --git a/src/common.c b/src/common.c
 index 86d806c..48f68f9 100644
 --- a/src/common.c
 +++ b/src/common.c
@@ -74,6 +74,7 @@ void do_log(const char *line, ...)
 	  (ptr->tm_year)+1900, (ptr->tm_mon)+1, ptr->tm_mday,
 	  ptr->tm_hour, ptr->tm_min, ptr->tm_sec);
   vfprintf(logfile, line, ap);
 +  va_end(ap);
   fprintf(logfile, "\n");
   fclose(logfile);
 #else
 -- 
 2.14.4
--- a/0002-Make-sure-strings-copied-by-strncpy-are-null-termina.patch
+++ b/0002-Make-sure-strings-copied-by-strncpy-are-null-termina.patch
@ -0,0 +1,113 @@
 From 695564da74fe7c95802f5bf59e442e23a2d7cbbf Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Mon, 13 Aug 2018 14:39:43 +0200
 Subject: [PATCH 2/7] Make sure strings copied by strncpy are null-terminated
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 Signed-off-by: Ondřej Lysoněk <olysonek@redhat.com>
 ---
 src/config.c  | 1 +
 src/dial.c    | 3 +++
 src/minicom.c | 3 +++
 src/script.c  | 2 ++
 src/updown.c  | 4 ++++
 5 files changed, 13 insertions(+)
 diff --git a/src/config.c b/src/config.c
 index 78b25aa..ea939c8 100644
 --- a/src/config.c
 +++ b/src/config.c
@@ -88,6 +88,7 @@ void read_parms(void)
   for (f = PROTO_BASE; f < MAXPROTO; f++) {
     if (P_PNAME(f)[0] && P_PIORED(f) != 'Y' && P_PIORED(f) != 'N') {
       strncpy(buf, P_PNAME(f) - 2, sizeof(buf));
 +      buf[sizeof(buf) - 1] = '\0';
       strcpy(P_PNAME(f), buf);
       P_PIORED(f) = 'Y';
       P_PFULL(f) = 'N';
 diff --git a/src/dial.c b/src/dial.c
 index a90c1d2..a3337e5 100644
 --- a/src/dial.c
 +++ b/src/dial.c
@@ -829,8 +829,11 @@ static int v1_read(FILE *fp, struct dialent *d)
   memcpy(d->username, v1.username, sizeof(v1) - offsetof(struct v1_dialent, username));
   strncpy(d->name, v1.name, sizeof(d->name));
 +  d->name[sizeof(d->name) - 1] = '\0';
   strncpy(d->number, v1.number, sizeof(d->number));
 +  d->number[sizeof(d->number) - 1] = '\0';
   strncpy(d->script, v1.script, sizeof(d->script));
 +  d->script[sizeof(d->script) - 1] = '\0';
   d->lastdate[0]=0;
   d->lasttime[0]=0;
   d->count=0;
 diff --git a/src/minicom.c b/src/minicom.c
 index 4eb47d4..876805a 100644
 --- a/src/minicom.c
 +++ b/src/minicom.c
@@ -1208,6 +1208,7 @@ int main(int argc, char **argv)
           break;
         case 't': /* Terminal type */
           strncpy(termtype, optarg, sizeof(termtype));
 +          termtype[sizeof(termtype) - 1] = '\0';
 #ifdef __GLIBC__
           /* Bug in older libc's (< 4.5.26 I think) */
           if ((s = getenv("TERMCAP")) != NULL && *s != '/')
@@ -1322,7 +1323,9 @@ int main(int argc, char **argv)
     strncpy(homedir, pwd->pw_dir, sizeof(homedir));
   else
     strncpy(homedir, s, sizeof(homedir));
 +  homedir[sizeof(homedir) - 1] = '\0';
   strncpy(username, pwd->pw_name, sizeof(username));
 +  username[sizeof(username) - 1] = '\0';
   /* Get personal parameter file */
   snprintf(pparfile, sizeof(pparfile), "%s/.minirc.%s", homedir, use_port);
 diff --git a/src/script.c b/src/script.c
 index ee1284f..f7c4e3f 100644
 --- a/src/script.c
 +++ b/src/script.c
@@ -1099,12 +1099,14 @@ int main(int argc, char **argv)
   if (argc > 2) {
     strncpy(logfname, argv[2], sizeof(logfname));
 +    logfname[sizeof(logfname) - 1] = '\0';
     if (argc > 3)
       strncpy(homedir, argv[3], sizeof(homedir));
     else if ((s = getenv("HOME")) != NULL)
       strncpy(homedir, s, sizeof(homedir));
     else
       homedir[0] = 0;
 +    homedir[sizeof(homedir) - 1] = '\0';
   }
   else
     logfname[0] = 0;
 diff --git a/src/updown.c b/src/updown.c
 index 726328e..54442bb 100644
 --- a/src/updown.c
 +++ b/src/updown.c
@@ -386,6 +386,7 @@ void updown(int what, int nr)
             do_log("%s", trimbuf);
           } else if (!strncmp (buffirst, "Bytes", 5)) {
             strncpy (xfrstr, buf, sizeof(xfrstr));
 +            xfrstr[sizeof(xfrstr) - 1] = '\0';
           }
           buffirst[0] = 0;
           trimbuf[0] = 0;
@@ -698,8 +699,11 @@ void runscript(int ask, const char *s, const char *l, const char *p)
     }
   } else {
     strncpy(scr_user, l, sizeof(scr_user));
 +    scr_user[sizeof(scr_user) - 1] = '\0';
     strncpy(scr_name, s, sizeof(scr_name));
 +    scr_name[sizeof(scr_name) - 1] = '\0';
     strncpy(scr_passwd, p, sizeof(scr_passwd));
 +    scr_passwd[sizeof(scr_passwd) - 1] = '\0';
   }
   sprintf(scr_lines, "%d", (int) lines);  /* jl 13.09.97 */
 -- 
 2.14.4
--- a/0003-Fix-file-descriptor-leaks.patch
+++ b/0003-Fix-file-descriptor-leaks.patch
@ -0,0 +1,59 @@
 From abc0836d587862ba512acf4d4fafcf8cb121bf0a Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Mon, 13 Aug 2018 14:39:44 +0200
 Subject: [PATCH 3/7] Fix file descriptor leaks
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 Signed-off-by: Ondřej Lysoněk <olysonek@redhat.com>
 ---
 src/dial.c | 5 +++++
 1 file changed, 5 insertions(+)
 diff --git a/src/dial.c b/src/dial.c
 index a3337e5..eada5ee 100644
 --- a/src/dial.c
 +++ b/src/dial.c
@@ -912,6 +912,7 @@ int readdialdir(void)
   if (fread(&dial_ver, sizeof(dial_ver), 1, fp) != 1)
     {
       werror(_("Failed to read dialing directory\n"));
 +      fclose(fp);
       return -1;
     }
   if (dial_ver.magic != DIALMAGIC) {
@@ -947,12 +948,14 @@ int readdialdir(void)
           dial_ver.size > sizeof(struct v4_dialent)) {
         werror(_("Phonelist garbled (unknown version?)"));
         dialents = mkstdent();
 +        fclose(fp);
         return -1;
       }
       break;
     case 5:
       if (dial_ver.size != sizeof(struct dialent)) {
 	werror(_("Phonelist corrupted"));
 +        fclose(fp);
 	return -1;
       }
       break;
@@ -961,6 +964,7 @@ int readdialdir(void)
       // have different size on 32 and 64bit systems
       if (dial_ver.size != sizeof(struct dialent) - sizeof(void *)) {
         werror(_("Phonelist corrupted"));
 +        fclose(fp);
         return -1;
       }
       break;
@@ -968,6 +972,7 @@ int readdialdir(void)
       werror(_("Unknown dialing directory version"));
       dendd = 1;
       dialents = mkstdent();
 +      fclose(fp);
       return -1;
   }
 -- 
 2.14.4
--- a/0004-Fix-a-directory-handle-leak.patch
+++ b/0004-Fix-a-directory-handle-leak.patch
@ -0,0 +1,28 @@
 From 97359edba99f9bc6f3f87590da2139c51fb409d4 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Mon, 13 Aug 2018 14:39:45 +0200
 Subject: [PATCH 4/7] Fix a directory handle leak
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 Signed-off-by: Ondřej Lysoněk <olysonek@redhat.com>
 ---
 src/getsdir.c | 1 +
 1 file changed, 1 insertion(+)
 diff --git a/src/getsdir.c b/src/getsdir.c
 index 2195b27..bd6b763 100644
 --- a/src/getsdir.c
 +++ b/src/getsdir.c
@@ -228,6 +228,7 @@ int getsdir(const char *dirpath, const char *pattern, int sortflags,
           if (!*datptr)
             {
               free(*datptr);
 +              closedir(dirp);
               return -1;
             }
 -- 
 2.14.4
--- a/0005-Fix-a-read-past-end-of-buffer.patch
+++ b/0005-Fix-a-read-past-end-of-buffer.patch
@ -0,0 +1,38 @@
 From fa8feee1fce1c6e728512d9e6c0bfffa89f0ce62 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Mon, 13 Aug 2018 14:39:46 +0200
 Subject: [PATCH 5/7] Fix a read past end of buffer
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 Signed-off-by: Ondřej Lysoněk <olysonek@redhat.com>
 ---
 src/ascii-xfr.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 diff --git a/src/ascii-xfr.c b/src/ascii-xfr.c
 index ca27ebf..79af763 100644
 --- a/src/ascii-xfr.c
 +++ b/src/ascii-xfr.c
@@ -207,7 +207,7 @@ int arecv(char *file)
   }
   while ((n = read(STDIN_FILENO, line, sizeof(line))) > 0) {
 -    for (s = line; n-- >0; s++) {
 +    for (s = line; s - line < n; s++) {
       if (*s == eofchar)
         break;
       if (dotrans && *s == '\r')
@@ -217,7 +217,7 @@ int arecv(char *file)
     }
     stats(first);
     first = 0;
 -    if (*s == eofchar)
 +    if (s - line < n && *s == eofchar)
       break;
   }
   fclose(fp);
 -- 
 2.14.4
--- a/0006-Fix-a-warning-about-an-unused-variable.patch
+++ b/0006-Fix-a-warning-about-an-unused-variable.patch
@ -0,0 +1,30 @@
 From a4e1679b67db6ecd7ce2891ed0bf5586125a9a08 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Mon, 13 Aug 2018 14:39:47 +0200
 Subject: [PATCH 6/7] Fix a warning about an unused variable
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 Signed-off-by: Ondřej Lysoněk <olysonek@redhat.com>
 ---
 src/config.c | 2 ++
 1 file changed, 2 insertions(+)
 diff --git a/src/config.c b/src/config.c
 index ea939c8..36b6e37 100644
 --- a/src/config.c
 +++ b/src/config.c
@@ -536,7 +536,9 @@ static void doserial(void)
 {
   WIN *w;
   char *serial_device         = _(" A -    Serial Device      :");
 +#if !HAVE_LOCKDEV
   char *lockfile_location     = _(" B - Lockfile Location     :");
 +#endif
   char *callin_program        = _(" C -   Callin Program      :");
   char *callout_program       = _(" D -  Callout Program      :");
   char *bps_par_bits          = _(" E -    Bps/Par/Bits       :");
 -- 
 2.14.4
--- a/0007-loadconv-Add-missing-fclose.patch
+++ b/0007-loadconv-Add-missing-fclose.patch
@ -0,0 +1,46 @@
 From 1c97e4df9e01c5f22a12fb6ecce25b4d80fd8f7c Mon Sep 17 00:00:00 2001
 From: Adam Lackorzynski <adam@os.inf.tu-dresden.de>
 Date: Mon, 13 Aug 2018 14:39:48 +0200
 Subject: [PATCH 7/7] loadconv: Add missing fclose()
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 Issue found and reported by David Binderman.
 This is a backport of commit f66b5c78.
 Signed-off-by: Ondřej Lysoněk <olysonek@redhat.com>
 ---
 src/config.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)
 diff --git a/src/config.c b/src/config.c
 index 36b6e37..0da4989 100644
 --- a/src/config.c
 +++ b/src/config.c
@@ -1865,6 +1865,7 @@ void doconv(void)
 int loadconv(char *buf)
 {
   FILE *fp;
 +  int err = 0;
   if ((fp = fopen(pfix_home(buf), "rb")) == (FILE *)NULL) {
     werror(_("Cannot open conversion table %s"), pfix_home(buf));
@@ -1874,10 +1875,11 @@ int loadconv(char *buf)
       || fread(vt_outmap, sizeof(vt_outmap), (size_t)1, fp) != 1)
     {
       werror(_("Cannot read conversion table %s"), pfix_home(buf));
 -      return 1;
 +      err = 1;
     }
 +
   fclose(fp);
 -  return 0;
 +  return err;
 }
 int saveconv(char *buf)
 -- 
 2.14.4
--- a/minicom.spec
+++ b/minicom.spec
@ -1,7 +1,7 @@
 Summary: A text-based modem control and terminal emulation program
 Name: minicom
 Version: 2.7.1
-Release: 8%{?dist}
+Release: 9%{?dist}
 URL: http://alioth.debian.org/projects/minicom/
 # Some files are built from Public Domain files in addition to GPLv2+ files
 # (/usr/bin/minicom). Some LGPLv2+ files *may* be used in building of certain
@ -13,8 +13,25 @@ License: GPLv2+ and LGPLv2+ and Public Domain
 Source0: https://alioth.debian.org/frs/download.php/file/4215/%{name}-%{version}.tar.gz
 # Upstream patch:
 Patch1: 0001-Add-a-missing-va_end-call.patch
 # Upstream patch:
 Patch2: 0002-Make-sure-strings-copied-by-strncpy-are-null-termina.patch
 # Upstream patch:
 Patch3: 0003-Fix-file-descriptor-leaks.patch
 # Upstream patch:
 Patch4: 0004-Fix-a-directory-handle-leak.patch
 # Upstream patch:
 Patch5: 0005-Fix-a-read-past-end-of-buffer.patch
 # Upstream patch:
 Patch6: 0006-Fix-a-warning-about-an-unused-variable.patch
 # Upstream patch:
 Patch7: 0007-loadconv-Add-missing-fclose.patch
 BuildRequires: lockdev-devel ncurses-devel autoconf automake gettext-devel
 BuildRequires: gcc
 # For %%autosetup -S git:
 BuildRequires: git
 Requires: lockdev lrzsz
@ -26,7 +43,7 @@ language, and other features.
 %prep
-%autosetup
+%autosetup -S git
 cp -pr doc doc_
 rm -f doc_/Makefile*
@ -63,6 +80,10 @@ mkdir -p %{buildroot}%{_sysconfdir}
 %changelog
 * Mon Aug 13 2018 Ondřej Lysoněk <olysonek@redhat.com> - 2.7.1-9
 - Fix issues found by Coverity Scan
 - Resolves: rhbz#1602618
 * Mon Jul 23 2018 Ondřej Lysoněk <olysonek@redhat.com> - 2.7.1-8
 - Corrected the License tag