From 3cf43342e88840ba62b8be99921ddc43e86dd209 Mon Sep 17 00:00:00 2001 From: Nils Philippsen Date: Wed, 2 Apr 2014 16:06:14 +0200 Subject: [PATCH] fix coverity patch (#1079586) Ensure directories exist instead of indiscriminately attempting to create them. --- xsane-0.999-coverity.patch | 134 +++++++++++++++++++++++++------------ xsane.spec | 8 ++- 2 files changed, 97 insertions(+), 45 deletions(-) diff --git a/xsane-0.999-coverity.patch b/xsane-0.999-coverity.patch index 04629d5..f6350fe 100644 --- a/xsane-0.999-coverity.patch +++ b/xsane-0.999-coverity.patch @@ -1,113 +1,113 @@ -From 5312b3ffefc37b2404a71566bfc3501a7b02810a Mon Sep 17 00:00:00 2001 +From 9fe09c0e0746067f9e9774229b3d0beb35c5766b Mon Sep 17 00:00:00 2001 From: Nils Philippsen -Date: Wed, 19 Mar 2014 13:25:17 +0100 +Date: Wed, 2 Apr 2014 14:54:05 +0200 Subject: [PATCH] patch: coverity Squashed commit of the following: -commit 6be3861fec76fcba5d05e617dc9aae75f23ef98d +commit e26d784a5217d1609e774678d8abaeb2e1ecdadc Author: Nils Philippsen Date: Tue Mar 11 10:28:02 2014 +0100 ensure loop is run at least once while scaling -commit 65cb63df61c18edf1bec01f2b193c9f535d88a24 +commit e5bf8c8a659a7b03ae3eb130ebfaad292e16816d Author: Nils Philippsen Date: Thu Feb 27 15:07:42 2014 +0100 remove stray semicolon -commit 8ba3c999c8f82abdd7dd197810fb2f8c45a24454 +commit ad928333ba038051ca0a405470dadeaa0f365b95 Author: Nils Philippsen Date: Thu Feb 27 15:06:17 2014 +0100 use actual pointer type in realloc() -commit 54c72af0bbc717ad4a9b4e9b1dd1e8712b0f2b98 +commit 11dfb289d03555218318ce1a284c1165bbc58b22 Author: Nils Philippsen Date: Tue Feb 25 17:42:54 2014 +0100 don't overflow size expression for allocation -commit ff6e1c3f521a751fdd67296355ee5ed022516de2 +commit 5daccfc14f129c632f8409a89903d21c5495dd2f Author: Nils Philippsen Date: Tue Feb 25 17:18:58 2014 +0100 don't leak file descriptors and other resources -commit bb8695c9f4160a2a5d256efc3462fd85c3203f15 +commit 034023d7aaac378b8ab02051d11392c639154842 Author: Nils Philippsen Date: Tue Feb 25 16:04:28 2014 +0100 don't overrun buffers -commit b54bbc5f8dfce914a15c5926205b5c0f95f2889c +commit f7454d62b5206e2100e8569e04ff4a6868cbd909 Author: Nils Philippsen Date: Tue Feb 25 15:56:40 2014 +0100 check if files actually could be opened -commit 04fa42d0c7e3d5e2a0b009f31b6781ad5d27212d +commit de30cacd285c02382a32dc48cf9fe015223a57f7 Author: Nils Philippsen Date: Tue Feb 25 15:47:51 2014 +0100 handle negative return values of some calls -commit 8db5c362583c277376303ab52cc311e029ac0122 +commit b46a520ba85bda776b1a91de9f842ed96d97fa73 Author: Nils Philippsen Date: Tue Feb 25 11:54:31 2014 +0100 only attempt to close successfully opened files -commit 81090ce4a55fa0a07b356fa45b681026fd695983 +commit bb6a8ccab418f89fa6fb367874f84aa56195cca0 Author: Nils Philippsen Date: Tue Feb 25 11:54:15 2014 +0100 bail out early if memory can't be allocated -commit b70a7008d0da2aa25f52a5f289ca858ebb8183cc +commit 9b1e34c1d099c0a7acf7bd5aec8e3f0c2d2eafa8 Author: Nils Philippsen Date: Tue Feb 25 11:53:11 2014 +0100 gtk_entry_get_text() isn't supposed to return NULL -commit 6555280be9f981860d18e4f9955728c20ef46f8b +commit bc7553caaea1955e7fa48f3a2f4c0773d40204c3 Author: Nils Philippsen Date: Tue Feb 25 11:00:11 2014 +0100 negate comparison instead of operand -commit 402f18813a63e388c782bc4dfee4b2910b2dbe13 +commit d1d4675a416383d808def730ade4f6b5b1a493b8 Author: Nils Philippsen Date: Tue Feb 25 10:55:42 2014 +0100 use int types for fgetc() results -commit 8eaae55490cd47ccdc72aaf6b67d1ef770633410 +commit cbdc2df85367c27ff56fb9cdd77a61c6d82be0e1 Author: Nils Philippsen Date: Tue Feb 25 10:36:53 2014 +0100 avoid freeing static strings -commit 0b2f7e7af6875ae22cf6f965e2c0a6ad50e2e9a6 +commit 0c377b9658daa5dcdbc6c260baa4e31237202f3e Author: Nils Philippsen Date: Wed Feb 19 16:10:35 2014 +0100 use guchar* for PNG profile buffer -commit 815f3952d2ee34a618d00ac157ef447368a6733a +commit 70152131771b891fe04b3087e3b73c42e6d5ebbe Author: Nils Philippsen Date: Wed Feb 19 16:09:46 2014 +0100 cast time_t into long instead of int -commit 6dd2d7b2693d52932005277f4a6ef58d5069654b +commit 0ac0683bcba7d8cf4e786abc3abe9c3e3c7d60a0 Author: Nils Philippsen Date: Tue Feb 18 17:55:02 2014 +0100 use glib macros where ints are transported in pointers -commit f21e0246294ba7a9f0937a182e1be2c9cac2fd8b +commit 8e85947fe5a592a3f938ab5bb2dc79488b638515 Author: Nils Philippsen Date: Mon Feb 17 13:42:13 2014 +0100 @@ -119,7 +119,7 @@ Date: Mon Feb 17 12:07:09 2014 +0100 avoid leaking resources --- - src/xsane-back-gtk.c | 39 ++++++--- + src/xsane-back-gtk.c | 75 +++++++++++++--- src/xsane-batch-scan.c | 41 ++++----- src/xsane-email-project.c | 83 +++++++++--------- src/xsane-fax-project.c | 14 ++- @@ -132,13 +132,61 @@ Date: Mon Feb 17 12:07:09 2014 +0100 src/xsane-text.h | 1 + src/xsane-viewer.c | 199 +++++++++++++++++++++++------------------- src/xsane.c | 65 ++++++++------ - 13 files changed, 442 insertions(+), 334 deletions(-) + 13 files changed, 478 insertions(+), 334 deletions(-) diff --git a/src/xsane-back-gtk.c b/src/xsane-back-gtk.c -index 6ef1506..89d34fd 100644 +index 6ef1506..6452f4b 100644 --- a/src/xsane-back-gtk.c +++ b/src/xsane-back-gtk.c -@@ -250,6 +250,7 @@ int xsane_back_gtk_make_path(size_t buf_size, char *buf, const char *prog_name, +@@ -40,6 +40,7 @@ SANE_Status xsane_control_option(SANE_Handle handle, SANE_Int option, SANE_Actio + const SANE_Option_Descriptor *xsane_get_option_descriptor(SANE_Handle handle, SANE_Int option); + const char *xsane_back_gtk_unit_string(SANE_Unit unit); + void xsane_back_gtk_set_tooltip(GtkTooltips *tooltips, GtkWidget *widget, const gchar *desc); ++static int xsane_back_gtk_ensure_dir(const char *path); + int xsane_back_gtk_make_path(size_t buf_size, char *buf, const char *prog_name, const char *dir_name, + const char *prefix, const char *dev_name, const char *postfix, int location); + void xsane_back_gtk_set_option(int opt_num, void *val, SANE_Action action); +@@ -245,11 +246,47 @@ void xsane_back_gtk_set_tooltip(GtkTooltips *tooltips, GtkWidget *widget, const + + /* ----------------------------------------------------------------------------------------------------------------- */ + ++static int xsane_back_gtk_ensure_dir(const char *path) ++{ ++ struct stat statbuf; ++ ++ if (stat(path, &statbuf) < 0) ++ { ++ if (errno != ENOENT) ++ { ++ /* stat() failed and it wasn't because the file doesn't exist */ ++ return -1; ++ } ++ else ++ { ++ /* if path doesn't exist, create directory */ ++ if (mkdir(path, 0777) < 0) ++ { ++ /* mkdir() failed */ ++ return -2; ++ } ++ else ++ { ++ return 0; ++ } ++ } ++ } ++ ++ if (S_ISDIR(statbuf.st_mode)) ++ { ++ return 0; ++ } ++ ++ /* path exists and isn't a directory */ ++ return -3; ++} ++ + int xsane_back_gtk_make_path(size_t buf_size, char *buf, const char *prog_name, const char *dir_name, + const char *prefix, const char *dev_name, const char *postfix, int location) { size_t len, extra; int i; @@ -146,56 +194,56 @@ index 6ef1506..89d34fd 100644 DBG(DBG_proc, "xsane_back_gtk_make_path\n"); -@@ -263,7 +264,10 @@ int xsane_back_gtk_make_path(size_t buf_size, char *buf, const char *prog_name, +@@ -263,7 +300,10 @@ int xsane_back_gtk_make_path(size_t buf_size, char *buf, const char *prog_name, { snprintf(buf, buf_size-2, "%s", STRINGIFY(XSANE_FIXED_APPDATA_DIR)); } - mkdir(buf, 0777); /* ensure ~/.sane directory exists */ -+ if (mkdir(buf, 0777)) /* ensure ~/.sane directory exists */ ++ if (xsane_back_gtk_ensure_dir(buf)) + { -+ goto mkdir_failed; ++ goto dir_failed; + } } else if (location == XSANE_PATH_SYSTEM) /* make path to system file */ { -@@ -290,7 +294,10 @@ int xsane_back_gtk_make_path(size_t buf_size, char *buf, const char *prog_name, +@@ -290,7 +330,10 @@ int xsane_back_gtk_make_path(size_t buf_size, char *buf, const char *prog_name, len += extra; buf[len] = '\0'; - mkdir(buf, 0777); /* ensure ~/.sane/PROG_NAME directory exists */ -+ if (mkdir(buf, 0777)) /* ensure ~/.sane/PROG_NAME directory exists */ ++ if (xsane_back_gtk_ensure_dir(buf)) + { -+ goto mkdir_failed; ++ goto dir_failed; + } buf[len++] = SLASH; /* OS/2 does not like slash at end of mktemp-path */ } -@@ -314,7 +321,10 @@ int xsane_back_gtk_make_path(size_t buf_size, char *buf, const char *prog_name, +@@ -314,7 +357,10 @@ int xsane_back_gtk_make_path(size_t buf_size, char *buf, const char *prog_name, buf[len++] = SLASH; buf[len] = '\0'; - mkdir(buf, 0777); /* ensure DIR_NAME directory exists */ -+ if (mkdir(buf, 0777)) /* ensure DIR_NAME directory exists */ ++ if (xsane_back_gtk_ensure_dir(buf)) + { -+ goto mkdir_failed; ++ goto dir_failed; + } } if (len >= buf_size) -@@ -454,6 +464,12 @@ filename_too_long: +@@ -454,6 +500,12 @@ filename_too_long: xsane_back_gtk_error(ERR_FILENAME_TOO_LONG, FALSE); errno = E2BIG; return -1; + -+mkdir_failed: -+ snprintf(msgbuf, sizeof(msgbuf), "%s %s.", ERR_FAILED_CREATE_DIR, ++dir_failed: ++ snprintf(msgbuf, sizeof(msgbuf), "%s %s.", ERR_FAILED_CREATE_ENSURE_DIR, + strerror(errno)); + xsane_back_gtk_error(msgbuf, FALSE); + return -1; } /* ----------------------------------------------------------------------------------------------------------------- */ -@@ -784,11 +800,15 @@ gint xsane_back_gtk_decision(gchar *title, gchar **xpm_d, gchar *message, gchar +@@ -784,11 +836,15 @@ gint xsane_back_gtk_decision(gchar *title, gchar **xpm_d, gchar *message, gchar void xsane_back_gtk_ipc_dialog_callback(gpointer data, gint source, GdkInputCondition cond) { char message[TEXTBUFSIZE]; @@ -213,7 +261,7 @@ index 6ef1506..89d34fd 100644 message[bytes] = 0; xsane_back_gtk_decision(ERR_HEADER_CHILD_PROCESS_ERROR, (gchar **) error_xpm, message, BUTTON_CLOSE, 0 /* no reject text */, FALSE); -@@ -1980,7 +2000,7 @@ static void xsane_back_gtk_value_update(GtkAdjustment *adj_data, DialogElement * +@@ -1980,7 +2036,7 @@ static void xsane_back_gtk_value_update(GtkAdjustment *adj_data, DialogElement * static void xsane_back_gtk_range_display_value_right_callback(GtkAdjustment *adjust, gpointer data) { gchar buf[TEXTBUFSIZE]; @@ -222,7 +270,7 @@ index 6ef1506..89d34fd 100644 GtkLabel *label; snprintf(buf, sizeof(buf), "%1.*f", digits, adjust->value); -@@ -2028,7 +2048,7 @@ void xsane_back_gtk_range_new(GtkWidget *parent, const char *name, gfloat val, +@@ -2028,7 +2084,7 @@ void xsane_back_gtk_range_new(GtkWidget *parent, const char *name, gfloat val, gtk_widget_set_size_request(value_label, 45, -1); gtk_box_pack_end(GTK_BOX(hbox), value_label, FALSE, FALSE, 1); @@ -231,7 +279,7 @@ index 6ef1506..89d34fd 100644 gtk_object_set_data(GTK_OBJECT(elem->data), "value-label", value_label); g_signal_emit_by_name(GTK_OBJECT(elem->data), "value_changed"); /* update value */ gtk_widget_show(value_label); -@@ -2318,10 +2338,7 @@ static void xsane_back_gtk_text_entry_callback(GtkWidget *w, gpointer data) +@@ -2318,10 +2374,7 @@ static void xsane_back_gtk_text_entry_callback(GtkWidget *w, gpointer data) buf[0] = '\0'; text = gtk_entry_get_text(GTK_ENTRY(elem->widget)); @@ -1855,14 +1903,14 @@ index a61833a..413a343 100644 gtk_widget_show(menu_item); diff --git a/src/xsane-text.h b/src/xsane-text.h -index ee4a222..8373877 100644 +index ee4a222..44659b9 100644 --- a/src/xsane-text.h +++ b/src/xsane-text.h @@ -803,6 +803,7 @@ YOU ARE ALONE!\ #define ERR_HEADER_CHILD_PROCESS_ERROR _("Child process error") #define ERR_FAILED_CREATE_FILE _("Failed to create file:") -+#define ERR_FAILED_CREATE_DIR _("Failed to create directory:") ++#define ERR_FAILED_CREATE_ENSURE_DIR _("Failed to ensure path is a directory, or to create as one:") #define ERR_LOAD_DEVICE_SETTINGS _("Error while loading device settings:") #define ERR_NO_DRC_FILE _("is not a device-rc-file !!!") #define ERR_NETSCAPE_EXECUTE_FAIL _("Failed to execute netscape!") @@ -2627,5 +2675,5 @@ index 02b4da4..a4a3f1e 100644 gtk_widget_show(button); owner = gtk_radio_button_group(GTK_RADIO_BUTTON(button));; -- -1.8.5.3 +1.9.0 diff --git a/xsane.spec b/xsane.spec index 64bccd4..ce3b747 100644 --- a/xsane.spec +++ b/xsane.spec @@ -15,7 +15,7 @@ Name: xsane Summary: X Window System front-end for the SANE scanner interface Version: 0.999 -Release: 10%{?dist} +Release: 11%{?dist} Source0: http://www.xsane.org/download/%{name}-%{version}.tar.gz Source1: xsane-256x256.png # use "xdg-open" instead of "netscape" to launch help browser @@ -66,7 +66,7 @@ Patch12: xsane-0.999-lcms2.patch Patch13: xsane-0.999-signal-handling.patch # fix issues found during static analysis that don't require far-reaching # refactoring -# submitted to upstream (Oliver Rauch) via email, 2014-03-19 +# submitted to upstream (Oliver Rauch) via email, 2014-04-02 Patch14: xsane-0.999-coverity.patch # autoconf-generated files Patch100: xsane-0.999-7-autoconf.patch.bz2 @@ -239,6 +239,10 @@ fi %{_datadir}/sane/xsane %changelog +* Wed Apr 02 2014 Nils Philippsen - 0.999-11 +- fix coverity patch: ensure directories exist instead of indiscriminately + attempting to create them (#1079586) + * Wed Mar 19 2014 Nils Philippsen - 0.999-10 - fix signal handling (#1073698) - fix issues found during static analysis that don't require far-reaching