/pidgin/main: 34a67264df99: Fix some CWE-476 coverity warnings
Tomasz Wasilczyk
twasilczyk at pidgin.im
Tue May 6 14:07:22 EDT 2014
Changeset: 34a67264df9904cf94742547bf3199a60b1c5739
Author: Tomasz Wasilczyk <twasilczyk at pidgin.im>
Date: 2014-05-06 20:07 +0200
Branch: release-2.x.y
URL: https://hg.pidgin.im/pidgin/main/rev/34a67264df99
Description:
Fix some CWE-476 coverity warnings
diffstat:
finch/libgnt/gnttextview.c | 6 ++++++
finch/libgnt/gntws.c | 2 ++
libpurple/ft.c | 2 ++
libpurple/log.c | 6 +++++-
libpurple/mediamanager.c | 6 +++++-
libpurple/plugins/log_reader.c | 19 +++++++++++++------
libpurple/protocols/msn/contact.c | 1 +
libpurple/protocols/oscar/family_icbm.c | 8 +++++++-
libpurple/protocols/oscar/family_oservice.c | 9 ++++++++-
libpurple/protocols/sametime/sametime.c | 3 ++-
libpurple/protocols/zephyr/Zinternal.c | 4 +++-
pidgin/plugins/perl/common/GtkIMHtml.xs | 5 ++++-
12 files changed, 58 insertions(+), 13 deletions(-)
diffs (254 lines):
diff --git a/finch/libgnt/gnttextview.c b/finch/libgnt/gnttextview.c
--- a/finch/libgnt/gnttextview.c
+++ b/finch/libgnt/gnttextview.c
@@ -758,6 +758,12 @@ int gnt_text_view_tag_change(GntTextView
GList *segs, *snext;
GntTextLine *line = iter->data;
inext = iter->next;
+
+ if (!line) {
+ g_warn_if_reached();
+ continue;
+ }
+
for (segs = line->segments; segs; segs = snext) {
GntTextSegment *seg = segs->data;
snext = segs->next;
diff --git a/finch/libgnt/gntws.c b/finch/libgnt/gntws.c
--- a/finch/libgnt/gntws.c
+++ b/finch/libgnt/gntws.c
@@ -62,6 +62,8 @@ gnt_ws_draw_taskbar(GntWS *ws, gboolean
if (gnt_is_refugee())
return;
+ g_return_if_fail(ws != NULL);
+
if (taskbar == NULL) {
taskbar = newwin(1, getmaxx(stdscr), getmaxy(stdscr) - 1, 0);
} else if (reposition) {
diff --git a/libpurple/ft.c b/libpurple/ft.c
--- a/libpurple/ft.c
+++ b/libpurple/ft.c
@@ -640,6 +640,8 @@ purple_xfer_request_accepted(PurpleXfer
xfer->status = PURPLE_XFER_STATUS_ACCEPTED;
xfer->ops.init(xfer);
return;
+ } else {
+ g_return_if_fail(filename != NULL);
}
buddy = purple_find_buddy(account, xfer->who);
diff --git a/libpurple/log.c b/libpurple/log.c
--- a/libpurple/log.c
+++ b/libpurple/log.c
@@ -1946,7 +1946,11 @@ static char * old_logger_read (PurpleLog
struct old_logger_data *data = log->logger_data;
const char *path = purple_stringref_value(data->pathref);
FILE *file = g_fopen(path, "rb");
- char *read = g_malloc(data->length + 1);
+ char *read;
+
+ g_return_val_if_fail(file, g_strdup(""));
+ read = g_malloc(data->length + 1);
+
if (fseek(file, data->offset, SEEK_SET) != 0)
result = 0;
else
diff --git a/libpurple/mediamanager.c b/libpurple/mediamanager.c
--- a/libpurple/mediamanager.c
+++ b/libpurple/mediamanager.c
@@ -388,7 +388,11 @@ purple_media_manager_remove_media(Purple
PurpleMedia *media)
{
#ifdef USE_VV
- GList *list = g_list_find(manager->priv->medias, media);
+ GList *list;
+
+ g_return_if_fail(manager != NULL);
+
+ list = g_list_find(manager->priv->medias, media);
if (list)
manager->priv->medias =
g_list_delete_link(manager->priv->medias, list);
diff --git a/libpurple/plugins/log_reader.c b/libpurple/plugins/log_reader.c
--- a/libpurple/plugins/log_reader.c
+++ b/libpurple/plugins/log_reader.c
@@ -1425,6 +1425,7 @@ static char * trillian_logger_read (Purp
read = g_malloc(data->length + 2);
file = g_fopen(data->path, "rb");
+ g_return_val_if_fail(file != NULL, g_strdup(""));
if (fseek(file, data->offset, SEEK_SET) != 0)
g_return_val_if_reached(g_strdup(""));
data->length = fread(read, 1, data->length, file);
@@ -1540,7 +1541,7 @@ static char * trillian_logger_read (Purp
line = temp->str;
}
- if (*line == '[') {
+ if (line && *line == '[') {
const char *timestamp;
if ((timestamp = strchr(line, ']'))) {
@@ -1678,7 +1679,8 @@ static char * trillian_logger_read (Purp
}
}
- g_string_append(formatted, line);
+ if (line)
+ g_string_append(formatted, line);
line = c;
if (temp)
@@ -1835,7 +1837,8 @@ static GList *qip_logger_list(PurpleLogT
/* find EOL */
c = strchr(c, '\n');
- c++;
+ if (c)
+ c++;
/* Find the last '(' character. */
if ((tmp = strchr(c, '\n')) != NULL) {
@@ -1844,7 +1847,8 @@ static GList *qip_logger_list(PurpleLogT
} else {
while (*c)
c++;
- c--;
+ if (c)
+ c--;
c = g_strrstr(c, "(");
}
@@ -2050,7 +2054,9 @@ static char *qip_logger_read(PurpleLog *
/* find EOF */
c = strchr(c, '\n');
- line = ++c;
+ if (c)
+ c++;
+ line = c;
}
}
} else {
@@ -2194,7 +2200,8 @@ static GList *amsn_logger_parse_file(cha
sn, data->path, data->offset, data->length);
}
c = strchr(c, '\n');
- c++;
+ if (c)
+ c++;
}
/* I've seen the file end without the AMSN_LOG_CONV_END bit */
diff --git a/libpurple/protocols/msn/contact.c b/libpurple/protocols/msn/contact.c
--- a/libpurple/protocols/msn/contact.c
+++ b/libpurple/protocols/msn/contact.c
@@ -1694,6 +1694,7 @@ msn_del_contact_from_list(MsnSession *se
msn_callback_state_set_who(state, passport);
user = msn_userlist_find_user(session->userlist, passport);
+ g_return_if_fail(user != NULL);
if (list == MSN_LIST_PL) {
partner_scenario = MSN_PS_CONTACT_API;
diff --git a/libpurple/protocols/oscar/family_icbm.c b/libpurple/protocols/oscar/family_icbm.c
--- a/libpurple/protocols/oscar/family_icbm.c
+++ b/libpurple/protocols/oscar/family_icbm.c
@@ -1609,6 +1609,7 @@ int aim_im_denytransfer(OscarData *od, c
void
aim_im_send_icq_confirmation(OscarData *od, const char *bn, const guchar *cookie)
{
+ FlapConnection *conn;
ByteStream bs;
aim_snacid_t snacid;
guint32 header_size, data_size;
@@ -1644,7 +1645,12 @@ aim_im_send_icq_confirmation(OscarData *
byte_stream_put8(&bs, 0x00); /* empty query message */
snacid = aim_cachesnac(od, SNAC_FAMILY_ICBM, 0x000b, 0x0000, NULL, 0);
- flap_connection_send_snac(od, flap_connection_findbygroup(od, SNAC_FAMILY_ICBM), SNAC_FAMILY_ICBM, 0x000b, snacid, &bs);
+ conn = flap_connection_findbygroup(od, SNAC_FAMILY_ICBM);
+ g_warn_if_fail(conn);
+ if (conn) {
+ flap_connection_send_snac(od, conn, SNAC_FAMILY_ICBM, 0x000b,
+ snacid, &bs);
+ }
byte_stream_destroy(&bs);
}
diff --git a/libpurple/protocols/oscar/family_oservice.c b/libpurple/protocols/oscar/family_oservice.c
--- a/libpurple/protocols/oscar/family_oservice.c
+++ b/libpurple/protocols/oscar/family_oservice.c
@@ -857,6 +857,8 @@ aim_srv_setextrainfo(OscarData *od,
void
aim_srv_set_dc_info(OscarData *od)
{
+ FlapConnection *conn;
+
ByteStream bs, tlv0c;
aim_snacid_t snacid;
GSList *tlvlist = NULL;
@@ -884,7 +886,12 @@ aim_srv_set_dc_info(OscarData *od)
aim_tlvlist_free(tlvlist);
snacid = aim_cachesnac(od, SNAC_FAMILY_OSERVICE, 0x001e, 0x0000, NULL, 0);
- flap_connection_send_snac(od, flap_connection_findbygroup(od, SNAC_FAMILY_ICBM), SNAC_FAMILY_OSERVICE, 0x001e, snacid, &bs);
+ conn = flap_connection_findbygroup(od, SNAC_FAMILY_ICBM);
+ g_warn_if_fail(conn != NULL);
+ if (conn) {
+ flap_connection_send_snac(od, conn, SNAC_FAMILY_OSERVICE,
+ 0x001e, snacid, &bs);
+ }
byte_stream_destroy(&bs);
}
diff --git a/libpurple/protocols/sametime/sametime.c b/libpurple/protocols/sametime/sametime.c
--- a/libpurple/protocols/sametime/sametime.c
+++ b/libpurple/protocols/sametime/sametime.c
@@ -2250,7 +2250,8 @@ static void mw_ft_opened(struct mwFileTr
if(purple_xfer_get_type(xfer) == PURPLE_XFER_SEND) {
xfer->dest_fp = g_fopen(xfer->local_filename, "rb");
- ft_send(ft, xfer->dest_fp);
+ if (xfer->dest_fp)
+ ft_send(ft, xfer->dest_fp);
}
}
diff --git a/libpurple/protocols/zephyr/Zinternal.c b/libpurple/protocols/zephyr/Zinternal.c
--- a/libpurple/protocols/zephyr/Zinternal.c
+++ b/libpurple/protocols/zephyr/Zinternal.c
@@ -250,7 +250,7 @@ Code_t Z_ReadWait()
from_len = sizeof(struct sockaddr_in);
- packet_len = recvfrom(ZGetFD(), packet, sizeof(packet), 0,
+ packet_len = recvfrom(ZGetFD(), packet, sizeof(packet) - 1, 0,
(struct sockaddr *)&from, &from_len);
if (packet_len < 0)
@@ -259,6 +259,8 @@ Code_t Z_ReadWait()
if (!packet_len)
return (ZERR_EOF);
+ packet[packet_len] = '\0';
+
/* Ignore obviously non-Zephyr packets. */
zvlen = sizeof(ZVERSIONHDR) - 1;
if (packet_len < zvlen || memcmp(packet, ZVERSIONHDR, zvlen) != 0) {
diff --git a/pidgin/plugins/perl/common/GtkIMHtml.xs b/pidgin/plugins/perl/common/GtkIMHtml.xs
--- a/pidgin/plugins/perl/common/GtkIMHtml.xs
+++ b/pidgin/plugins/perl/common/GtkIMHtml.xs
@@ -171,7 +171,10 @@ PREINIT:
int i, t_len;
PPCODE:
t_GL = NULL;
- t_len = av_len((AV *)SvRV(unused));
+ if (unused)
+ t_len = av_len((AV *)SvRV(unused));
+ else
+ t_len = 0;
for (i = 0; i <= t_len; i++) {
STRLEN t_sl;
More information about the Commits
mailing list