/pidgin/main: d0bbb2dad7f3: Fix some CWE-367 coverity warnings

Tomasz Wasilczyk twasilczyk at pidgin.im
Tue May 6 15:41:33 EDT 2014 

Changeset: d0bbb2dad7f34a39c4e3524acccea605169e2a61
Author:	 Tomasz Wasilczyk <twasilczyk at pidgin.im>
Date:	 2014-05-06 21:40 +0200
Branch:	 release-2.x.y
URL: https://hg.pidgin.im/pidgin/main/rev/d0bbb2dad7f3

Description:

Fix some CWE-367 coverity warnings

diffstat:

 finch/finch.c                    |   7 ++-----
 libpurple/log.c                  |  18 +++++++++++-------
 libpurple/protocols/silc/buddy.c |  12 +++---------
 libpurple/protocols/silc/util.c  |   6 +++---
 libpurple/util.c                 |  26 +++++++++++++++++---------
 pidgin/gtkmain.c                 |   7 ++-----
 6 files changed, 38 insertions(+), 38 deletions(-)

diffs (194 lines):

diff --git a/finch/finch.c b/finch/finch.c
--- a/finch/finch.c
+++ b/finch/finch.c
@@ -269,7 +269,6 @@ init_libpurple(int argc, char **argv)
 	gboolean opt_version = FALSE;
 	char *opt_config_dir_arg = NULL;
 	gboolean debug_enabled = FALSE;
-	struct stat st;
 
 	struct option long_options[] = {
 		{"config",   required_argument, NULL, 'c'},
@@ -379,10 +378,8 @@ init_libpurple(int argc, char **argv)
 	purple_idle_set_ui_ops(finch_idle_get_ui_ops());
 
 	path = g_build_filename(purple_user_dir(), "plugins", NULL);
-	if (!g_stat(path, &st)) {
-		if (g_mkdir(path, S_IRUSR | S_IWUSR | S_IXUSR) != 0)
-			fprintf(stderr, "Couldn't create plugins dir\n");
-	}
+	if (g_mkdir(path, S_IRUSR | S_IWUSR | S_IXUSR) != 0 && errno != EEXIST)
+		fprintf(stderr, "Couldn't create plugins dir\n");
 	purple_plugins_add_search_path(path);
 	g_free(path);
 
diff --git a/libpurple/log.c b/libpurple/log.c
--- a/libpurple/log.c
+++ b/libpurple/log.c
@@ -1704,8 +1704,15 @@ static GList *old_logger_list(PurpleLogT
 	/* Change the .log extension to .idx */
 	strcpy(pathstr + strlen(pathstr) - 3, "idx");
 
-	if (g_stat(pathstr, &st) == 0)
-	{
+	index_fd = g_open(pathstr, 0, O_RDONLY);
+	if (index_fd != -1) {
+		if (fstat(index_fd, &st) != 0) {
+			close(index_fd);
+			index_fd = -1;
+		}
+	}
+
+	if (index_fd != -1) {
 		if (st.st_mtime < log_last_modified)
 		{
 			purple_debug_warning("log", "Index \"%s\" exists, but is older than the log.\n", pathstr);
@@ -1713,15 +1720,12 @@ static GList *old_logger_list(PurpleLogT
 		else
 		{
 			/* The index file exists and is at least as new as the log, so open it. */
-			if (!(index = g_fopen(pathstr, "rb")))
-			{
+			if (!(index = fdopen(index_fd, "rb"))) {
 				purple_debug_error("log", "Failed to open index file \"%s\" for reading: %s\n",
 				                 pathstr, g_strerror(errno));
 
 				/* Fall through so that we'll parse the log file. */
-			}
-			else
-			{
+			} else {
 				purple_debug_info("log", "Using index: %s\n", pathstr);
 				g_free(pathstr);
 				while (fgets(buf, BUF_LONG, index))
diff --git a/libpurple/protocols/silc/buddy.c b/libpurple/protocols/silc/buddy.c
--- a/libpurple/protocols/silc/buddy.c
+++ b/libpurple/protocols/silc/buddy.c
@@ -922,7 +922,6 @@ silcpurple_add_buddy_save(SilcBool succe
 
 	if (usign_success || ssign_success) {
 		struct passwd *pw;
-		struct stat st;
 
 		memset(filename2, 0, sizeof(filename2));
 
@@ -937,14 +936,9 @@ silcpurple_add_buddy_save(SilcBool succe
 			return;
 
 		/* Create dir if it doesn't exist */
-		if ((g_stat(filename, &st)) == -1) {
-			if (errno == ENOENT) {
-				if (pw->pw_uid == geteuid()) {
-					int ret = g_mkdir(filename, 0755);
-					if (ret < 0)
-						return;
-					}
-			}
+		if (pw->pw_uid == geteuid()) {
+			if (g_mkdir(filename, 0755) != 0 && errno != EEXIST)
+				return;
 		}
 
 		/* Save VCard */
diff --git a/libpurple/protocols/silc/util.c b/libpurple/protocols/silc/util.c
--- a/libpurple/protocols/silc/util.c
+++ b/libpurple/protocols/silc/util.c
@@ -245,7 +245,7 @@ gboolean silcpurple_check_silc_dir(Purpl
 			close(fd);
 			return FALSE;
 		}
-	} else if ((g_stat(file_private_key, &st)) == -1) {
+	} else {
 		/* If file doesn't exist */
 		if (errno == ENOENT) {
 			purple_connection_update_progress(gc, _("Creating SILC key pair..."), 1, 5);
@@ -271,13 +271,13 @@ gboolean silcpurple_check_silc_dir(Purpl
 			}
 			/* This shouldn't really happen because silc_create_key_pair()
 			 * will set the permissions */
-			else if ((g_stat(file_private_key, &st)) == -1) {
+			else if ((fstat(fd, &st)) == -1) {
 				purple_debug_error("silc", "Couldn't stat '%s' private key, error: %s\n",
 						   file_private_key, g_strerror(errno));
 				return FALSE;
 			}
 		} else {
-			purple_debug_error("silc", "Couldn't stat '%s' private key, error: %s\n",
+			purple_debug_error("silc", "Couldn't open '%s' private key, error: %s\n",
 					   file_private_key, g_strerror(errno));
 			return FALSE;
 		}
diff --git a/libpurple/util.c b/libpurple/util.c
--- a/libpurple/util.c
+++ b/libpurple/util.c
@@ -2615,6 +2615,14 @@ purple_util_write_data_to_file_absolute(
 	byteswritten = fwrite(data, 1, real_size, file);
 
 #ifdef HAVE_FILENO
+#ifndef _WIN32
+	/* Set file permissions */
+	if (fchmod(fileno(file), S_IRUSR | S_IWUSR) == -1) {
+		purple_debug_error("util", "Error setting permissions of "
+			"file %s: %s\n", filename_temp, g_strerror(errno));
+	}
+#endif
+
 	/* Apparently XFS (and possibly other filesystems) do not
 	 * guarantee that file data is flushed before file metadata,
 	 * so this procedure is insufficient without some flushage. */
@@ -2652,6 +2660,15 @@ purple_util_write_data_to_file_absolute(
 		g_free(filename_temp);
 		return FALSE;
 	}
+
+#ifndef _WIN32
+	/* copy-pasta! */
+	if (fchmod(fd, S_IRUSR | S_IWUSR) == -1) {
+		purple_debug_error("util", "Error setting permissions of "
+			"file %s: %s\n", filename_temp, g_strerror(errno));
+	}
+#endif
+
 	if (fsync(fd) < 0) {
 		purple_debug_error("util", "Error syncing %s: %s\n",
 				   filename_temp, g_strerror(errno));
@@ -2689,15 +2706,6 @@ purple_util_write_data_to_file_absolute(
 		return FALSE;
 	}
 
-#ifndef _WIN32
-	/* Set file permissions */
-	if (chmod(filename_temp, S_IRUSR | S_IWUSR) == -1)
-	{
-		purple_debug_error("util", "Error setting permissions of file %s: %s\n",
-						 filename_temp, g_strerror(errno));
-	}
-#endif
-
 	/* Rename to the REAL name */
 	if (g_rename(filename_temp, filename_full) == -1)
 	{
diff --git a/pidgin/gtkmain.c b/pidgin/gtkmain.c
--- a/pidgin/gtkmain.c
+++ b/pidgin/gtkmain.c
@@ -499,7 +499,6 @@ int main(int argc, char *argv[])
 	gboolean debug_enabled;
 	gboolean migration_failed = FALSE;
 	GList *active_accounts;
-	struct stat st;
 
 	struct option long_options[] = {
 		{"config",       required_argument, NULL, 'c'},
@@ -808,10 +807,8 @@ int main(int argc, char *argv[])
 	 * in user's home directory.
 	 */
 	search_path = g_build_filename(purple_user_dir(), "plugins", NULL);
-	if (!g_stat(search_path, &st)) {
-		if (!g_mkdir(search_path, S_IRUSR | S_IWUSR | S_IXUSR))
-			fprintf(stderr, "Couldn't create plugins dir\n");
-	}
+	if (g_mkdir(search_path, S_IRUSR | S_IWUSR | S_IXUSR) != 0 && errno != EEXIST)
+		fprintf(stderr, "Couldn't create plugins dir\n");
 	purple_plugins_add_search_path(search_path);
 	g_free(search_path);
 	purple_plugins_add_search_path(LIBDIR);

More information about the Commits mailing list