From 8a45e81995d8061adc069b45a3343d12d093f35d Mon Sep 17 00:00:00 2001 From: bel2125 Date: Thu, 17 Feb 2022 19:52:50 +0100 Subject: [PATCH] Code analysis: Update to new coverity version --- resources/coverity_check.sh | 3 ++- src/civetweb.c | 24 +++++++++++++++++++++--- src/http2.inl | 6 +----- 3 files changed, 24 insertions(+), 9 deletions(-) diff --git a/resources/coverity_check.sh b/resources/coverity_check.sh index 034c264a..f4224b6b 100755 --- a/resources/coverity_check.sh +++ b/resources/coverity_check.sh @@ -26,6 +26,7 @@ cp src/md5.inl cov_build/src/ cp src/sha1.inl cov_build/src/ cp src/response.inl cov_build/src/ cp src/timer.inl cov_build/src/ +cp src/http2.inl cov_build/src/ cp src/handle_form.inl cov_build/src/ cp src/openssl_dl.inl cov_build/src/ cp include/civetweb.h cov_build/include/ @@ -34,7 +35,7 @@ cp resources/Makefile.in-os cov_build/resources/ cd cov_build # new scan build -~/cov-analysis-linux64-2019.03/bin/cov-build --dir cov-int make WITH_IPV6=1 WITH_WEBSOCKET=1 WITH_SERVER_STATS=1 WITH_EXPERIMENTAL=1 +~/cov-analysis-linux64-2021.12.1/bin/cov-build --dir cov-int make WITH_IPV6=1 WITH_WEBSOCKET=1 WITH_SERVER_STATS=1 WITH_HTTP2=1 WITH_EXPERIMENTAL=1 # pack build results for upload diff --git a/src/civetweb.c b/src/civetweb.c index 80b49a57..3a948725 100644 --- a/src/civetweb.c +++ b/src/civetweb.c @@ -3664,6 +3664,7 @@ mg_construct_local_link(const struct mg_connection *conn, server_name, ri->local_uri); default_port = 0; + mg_free(uri_encoded); return 0; } #endif @@ -3728,6 +3729,7 @@ mg_construct_local_link(const struct mg_connection *conn, portstr, uri_encoded); + mg_free(uri_encoded); if (truncated) { return -1; } @@ -11957,7 +11959,14 @@ dav_move_file(struct mg_connection *conn, const char *path, int do_copy) /* File exists */ if (do_overwrite) { /* Overwrite allowed: delete the file first */ - remove(dest_path); + if (0 != remove(dest_path)) { + /* No overwrite: return error */ + mg_send_http_error(conn, + 403, + "Cannot overwrite file: %s", + dest_path); + return; + } } else { /* No overwrite: return error */ mg_send_http_error(conn, @@ -12143,7 +12152,13 @@ put_file(struct mg_connection *conn, const char *path) r1 = r2 = 0; if ((range != NULL) && parse_range_header(range, &r1, &r2) > 0) { conn->status_code = 206; /* Partial content */ - fseeko(file.access.fp, r1, SEEK_SET); + if (0 != fseeko(file.access.fp, r1, SEEK_SET)) { + mg_send_http_error(conn, + 500, + "Error: Internal error processing file %s", + path); + return; + } } if (!forward_body_data(conn, file.access.fp, INVALID_SOCKET, NULL)) { @@ -12823,12 +12838,15 @@ dav_lock_file(struct mg_connection *conn, const char *path) static void dav_unlock_file(struct mg_connection *conn, const char *path) { + /* internal function - therefore conn is assumed to be valid */ char link_buf[UTF8_PATH_MAX * 2]; /* Path + server root */ struct twebdav_lock *dav_lock = conn->phys_ctx->webdav_lock; int lock_index; - if (!conn || !path || !conn->dom_ctx || !conn->request_info.remote_user) { + + if (!path || !conn->dom_ctx || !conn->request_info.remote_user) { return; } + mg_get_request_link(conn, link_buf, sizeof(link_buf)); mg_lock_context(conn->phys_ctx); diff --git a/src/http2.inl b/src/http2.inl index e7b9a508..8fafcd55 100644 --- a/src/http2.inl +++ b/src/http2.inl @@ -838,12 +838,8 @@ static int is_valid_http2_primer(struct mg_connection *conn) { size_t pri_len = http2_pri_len; - char buf[32]; + char buf[32]; /* Buffer must hold 24 bytes primer */ - if (pri_len > sizeof(buf)) { - /* Should never be reached - the RFC primer has 24 bytes */ - return 0; - } int read_pri_len = mg_read(conn, buf, pri_len); if ((read_pri_len != (int)pri_len) || (0 != memcmp(buf, http2_pri, pri_len))) {