coverity scan

author: netblue30 <netblue30@yahoo.com> 2015-09-11 10:51:42 -0400
committer: netblue30 <netblue30@yahoo.com> 2015-09-11 10:51:42 -0400
commit: 491b8f2390c456d55ad49c333c1cc42cf7dd116e (patch)
tree: 35ee6b073805f46ad826a15d039a70b264a43ba3
parent: make install, make install-strip (diff)
download: firejail-491b8f2390c456d55ad49c333c1cc42cf7dd116e.tar.gz
firejail-491b8f2390c456d55ad49c333c1cc42cf7dd116e.tar.zst
firejail-491b8f2390c456d55ad49c333c1cc42cf7dd116e.zip
7 files changed, 37 insertions, 22 deletions
diff --git a/src/firejail/bandwidth.c b/src/firejail/bandwidth.c
index 4010de4b3..d949c1965 100644
--- a/src/firejail/bandwidth.c
+++ b/src/firejail/bandwidth.c
@@ -260,15 +260,19 @@ void shm_write_bandwidth_file(pid_t pid) {
        if (fp) {
                IFBW *ptr = ifbw;
                while (ptr) {
-                        fprintf(fp, "%s\n", ptr->txt);
+                        if (fprintf(fp, "%s\n", ptr->txt) < 0)
+                                goto errout;
                        ptr = ptr->next;
                }
                fclose(fp);
        }
-        else {
+        else
-                fprintf(stderr, "Error: cannot write bandwidht file %s\n", fname);
+                goto errout;
-                exit(1);
+        return;
-        }
+errout:
+        fprintf(stderr, "Error: cannot write bandwidht file %s\n", fname);
+        exit(1);
 }
 //***********************************
diff --git a/src/firejail/cgroup.c b/src/firejail/cgroup.c
index 2649d5505..4d64d3fd8 100644
--- a/src/firejail/cgroup.c
+++ b/src/firejail/cgroup.c
@@ -34,17 +34,22 @@ void save_cgroup(void) {
        if (fp) {
                fprintf(fp, "%s", cfg.cgroup);
                fflush(0);
-                fclose(fp);
+                if (fclose(fp))
+                        goto errout;
                if (chown(fname, 0, 0) < 0)
                        errExit("chown");
        }
-        else {
+        else
-                fprintf(stderr, "Error: cannot save cgroup\n");
+                goto errout;
-                free(fname);
-                exit(1);
-        }
        
        free(fname);
+        return;
+errout:
+        fprintf(stderr, "Error: cannot save cgroup\n");
+        free(fname);
+        exit(1);
 }
 void load_cgroup(const char *fname) {
diff --git a/src/firejail/env.c b/src/firejail/env.c
index b4557e56f..b4f56a9f0 100644
--- a/src/firejail/env.c
+++ b/src/firejail/env.c
@@ -72,7 +72,8 @@ void env_apply(void) {
        Env *env = envlist;
        
        while (env) {
-                setenv(env->name, env->value, 1);
+                if (setenv(env->name, env->value, 1) < 0)
+                        errExit("setenv");
                env = env->next;
        }
 }
diff --git a/src/firejail/fs.c b/src/firejail/fs.c
index e7388a539..755cb9f6e 100644
--- a/src/firejail/fs.c
+++ b/src/firejail/fs.c
@@ -345,18 +345,20 @@ void fs_blacklist(void) {
                // expand path macro - look for the file in /bin, /usr/bin, /sbin and  /usr/sbin directories
                // TODO: should we look for more bin paths?
-                if (strncmp(ptr, "${PATH}", 7) == 0) {
+                if (ptr) {
-                        char *fname = ptr + 7;
+                        if (strncmp(ptr, "${PATH}", 7) == 0) {
-                        size_t fname_len = strlen(fname);
+                                char *fname = ptr + 7;
-                        char **path, *paths[] = {"/bin", "/sbin", "/usr/bin", "/usr/sbin", NULL};
+                                size_t fname_len = strlen(fname);
-                        for (path = &paths[0]; *path; path++) {
+                                char **path, *paths[] = {"/bin", "/sbin", "/usr/bin", "/usr/sbin", NULL};
-                                char newname[strlen(*path) + fname_len + 1];
+                                for (path = &paths[0]; *path; path++) {
-                                sprintf(newname, "%s%s", *path, fname);
+                                        char newname[strlen(*path) + fname_len + 1];
-                                globbing(op, newname, (const char**)noblacklist, noblacklist_c, emptydir, emptyfile);
+                                        sprintf(newname, "%s%s", *path, fname);
+                                        globbing(op, newname, (const char**)noblacklist, noblacklist_c, emptydir, emptyfile);
+                                }
                        }
+                        else
+                                globbing(op, ptr, (const char**)noblacklist, noblacklist_c, emptydir, emptyfile);
                }
-                else
-                        globbing(op, ptr, (const char**)noblacklist, noblacklist_c, emptydir, emptyfile);
                if (new_name)
                        free(new_name);
diff --git a/src/firejail/fs_home.c b/src/firejail/fs_home.c
index 714417867..2df48ffbb 100644
--- a/src/firejail/fs_home.c
+++ b/src/firejail/fs_home.c
@@ -377,6 +377,7 @@ static void duplicate(char *name) {
        if (system(cmd))
                errExit("system cp -a --parents");
        free(cmd);
+        free(fname);
 }
diff --git a/src/firejail/main.c b/src/firejail/main.c
index 60c2a7cec..82d17264a 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -612,6 +612,7 @@ int main(int argc, char **argv) {
                                errExit("asprintf");
                        struct stat s;
                        if (stat(dirname, &s) == -1) {
+                                /* coverity[toctou] */
                                if (mkdir(dirname, S_IRWXU | S_IRWXG | S_IRWXO))
                                        errExit("mkdir");
                                if (chown(dirname, getuid(), getgid()) < 0)
diff --git a/src/firejail/no_sandbox.c b/src/firejail/no_sandbox.c
index 04666a69f..6322b81fa 100644
--- a/src/firejail/no_sandbox.c
+++ b/src/firejail/no_sandbox.c
@@ -52,6 +52,7 @@ int check_kernel_procs(void) {
                }
                
                // open file
+                /* coverity[toctou] */
                FILE *fp = fopen(fname, "r");
                if (!fp) {
                        fprintf(stderr, "Warning: cannot open %s\n", fname);
author	netblue30 <netblue30@yahoo.com>	2015-09-11 10:51:42 -0400
committer	netblue30 <netblue30@yahoo.com>	2015-09-11 10:51:42 -0400
commit	491b8f2390c456d55ad49c333c1cc42cf7dd116e (patch)
tree	35ee6b073805f46ad826a15d039a70b264a43ba3
parent	make install, make install-strip (diff)
download	firejail-491b8f2390c456d55ad49c333c1cc42cf7dd116e.tar.gz firejail-491b8f2390c456d55ad49c333c1cc42cf7dd116e.tar.zst firejail-491b8f2390c456d55ad49c333c1cc42cf7dd116e.zip

diff --git a/src/firejail/bandwidth.c b/src/firejail/bandwidth.c index 4010de4b3..d949c1965 100644 --- a/src/firejail/bandwidth.c +++ b/src/firejail/bandwidth.c
@@ -260,15 +260,19 @@ void shm_write_bandwidth_file(pid_t pid) {
260	if (fp) {	260	if (fp) {
261	IFBW *ptr = ifbw;	261	IFBW *ptr = ifbw;
262	while (ptr) {	262	while (ptr) {
263	fprintf(fp, "%s\n", ptr->txt);	263	if (fprintf(fp, "%s\n", ptr->txt) < 0)
		264	goto errout;
264	ptr = ptr->next;	265	ptr = ptr->next;
265	}	266	}
266	fclose(fp);	267	fclose(fp);
267	}	268	}
268	else {	269	else
269	fprintf(stderr, "Error: cannot write bandwidht file %s\n", fname);	270	goto errout;
270	exit(1);	271	return;
271	}	272
		273	errout:
		274	fprintf(stderr, "Error: cannot write bandwidht file %s\n", fname);
		275	exit(1);
272	}	276	}
273		277
274	//***********************************	278	//***********************************


diff --git a/src/firejail/cgroup.c b/src/firejail/cgroup.c index 2649d5505..4d64d3fd8 100644 --- a/src/firejail/cgroup.c +++ b/src/firejail/cgroup.c
@@ -34,17 +34,22 @@ void save_cgroup(void) {
34	if (fp) {	34	if (fp) {
35	fprintf(fp, "%s", cfg.cgroup);	35	fprintf(fp, "%s", cfg.cgroup);
36	fflush(0);	36	fflush(0);
37	fclose(fp);	37	if (fclose(fp))
		38	goto errout;
38	if (chown(fname, 0, 0) < 0)	39	if (chown(fname, 0, 0) < 0)
39	errExit("chown");	40	errExit("chown");
40	}	41	}
41	else {	42	else
42	fprintf(stderr, "Error: cannot save cgroup\n");	43	goto errout;
43	free(fname);
44	exit(1);
45	}
46		44
47	free(fname);	45	free(fname);
		46	return;
		47
		48	errout:
		49	fprintf(stderr, "Error: cannot save cgroup\n");
		50	free(fname);
		51	exit(1);
		52
48	}	53	}
49		54
50	void load_cgroup(const char *fname) {	55	void load_cgroup(const char *fname) {


diff --git a/src/firejail/env.c b/src/firejail/env.c index b4557e56f..b4f56a9f0 100644 --- a/src/firejail/env.c +++ b/src/firejail/env.c
@@ -72,7 +72,8 @@ void env_apply(void) {
72	Env *env = envlist;	72	Env *env = envlist;
73		73
74	while (env) {	74	while (env) {
75	setenv(env->name, env->value, 1);	75	if (setenv(env->name, env->value, 1) < 0)
		76	errExit("setenv");
76	env = env->next;	77	env = env->next;
77	}	78	}
78	}	79	}


diff --git a/src/firejail/fs.c b/src/firejail/fs.c index e7388a539..755cb9f6e 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c
@@ -345,18 +345,20 @@ void fs_blacklist(void) {
345		345
346	// expand path macro - look for the file in /bin, /usr/bin, /sbin and /usr/sbin directories	346	// expand path macro - look for the file in /bin, /usr/bin, /sbin and /usr/sbin directories
347	// TODO: should we look for more bin paths?	347	// TODO: should we look for more bin paths?
348	if (strncmp(ptr, "${PATH}", 7) == 0) {	348	if (ptr) {
349	char *fname = ptr + 7;	349	if (strncmp(ptr, "${PATH}", 7) == 0) {
350	size_t fname_len = strlen(fname);	350	char *fname = ptr + 7;
351	char *path, paths[] = {"/bin", "/sbin", "/usr/bin", "/usr/sbin", NULL};	351	size_t fname_len = strlen(fname);
352	for (path = &paths[0]; *path; path++) {	352	char *path, paths[] = {"/bin", "/sbin", "/usr/bin", "/usr/sbin", NULL};
353	char newname[strlen(*path) + fname_len + 1];	353	for (path = &paths[0]; *path; path++) {
354	sprintf(newname, "%s%s", *path, fname);	354	char newname[strlen(*path) + fname_len + 1];
355	globbing(op, newname, (const char**)noblacklist, noblacklist_c, emptydir, emptyfile);	355	sprintf(newname, "%s%s", *path, fname);
		356	globbing(op, newname, (const char**)noblacklist, noblacklist_c, emptydir, emptyfile);
		357	}
356	}	358	}
		359	else
		360	globbing(op, ptr, (const char**)noblacklist, noblacklist_c, emptydir, emptyfile);
357	}	361	}
358	else
359	globbing(op, ptr, (const char**)noblacklist, noblacklist_c, emptydir, emptyfile);
360		362
361	if (new_name)	363	if (new_name)
362	free(new_name);	364	free(new_name);


diff --git a/src/firejail/fs_home.c b/src/firejail/fs_home.c index 714417867..2df48ffbb 100644 --- a/src/firejail/fs_home.c +++ b/src/firejail/fs_home.c
@@ -377,6 +377,7 @@ static void duplicate(char *name) {
377	if (system(cmd))	377	if (system(cmd))
378	errExit("system cp -a --parents");	378	errExit("system cp -a --parents");
379	free(cmd);	379	free(cmd);
		380	free(fname);
380	}	381	}
381		382
382		383


diff --git a/src/firejail/main.c b/src/firejail/main.c index 60c2a7cec..82d17264a 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c
@@ -612,6 +612,7 @@ int main(int argc, char **argv) {
612	errExit("asprintf");	612	errExit("asprintf");
613	struct stat s;	613	struct stat s;
614	if (stat(dirname, &s) == -1) {	614	if (stat(dirname, &s) == -1) {
		615	/* coverity[toctou] */
615	if (mkdir(dirname, S_IRWXU \| S_IRWXG \| S_IRWXO))	616	if (mkdir(dirname, S_IRWXU \| S_IRWXG \| S_IRWXO))
616	errExit("mkdir");	617	errExit("mkdir");
617	if (chown(dirname, getuid(), getgid()) < 0)	618	if (chown(dirname, getuid(), getgid()) < 0)


diff --git a/src/firejail/no_sandbox.c b/src/firejail/no_sandbox.c index 04666a69f..6322b81fa 100644 --- a/src/firejail/no_sandbox.c +++ b/src/firejail/no_sandbox.c
@@ -52,6 +52,7 @@ int check_kernel_procs(void) {
52	}	52	}
53		53
54	// open file	54	// open file
		55	/* coverity[toctou] */
55	FILE *fp = fopen(fname, "r");	56	FILE *fp = fopen(fname, "r");
56	if (!fp) {	57	if (!fp) {
57	fprintf(stderr, "Warning: cannot open %s\n", fname);	58	fprintf(stderr, "Warning: cannot open %s\n", fname);