hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixes to Coverity defects 84879 84878 72752 72742

Browse Source
This commit is contained in:
Markus Makela
2014-12-15 06:12:40 +02:00
parent a4968f2521
commit 04a92e40df
4 changed files with 10 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
query_classifier/query_classifier.cc
View File

@ -151,7 +151,7 @@ bool parse_query (
THD* thd; THD* thd;
uint8_t* data; uint8_t* data;
size_t len; size_t len;
char* query_str; char* query_str = NULL;
parsing_info_t* pi; parsing_info_t* pi;
CHK_GWBUF(querybuf); CHK_GWBUF(querybuf);
@ -173,9 +173,9 @@ bool parse_query (
/** Extract query and copy it to different buffer */ /** Extract query and copy it to different buffer */
data = (uint8_t*)GWBUF_DATA(querybuf); data = (uint8_t*)GWBUF_DATA(querybuf);
len = MYSQL_GET_PACKET_LEN(data)-1; /*< distract 1 for packet type byte */ len = MYSQL_GET_PACKET_LEN(data)-1; /*< distract 1 for packet type byte */
query_str = (char *)malloc(len+1);
if (query_str == NULL)
if (len < 1 || (query_str = (char *)malloc(len+1)) == NULL)
{ {
/** Free parsing info data */ /** Free parsing info data */
parsing_info_done(pi); parsing_info_done(pi);

3
server/core/dcb.c
View File

@ -1776,11 +1776,12 @@ static bool dcb_set_state_nomutex(
* @param dcb The DCB to write buffer * @param dcb The DCB to write buffer
* @param buf Buffer to write * @param buf Buffer to write
* @param nbytes Number of bytes to write * @param nbytes Number of bytes to write
* @return Number of written bytes
*/ */
int int
gw_write(DCB *dcb, const void *buf, size_t nbytes) gw_write(DCB *dcb, const void *buf, size_t nbytes)
{ {
int w; int w = 0;
int fd = dcb->fd; int fd = dcb->fd;
#if defined(FAKE_CODE) #if defined(FAKE_CODE)
if (fd > 0 && dcb_fake_write_errno[fd] != 0) if (fd > 0 && dcb_fake_write_errno[fd] != 0)

6
server/core/modutil.c
View File

@ -234,7 +234,7 @@ modutil_get_query(GWBUF *buf)
uint8_t* packet; uint8_t* packet;
mysql_server_cmd_t packet_type; mysql_server_cmd_t packet_type;
size_t len; size_t len;
char* query_str; char* query_str = NULL;
packet = GWBUF_DATA(buf); packet = GWBUF_DATA(buf);
packet_type = packet[4]; packet_type = packet[4];
@ -252,7 +252,7 @@ modutil_get_query(GWBUF *buf)
case MYSQL_COM_QUERY: case MYSQL_COM_QUERY:
len = MYSQL_GET_PACKET_LEN(packet)-1; /*< distract 1 for packet type byte */ len = MYSQL_GET_PACKET_LEN(packet)-1; /*< distract 1 for packet type byte */
if ((query_str = (char *)malloc(len+1)) == NULL) if (len < 1 || (query_str = (char *)malloc(len+1)) == NULL)
{ {
goto retblock; goto retblock;
} }
@ -262,7 +262,7 @@ modutil_get_query(GWBUF *buf)
default: default:
len = strlen(STRPACKETTYPE(packet_type))+1; len = strlen(STRPACKETTYPE(packet_type))+1;
if ((query_str = (char *)malloc(len+1)) == NULL) if (len < 1 || (query_str = (char *)malloc(len+1)) == NULL)
{ {
goto retblock; goto retblock;
} }

3
server/modules/routing/readwritesplit/readwritesplit.c
View File

@ -3807,7 +3807,8 @@ static bool execute_sescmd_in_backend(
tmpbuf = scur->scmd_cur_cmd->my_sescmd_buf; tmpbuf = scur->scmd_cur_cmd->my_sescmd_buf;
qlen = MYSQL_GET_PACKET_LEN((unsigned char*)tmpbuf->start); qlen = MYSQL_GET_PACKET_LEN((unsigned char*)tmpbuf->start);
memset(data->db,0,MYSQL_DATABASE_MAXLEN+1); memset(data->db,0,MYSQL_DATABASE_MAXLEN+1);
strncpy(data->db,tmpbuf->start+5,qlen - 1); if(qlen > 0)
strncpy(data->db,tmpbuf->start+5,qlen - 1);
} }
/** Fallthrough */ /** Fallthrough */
case MYSQL_COM_QUERY: case MYSQL_COM_QUERY: