From 1e2027f4dc4d746484cb342e22f31237f8e78ed9 Mon Sep 17 00:00:00 2001 From: Markus Makela Date: Wed, 3 Dec 2014 17:56:22 +0200 Subject: [PATCH] Fixes to Coverity defects 83027 73421 72714 72671 72646 72642 --- log_manager/log_manager.cc | 4 ++-- server/core/modutil.c | 2 +- server/core/test/test_mysql_users.c | 4 ++-- server/modules/protocol/httpd.c | 2 +- server/modules/protocol/mysql_backend.c | 6 +++--- server/modules/protocol/mysql_common.c | 4 ++-- 6 files changed, 11 insertions(+), 11 deletions(-) diff --git a/log_manager/log_manager.cc b/log_manager/log_manager.cc index cd1301a14..1965d1d3f 100644 --- a/log_manager/log_manager.cc +++ b/log_manager/log_manager.cc @@ -3111,9 +3111,9 @@ static int find_last_seqno( { if (snstr != NULL && i == seqnoidx) { - strcat(filename, snstr); /*< add sequence number */ + strncat(filename, snstr, NAME_MAX); /*< add sequence number */ } - strcat(filename, p->sp_string); + strncat(filename, p->sp_string, NAME_MAX); if (p->sp_next == NULL) { diff --git a/server/core/modutil.c b/server/core/modutil.c index b9a7aab1c..21978a740 100644 --- a/server/core/modutil.c +++ b/server/core/modutil.c @@ -293,7 +293,7 @@ GWBUF *modutil_create_mysql_err_msg( const char *msg) { uint8_t *outbuf = NULL; - uint8_t mysql_payload_size = 0; + uint32_t mysql_payload_size = 0; uint8_t mysql_packet_header[4]; uint8_t *mysql_payload = NULL; uint8_t field_count = 0; diff --git a/server/core/test/test_mysql_users.c b/server/core/test/test_mysql_users.c index 090d0d3c0..e0a20150e 100644 --- a/server/core/test/test_mysql_users.c +++ b/server/core/test/test_mysql_users.c @@ -231,9 +231,9 @@ int set_and_get_mysql_users_wildcards(char *username, char *hostname, char *pass service->users = mysql_users; if (db_from != NULL) - strcpy(data->db, db_from); + strncpy(data->db, db_from,MYSQL_DATABASE_MAXLEN+1); else - strcpy(data->db, ""); + strncpy(data->db, "",MYSQL_DATABASE_MAXLEN+1); /* freed by dcb_free(dcb) */ dcb->data = data; diff --git a/server/modules/protocol/httpd.c b/server/modules/protocol/httpd.c index 453dd6c79..2f4a1918d 100644 --- a/server/modules/protocol/httpd.c +++ b/server/modules/protocol/httpd.c @@ -177,7 +177,7 @@ HTTPD_session *client_data = NULL; j++; } - while (!ISspace(buf[j]) && (i < sizeof(url) - 1) && (j < sizeof(buf) - 1)) { + while ((j < sizeof(buf) - 1) && !ISspace(buf[j]) && (i < sizeof(url) - 1)) { url[i] = buf[j]; i++; j++; } diff --git a/server/modules/protocol/mysql_backend.c b/server/modules/protocol/mysql_backend.c index a3a83074c..8a4124cd7 100644 --- a/server/modules/protocol/mysql_backend.c +++ b/server/modules/protocol/mysql_backend.c @@ -1329,7 +1329,7 @@ static int gw_change_user( /* now get the user, after 4 bytes header and 1 byte command */ client_auth_packet += 5; - strcpy(username, (char *)client_auth_packet); + strncpy(username, (char *)client_auth_packet,MYSQL_USER_MAXLEN+1); client_auth_packet += strlen(username) + 1; /* get the auth token len */ @@ -1350,7 +1350,7 @@ static int gw_change_user( } /* get new database name */ - strcpy(database, (char *)client_auth_packet); + strncpy(database, (char *)client_auth_packet,MYSQL_DATABASE_MAXLEN+1); /* get character set */ if (strlen(database)) { @@ -1363,7 +1363,7 @@ static int gw_change_user( memcpy(&backend_protocol->charset, client_auth_packet, sizeof(int)); /* save current_database name */ - strcpy(current_database, current_session->db); + strncpy(current_database, current_session->db,MYSQL_DATABASE_MAXLEN+1); /* * Now clear database name in dcb as we don't do local authentication on db name for change user. diff --git a/server/modules/protocol/mysql_common.c b/server/modules/protocol/mysql_common.c index 80c3319a8..e0d83a0ea 100644 --- a/server/modules/protocol/mysql_common.c +++ b/server/modules/protocol/mysql_common.c @@ -969,7 +969,7 @@ GWBUF* mysql_create_custom_error( const char* msg) { uint8_t* outbuf = NULL; - uint8_t mysql_payload_size = 0; + uint32_t mysql_payload_size = 0; uint8_t mysql_packet_header[4]; uint8_t* mysql_payload = NULL; uint8_t field_count = 0; @@ -1579,7 +1579,7 @@ mysql_send_auth_error ( const char *mysql_message) { uint8_t *outbuf = NULL; - uint8_t mysql_payload_size = 0; + uint32_t mysql_payload_size = 0; uint8_t mysql_packet_header[4]; uint8_t *mysql_payload = NULL; uint8_t field_count = 0;