Fixed Coverity defects

2015-07-14 16:17:50 +03:00 · 2015-07-14 16:17:50 +03:00 · 3992f262ca
commit 3992f262ca
parent aa92b31ef1
7 changed files with 37 additions and 28 deletions
--- a/server/core/dcb.c
+++ b/server/core/dcb.c
@ -1070,7 +1070,7 @@ int dcb_read_SSL(
 			goto return_n;
 		    }

-		    gwbuf_rtrim(buffer,bufsize - n);
+		    buffer = gwbuf_rtrim(buffer,bufsize - n);
 		    if(buffer == NULL)
 		    {
 			goto return_n;
--- a/server/core/poll.c
+++ b/server/core/poll.c
@ -366,24 +366,29 @@ poll_remove_dcb(DCB *dcb)
         * Set state to NOPOLLING and remove dcb from poll set.
         */
        dcb->state = DCB_STATE_NOPOLLING;
+	spinlock_release(&dcb->dcb_initlock);
+
        /**
         * Only positive fds can be removed from epoll set.
         * Cloned DCBs are in the epoll set but do not have a valid file descriptor.
-         */		 
-        if (dcb->fd > 0) {
-        spinlock_release(&dcb->dcb_initlock);
-        rc = epoll_ctl(epoll_fd, EPOLL_CTL_DEL, dcb->fd, &ev);
-        /**
-         * The poll_resolve_error function will always
-         * return 0 or crash.  So if it returns non-zero result, 
-         * things have gone wrong and we crash.
         */
-        if (rc) rc = poll_resolve_error(dcb, errno, false);
-        if (rc) raise(SIGABRT);
-        /*< Set bit for each maxscale thread */
+        if (dcb->fd > 0) {
+	    rc = epoll_ctl(epoll_fd, EPOLL_CTL_DEL, dcb->fd, &ev);
+	    /**
+	     * The poll_resolve_error function will always
+	     * return 0 or crash.  So if it returns non-zero result,
+	     * things have gone wrong and we crash.
+	     */
+	    if (rc) rc = poll_resolve_error(dcb, errno, false);
+	    if (rc) raise(SIGABRT);
+        }
+	else
+	{
+	    rc = 0;
+	}
+	/*< Set bit for each maxscale thread */
        bitmask_copy(&dcb->memdata.bitmask, poll_bitmask());
        return rc;
-        }
 }

 /**
--- a/server/modules/protocol/mysql_backend.c
+++ b/server/modules/protocol/mysql_backend.c
@ -172,6 +172,12 @@ static int gw_read_backend_event(DCB *dcb) {
            dcb->dcb_errhandle_called = true;
            goto return_rc;
        }
+
+	if(dcb->session == NULL)
+	{
+	    goto return_rc;
+	}
+
 	CHK_SESSION(dcb->session);
                
        /*< return only with complete session */
@ -278,14 +284,13 @@ static int gw_read_backend_event(DCB *dcb) {
                        void            *rsession = NULL;
                        SESSION         *session = dcb->session;
                        int             receive_rc = 0;
-
-                        CHK_SESSION(session);
 	
 			if (session == NULL)
 			{
 				rc = 0;
 				goto return_with_lock;
 			}
+                        CHK_SESSION(session);
                        router = session->service->router;
                        router_instance = session->service->router_instance;
                        rsession = session->router_session;
@ -1055,7 +1060,13 @@ gw_backend_hangup(DCB *dcb)
            goto retblock;
        }
        session = dcb->session;
-        CHK_SESSION(session);
+
+	if(session == NULL)
+	{
+	    goto retblock;
+	}
+
+	CHK_SESSION(session);
        
        rsession = session->router_session;
        router = session->service->router;
--- a/server/modules/protocol/mysql_client.c
+++ b/server/modules/protocol/mysql_client.c
@ -1050,13 +1050,6 @@ int gw_read_client_event(
 			     (char*)((MYSQL_session *)dcb->data)->db);

 		    modutil_send_mysql_err_packet(dcb, 3, 0, 1049, "42000", fail_str);
-		}else if(auth_val == 3){
-		    /** Send error 1045 to client */
-		    fail_str = create_auth_fail_str((char *)((MYSQL_session *)dcb->data)->user,
-					     dcb->remote,
-					     (char*)((MYSQL_session *)dcb->data)->client_sha1,
-					     (char*)((MYSQL_session *)dcb->data)->db,auth_val);
-		    modutil_send_mysql_err_packet(dcb, 3, 0, 1045, "28000", fail_str);
 		}else {
 		    /** Send error 1045 to client */
 		    fail_str = create_auth_fail_str((char *)((MYSQL_session *)dcb->data)->user,
--- a/server/modules/routing/binlog/blr_file.c
+++ b/server/modules/routing/binlog/blr_file.c
@ -671,7 +671,7 @@ blr_cache_response(ROUTER_INSTANCE *router, char *response, GWBUF *buf)
 char	path[PATH_MAX+1], *ptr;
 int	fd;

-	strcpy(path,get_datadir());
+	strncpy(path,get_datadir(),PATH_MAX);
 	strncat(path,"/",PATH_MAX);
 	strncat(path, router->service->name, PATH_MAX);

@ -706,7 +706,7 @@ char	path[PATH_MAX+1], *ptr;
 int	fd;
 GWBUF	*buf;

-	strcpy(path, get_datadir());
+	strncpy(path, get_datadir(),PATH_MAX);
 	strncat(path, "/", PATH_MAX);
 	strncat(path, router->service->name, PATH_MAX);
 	strncat(path, "/.cache/", PATH_MAX);
--- a/server/modules/routing/binlog/blr_master.c
+++ b/server/modules/routing/binlog/blr_master.c
@ -1249,8 +1249,8 @@ MYSQL_session	*auth_info;

 	if ((auth_info = calloc(1, sizeof(MYSQL_session))) == NULL)
 		return NULL;
-	strncpy(auth_info->user, username,MYSQL_USER_MAXLEN+1);
-	strncpy(auth_info->db, database,MYSQL_DATABASE_MAXLEN+1);
+	strncpy(auth_info->user, username,MYSQL_USER_MAXLEN);
+	strncpy(auth_info->db, database,MYSQL_DATABASE_MAXLEN);
 	gw_sha1_str((const uint8_t *)password, strlen(password), auth_info->client_sha1);

 	return auth_info;
--- a/utils/skygw_utils.cc
+++ b/utils/skygw_utils.cc
@ -379,8 +379,8 @@ mlist_cursor_t* mlist_cursor_init(
        c = (mlist_cursor_t *)calloc(1, sizeof(mlist_cursor_t));

        if (c == NULL) {
-                goto return_cursor;
                simple_mutex_unlock(&list->mlist_mutex);
+                goto return_cursor;
        }
        c->mlcursor_chk_top = CHK_NUM_MLIST_CURSOR;
        c->mlcursor_chk_tail = CHK_NUM_MLIST_CURSOR;