kenmirrors
/
freeswitch
mirror of https://github.com/signalwire/freeswitch.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

[xmlrpc-c] Coverity 1024180, 1024205, 1024301, 1024847, 1024848, 1024377, 1024378, 1024379, 1024380, 1024381, 1024584, 1024495, 1214208 fixes.

This commit is contained in:
Andrey Volk 2025-01-30 23:10:39 +03:00
parent ca0f58f565
commit dd299d9bab
6 changed files with 27 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
libs/xmlrpc-c/lib/abyss/src/handler.c
View File

@ -305,7 +305,7 @@ sendDirectoryDocument(TList * const listP,
if (k > 24) {
snprintf(z1, sizeof(z1), "%.10s...%s", z, z + k - 11);
k = 24;
p = z1 + 24;
p = z1 + k;
} else {
snprintf(z1, sizeof(z1), "%s", z);

3
libs/xmlrpc-c/lib/expat/xmlparse/xmlparse.c
View File

@ -2416,6 +2416,7 @@ doStartTagNoAtts(XML_Parser const xmlParserP,
}
tag->buf = malloc(INIT_TAG_BUF_SIZE);
if (!tag->buf) {
free(tag);
*errorCodeP = XML_ERROR_NO_MEMORY;
return;
}
@ -3646,8 +3647,10 @@ doProlog(XML_Parser const xmlParserP,
switch (tok) {
case XML_TOK_PARAM_ENTITY_REF:
*errorCodeP = XML_ERROR_PARAM_ENTITY_REF;
break;
case XML_TOK_XML_DECL:
*errorCodeP = XML_ERROR_MISPLACED_XML_PI;
break;
default:
*errorCodeP = XML_ERROR_SYNTAX;
}

2
libs/xmlrpc-c/lib/libutil/utf8.c
View File

@ -170,7 +170,7 @@ decodeMultibyte(xmlrpc_env * const envP,
Return the character in UTF-16 format as *wcP.
-----------------------------------------------------------------------------*/
wchar_t wc;
wchar_t wc = 0;
assert(utf8_seq[0] & 0x80); /* High bit set: this is multibyte seq */

21
libs/xmlrpc-c/src/xmlrpc_decompose.c
View File

@ -181,9 +181,10 @@ releaseDecompArray(struct arrayDecomp const arrayDecomp,
static void
releaseDecompStruct(struct structDecomp const structDecomp,
releaseDecompStruct(struct structDecomp const *_structDecomp,
bool const oldstyleMemMgmt) {
struct structDecomp const structDecomp = *_structDecomp;
unsigned int i;
for (i = 0; i < structDecomp.mbrCnt; ++i) {
releaseDecomposition(structDecomp.mbrArray[i].decompTreeP,
@ -239,7 +240,7 @@ releaseDecomposition(const struct decompTreeNode * const decompRootP,
releaseDecompArray(decompRootP->store.Tarray, oldstyleMemMgmt);
break;
case '{':
releaseDecompStruct(decompRootP->store.Tstruct, oldstyleMemMgmt);
releaseDecompStruct(&decompRootP->store.Tstruct, oldstyleMemMgmt);
break;
}
}
@ -259,8 +260,9 @@ decomposeValueWithTree(xmlrpc_env * const envP,
static void
validateArraySize(xmlrpc_env * const envP,
const xmlrpc_value * const arrayP,
struct arrayDecomp const arrayDecomp) {
struct arrayDecomp const *_arrayDecomp) {
struct arrayDecomp const arrayDecomp = *_arrayDecomp;
unsigned int size;
size = xmlrpc_array_size(envP, arrayP);
@ -284,10 +286,12 @@ validateArraySize(xmlrpc_env * const envP,
static void
parsearray(xmlrpc_env * const envP,
const xmlrpc_value * const arrayP,
struct arrayDecomp const arrayDecomp,
struct arrayDecomp const *_arrayDecomp,
bool const oldstyleMemMgmt) {
validateArraySize(envP, arrayP, arrayDecomp);
struct arrayDecomp const arrayDecomp = *_arrayDecomp;
validateArraySize(envP, arrayP, &arrayDecomp);
if (!envP->fault_occurred) {
unsigned int doneCnt;
@ -324,9 +328,10 @@ parsearray(xmlrpc_env * const envP,
static void
parsestruct(xmlrpc_env * const envP,
xmlrpc_value * const structP,
struct structDecomp const structDecomp,
struct structDecomp const *_structDecomp,
bool const oldstyleMemMgmt) {
struct structDecomp const structDecomp = *_structDecomp;
unsigned int doneCount;
doneCount = 0; /* No members done yet */
@ -569,7 +574,7 @@ decomposeValueWithTree(xmlrpc_env * const envP,
"%s, but the '(...)' specifier requires type ARRAY",
xmlrpc_type_name(xmlrpc_value_type(valueP)));
else
parsearray(envP, valueP, decompRootP->store.Tarray,
parsearray(envP, valueP, &decompRootP->store.Tarray,
oldstyleMemMgmt);
break;
@ -580,7 +585,7 @@ decomposeValueWithTree(xmlrpc_env * const envP,
"%s, but the '{...}' specifier requires type STRUCT",
xmlrpc_type_name(xmlrpc_value_type(valueP)));
else
parsestruct(envP, valueP, decompRootP->store.Tstruct,
parsestruct(envP, valueP, &decompRootP->store.Tstruct,
oldstyleMemMgmt);
break;

2
libs/xmlrpc-c/src/xmlrpc_server_abyss.c
View File

@ -179,9 +179,11 @@ sendResponse(xmlrpc_env * const envP,
ResponseStatus(abyssSessionP, 200);
#if 0 /* Uncomment once http_cookie is not NULL again */
if (http_cookie)
/* There's an auth cookie, so pass it back in the response. */
addAuthCookie(envP, abyssSessionP, http_cookie);
#endif
if ((size_t)(uint32_t)len != len)
xmlrpc_faultf(envP, "XML-RPC method generated a response too "

11
libs/xmlrpc-c/src/xmlrpc_server_cgi.c
View File

@ -189,6 +189,7 @@ xmlrpc_server_cgi_process_call(xmlrpc_registry * const registryP) {
size_t input_size, output_size;
int code;
char *message;
char *err = NULL;
/* Error-handling preconditions. */
xmlrpc_env_init(&env);
@ -209,13 +210,13 @@ xmlrpc_server_cgi_process_call(xmlrpc_registry * const registryP) {
}
if (!type || !xmlrpc_strneq(type, "text/xml", strlen("text/xml"))) {
char *template = "Expected content type: \"text/xml\", received: \"%s\"";
size_t err_len = strlen(template) + strlen(type) + 1;
char *err = malloc(err_len);
size_t err_len = strlen(template) + (type ? strlen(type) : 0) + 1;
(void)snprintf(err, err_len, template, type);
err = malloc(err_len);
(void)snprintf(err, err_len, template, (type ? type : ""));
code = 400; message = "Bad Request";
XMLRPC_FAIL(&env, XMLRPC_INTERNAL_ERROR, err);
free(err);
}
if (!length_str) {
code = 411; message = "Length Required";
@ -254,6 +255,8 @@ xmlrpc_server_cgi_process_call(xmlrpc_registry * const registryP) {
send_xml(output_data, output_size);
cleanup:
if (err)
free(err);
if (input)
xmlrpc_mem_block_free(input);
if (output)