Various fixes to make Coverity happy

The single high severity issue was only triggerable if we were unable to
allocate memory and involved a memory leak.  The other issues all revolve
around issues like making sure we check return values of functions we call.

Signed-off-by: Jonathan Dieter <jdieter@gmail.com>

diff --git a/src/lib/dl/multipart.c b/src/lib/dl/multipart.c
index d0cbd5a39409f8054103e6118a7e6495c7433259..380e451d4f79d4b098eb1bc2be7d64bc33d35404 100644 (file)
--- a/src/lib/dl/multipart.c
+++ b/src/lib/dl/multipart.c
@@ -169,8 +169,9 @@ size_t multipart_extract(zckDL *dl, char *b, size_t l) {
             if(size > 0) {
                 mp->buffer = zmalloc(size);
                 if (!mp->buffer) {
-                   zck_log(ZCK_LOG_ERROR, "OOM in %s", __func__);
-                   return 0;
+                    free(buf);
+                    zck_log(ZCK_LOG_ERROR, "OOM in %s", __func__);
+                    return 0;
                 }
                 memcpy(mp->buffer, header_start, size);
                 mp->buffer_len = size;

diff --git a/src/lib/hash/hash.c b/src/lib/hash/hash.c
index f0ebc6f893d668086a19a7a534acecb21235ca9a..b40f1a23095318683ba0a75cc0b40f81474ce3e8 100644 (file)
--- a/src/lib/hash/hash.c
+++ b/src/lib/hash/hash.c
@@ -165,7 +165,10 @@ char *get_digest_string(const char *digest, int size) {
        return NULL;
     }
     for(int i=0; i<size; i++)
-        snprintf(str + i*2, 3, "%02x", (unsigned char)digest[i]);
+        if(!digest)
+            snprintf(str + i*2, 3, "00");
+        else
+            snprintf(str + i*2, 3, "%02x", (unsigned char)digest[i]);
     return str;
 }
 

diff --git a/src/lib/header.c b/src/lib/header.c
index 16ea3e8d783884589d677d1530ab1bcb616b7f8b..56d7f1b7ce8c0adbacdb1ab4c4bcbd647fa244b2 100644 (file)
--- a/src/lib/header.c
+++ b/src/lib/header.c
@@ -50,7 +50,7 @@ static bool check_flags(zckCtx *zck, size_t flags) {
 
     flags = flags & (SIZE_MAX - 1);
     if(flags != 0) {
-        set_fatal_error(zck, "Unknown flags(s) set: %i", flags);
+        set_fatal_error(zck, "Unknown flags(s) set: %lu", flags);
         return false;
     }
     return true;
@@ -520,6 +520,12 @@ static bool read_lead(zckCtx *zck) {
         hash_reset(&(zck->hash_type));
         return false;
     }
+    if(header_length > SIZE_MAX) {
+        free(header);
+        set_error(zck, "Header length of %li invalid", header_length);
+        hash_reset(&(zck->hash_type));
+        return false;
+    }
     zck->header_length = header_length;
 
     /* Set header digest location */

diff --git a/src/zck_dl.c b/src/zck_dl.c
index 7b2f77006913b3659276402718564b93dcd1cd54..2e6917c45cab96f9a11bf649658da88bc0d4a2e9 100644 (file)
--- a/src/zck_dl.c
+++ b/src/zck_dl.c
@@ -165,16 +165,41 @@ int dl_range(dlCtx *dl_ctx, char *url, char *range, int is_chunk) {
     CURL *curl = dl_ctx->curl;
     CURLcode res;
 
-    curl_easy_setopt(curl, CURLOPT_URL, url);
-    curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
-    curl_easy_setopt(curl, CURLOPT_HEADERFUNCTION, dl_header_cb);
-    curl_easy_setopt(curl, CURLOPT_HEADERDATA, dl_ctx);
-    if(is_chunk)
-        curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, zck_write_chunk_cb);
-    else
-        curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, zck_write_zck_header_cb);
-    curl_easy_setopt(curl, CURLOPT_WRITEDATA, dl_ctx->dl);
-    curl_easy_setopt(curl, CURLOPT_RANGE, range);
+    if(curl_easy_setopt(curl, CURLOPT_URL, url) != CURLE_OK) {
+        LOG_ERROR("Unable to set URL\n");
+        return 0;
+    }
+    if(curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L) != CURLE_OK) {
+        LOG_ERROR("Unable to enable option to follow redirects\n");
+        return 0;
+    }
+    if(curl_easy_setopt(curl, CURLOPT_HEADERFUNCTION, dl_header_cb) != CURLE_OK) {
+        LOG_ERROR("Unable to set header callback\n");
+        return 0;
+    }
+    if(curl_easy_setopt(curl, CURLOPT_HEADERDATA, dl_ctx) != CURLE_OK) {
+        LOG_ERROR("Unable to set header callback data\n");
+        return 0;
+    }
+    if(is_chunk) {
+        if(curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, zck_write_chunk_cb) != CURLE_OK) {
+            LOG_ERROR("Unable to set write callback\n");
+            return 0;
+        }
+    } else {
+        if(curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, zck_write_zck_header_cb) != CURLE_OK) {
+            LOG_ERROR("Unable to set write callback\n");
+            return 0;
+        }
+    }
+    if(curl_easy_setopt(curl, CURLOPT_WRITEDATA, dl_ctx->dl) != CURLE_OK) {
+        LOG_ERROR("Unable to set write callback data\n");
+        return 0;
+    }
+    if(curl_easy_setopt(curl, CURLOPT_RANGE, range) != CURLE_OK) {
+        LOG_ERROR("Unable to set download range\n");
+        return 0;
+    }
     res = curl_easy_perform(curl);
     free(range);
 
@@ -187,8 +212,11 @@ int dl_range(dlCtx *dl_ctx, char *url, char *range, int is_chunk) {
         return 0;
     }
     long code;
-    curl_easy_getinfo (curl, CURLINFO_RESPONSE_CODE, &code);
-    if (code != 206 && code != 200) {
+    if(curl_easy_getinfo (curl, CURLINFO_RESPONSE_CODE, &code) != CURLE_OK) {
+        LOG_ERROR("Unable to get response code\n");
+        return 0;
+    }
+    if(code != 206 && code != 200) {
         LOG_ERROR("HTTP Error: %li when downloading %s\n", code,
                   url);
         return 0;