Nelson Ferreira [Fri, 30 Sep 2011 00:05:34 +0000 (20:05 -0400)]
Coverity fixes. Several CID's related to use of sprintf and stack usage.
* src/print.c (std_handle_out_external): cleanup extranous scope
* src/print.c (std_handle_out_external): remove condition for
extlen == 0, since that is impossible. CID:23 DEADCODE
* src/print.c (std_handle_out_va): Lowered buffer from 16K to 1K
since most messages will be small and this could lead to heavy
stack usage (specially upon assert failure in
std_handle_out_external). CID:348,349 STACK_USE
* src/print.c (internal_object_printer): Use newly refactored
write_fmt_string instead of sprintf. CID:305 SECURE_CODING
* src/print.c (printing_major_badness): Use snprintf CID:240
SECURE_CODING
* src/print.c (default_object_printer): Use write_fmt_string
instead of sprintf CID:239 SECURE_CODING
* src/print.c (internal_object_printer): ditto.
* src/print.c (SXE_VSNPRINT_VA): Macro to do vsnprintf with
automatic buffer resizing.
* src/print.c (write_fmt_str): New function for small (like
integers) sprintf.
* src/print.c (write_fmt_string): Moved up and refactored to use
the macro which tries buffer reallocation.
* src/print.c (std_handle_out_va): Refactor to use macro which
tries buffer reallocation.
* src/print.c (stdout_out): minor indenting change
* src/print.c (fatal): Make sure not to do GETTEXT when in fatal error
* src/print.c (write_hex_ptr): New function to print a pointer value in hex
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Thu, 29 Sep 2011 23:27:48 +0000 (19:27 -0400)]
CID:241 SECURE_CODING
* lib-src/etags.c (main): use snprint and warn of truncate cmdline (and refuse to run)
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Steve Youngs [Sun, 18 Sep 2011 21:51:43 +0000 (07:51 +1000)]
Coverity fixes from Nelson
* merges:
CID:122 - NEGATIVE_RETURNS - Possible use of negative file descriptor
CID:123 - NEGATIVE_RETURNS - Possible use of negative file descriptor
CID:124 NEGATIVE_RETURNS - Possible use of negative file descriptor.
CID:125 - NEGATIVE RETURNS - Possible use of negative file descriptios
CID:135 - NULL RETURNS - Possible NULL pointer dereference
CID:182 - RESOURCE_LEAK - memory not freed inside Prolog_functions
CID:192 RESOURCE_LEAK - new argv is not freed
CID:226 SECURE_CODING - risky use of strcpy
CID:226 - SECURE_CODING risky usage of strcpy
CID:228 SECURE_CODING - risky usage of strcat
Fix last commit of CID:228 SECURE_CODING - risky usage of strcat
CID:230 SECURE_CODING - risky use of strcpy
CID:232 SECURE_CODING - risky usage of strcpy
CID:241 SECURE_CODING - risky usage of sprintf
CID:318 SECURE_CODING - risky usage of sprintf
CID:340 SECURE_CODING - risky usage of strcat
Added sxe-utils.h with several utilities from lisp.h
CID:475 USE AFTER FREE
CID:179 RESOURCE LEAK - free string in odd case
Nelson Ferreira [Sun, 18 Sep 2011 06:39:57 +0000 (02:39 -0400)]
CID:122 - NEGATIVE_RETURNS - Possible use of negative file descriptor
* src/ui/X11/event-Xt.c(emacs_Xt_select_console): Only call
select_filedesc if the descriptor is valid
Nelson Ferreira [Sun, 18 Sep 2011 06:38:37 +0000 (02:38 -0400)]
CID:123 - NEGATIVE_RETURNS - Possible use of negative file descriptor
* src/ui/X11/event-Xt.c(emacs_Xt_select_process): Only call
select_filedesc if the descriptor is valid
Nelson Ferreira [Sun, 18 Sep 2011 06:37:01 +0000 (02:37 -0400)]
CID:124 NEGATIVE_RETURNS - Possible use of negative file descriptor.
* src/ui/X11/event-Xt.c(emacs_Xt_unselect_console): Only call
unselect_filedesc if the descriptor is valid
Nelson Ferreira [Sun, 18 Sep 2011 06:35:16 +0000 (02:35 -0400)]
CID:125 - NEGATIVE RETURNS - Possible use of negative file descriptios
* src/ui/X11/event-Xt.c(emacs_Xt_unselect_process): only call
unselect_filedesc if indeed it is a valid one.
Nelson Ferreira [Sun, 18 Sep 2011 06:33:14 +0000 (02:33 -0400)]
CID:135 - NULL RETURNS - Possible NULL pointer dereference
* src/ui/X11/console-x.h(error_check_frame_type): make
assert also verify the pointer is not NULL before dereference.
Nelson Ferreira [Sun, 18 Sep 2011 06:28:42 +0000 (02:28 -0400)]
CID:182 - RESOURCE_LEAK - memory not freed inside Prolog_functions
* lib-src/ootags.c(Prolog_functions): free last before returning
Nelson Ferreira [Sun, 18 Sep 2011 06:25:34 +0000 (02:25 -0400)]
CID:192 RESOURCE_LEAK - new argv is not freed
* src/emacs.c(make_docfile): free newargv after the return of
execv (which will be never if successful, but, if execv fails no
memory will be leaked.)
Nelson Ferreira [Sun, 18 Sep 2011 06:20:33 +0000 (02:20 -0400)]
CID:226 SECURE_CODING - risky use of strcpy
* lib-src/etags.c(concat): use strncpy
Nelson Ferreira [Sun, 18 Sep 2011 06:19:36 +0000 (02:19 -0400)]
CID:226 - SECURE_CODING risky usage of strcpy
* lib-src/movemail.c(concat): Use strncpy
Nelson Ferreira [Sun, 18 Sep 2011 06:15:59 +0000 (02:15 -0400)]
CID:228 SECURE_CODING - risky usage of strcat
* lib-src/etags.c (relative_filename): actually define res_left
Nelson Ferreira [Sun, 18 Sep 2011 06:13:44 +0000 (02:13 -0400)]
Fix last commit of CID:228 SECURE_CODING - risky usage of strcat
* lib-src/ootags.c (relative_filename): actually define res_left
Nelson Ferreira [Sun, 18 Sep 2011 06:06:06 +0000 (02:06 -0400)]
CID:230 SECURE_CODING - risky use of strcpy
* lib-src/etags.c (write_classname): Use strncpy
Nelson Ferreira [Sun, 18 Sep 2011 04:24:47 +0000 (00:24 -0400)]
CID:232 SECURE_CODING - risky usage of strcpy
* lib-src/ootags.c (inf;): Use strncpy
Nelson Ferreira [Sun, 18 Sep 2011 04:22:17 +0000 (00:22 -0400)]
CID:241 SECURE_CODING - risky usage of sprintf
* lib-src/etags.c (argv): use snprintf
Nelson Ferreira [Sun, 18 Sep 2011 04:19:53 +0000 (00:19 -0400)]
CID:318 SECURE_CODING - risky usage of sprintf
* src/ui/X11/event-Xt.c (describe_event): Use snprint
Nelson Ferreira [Sun, 18 Sep 2011 04:04:47 +0000 (00:04 -0400)]
CID:340 SECURE_CODING - risky usage of strcat
* src/ui/lwlib/xlwmenu.c (parameterize_string): use strncat
instead of strcat and keep the space available checked...
Nelson Ferreira [Sun, 18 Sep 2011 04:00:56 +0000 (00:00 -0400)]
Added sxe-utils.h with several utilities from lisp.h
* src/sxe-utils.h: added code from lisp.h related to stuff like min, max, UNUSED, UNLIKELY, etc
* src/lisp.h: remove code moved to sxe-utils.h and added include to it
* src/sxemacs.h: added include to sxe-utils.h
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Sat, 17 Sep 2011 21:07:34 +0000 (17:07 -0400)]
CID:475 USE AFTER FREE
* lib-src/etags.c (stream;): Make sure to reset name to NULL after the free
Nelson Ferreira [Sat, 17 Sep 2011 19:21:21 +0000 (15:21 -0400)]
CID:179 RESOURCE LEAK - free string in odd case
* lib-src/make-docfile.c (scan_lisp_file): Free string before returning from function.
This would happend only if there was a dynamic doc string with no next expression.
Steve Youngs [Sat, 17 Sep 2011 05:24:09 +0000 (15:24 +1000)]
Coverity fixes from Nelson
* merges:
Several fixes to dumper. CID:107,108,206 NEGATIVE_RETURNS, REVERSE_INULL
CID:61 INFINITE_LOOP - Let's make the "infinite" loop very evident until we teach coverity about Fsignal...
CID:190 RESOURCE_LEAK free the rune when not needed...
CID:170,172 PW.INCLUDE_RECURSION - Avoid recursive includes
CID:174 RESOURCE LEAK - memory not freed
CID:377 STRING OVERFLOW - use strncpy to avoid possible string overflow
Nelson Ferreira [Sat, 17 Sep 2011 03:38:49 +0000 (23:38 -0400)]
Merge http://git.nelsonferreira.com/sxemacs
Nelson Ferreira [Sat, 17 Sep 2011 03:33:22 +0000 (23:33 -0400)]
Several fixes to dumper. CID:107,108,206
NEGATIVE_RETURNS, REVERSE_INULL
* src/dumper.c: Make pdump_length an off_t to fix CID:108
* src/dumper.c (pdump_register_sub): move strlen inside the if to only do it when str!=NULL CID:206
* src/dumper.c (pdump): Make sure the fds are >=0 and abort otherwise due to the early nature of the call.
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Sat, 17 Sep 2011 03:26:57 +0000 (23:26 -0400)]
CID:61 INFINITE_LOOP - Let's make the "infinite" loop very evident until we teach coverity about Fsignal...
* src/ui/X11/device-x.c (signal_if_x_error): Make infinite loop real clear.
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Sat, 17 Sep 2011 03:22:53 +0000 (23:22 -0400)]
Merge branch 'master' of git.sxemacs.org/sxemacs
Nelson Ferreira [Sat, 17 Sep 2011 03:20:18 +0000 (23:20 -0400)]
CID:190 RESOURCE_LEAK free the rune when not needed...
* src/ui/redisplay.c (create_text_block): use add_glyph_rune_noret
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Sat, 17 Sep 2011 03:12:57 +0000 (23:12 -0400)]
CID:170,172 PW.INCLUDE_RECURSION - Avoid recursive includes
* src/ui/lwlib/xlwmenu.h: Conditionally include lwlib.h
* src/ui/lwlib/lwlib.h: Conditionally include xlwmenu.h
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Sat, 17 Sep 2011 03:08:57 +0000 (23:08 -0400)]
CID:174 RESOURCE LEAK - memory not freed
* lib-src/etags.c (stream;): free memory in the case where it is not used
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Sat, 17 Sep 2011 03:02:59 +0000 (23:02 -0400)]
Merge branch 'master' of git.sxemacs.org/sxemacs
Nelson Ferreira [Sat, 17 Sep 2011 03:01:46 +0000 (23:01 -0400)]
CID:377 STRING OVERFLOW - use strncpy to avoid possible string overflow
* lib-src/gnuclient.c (main): Use strncpy
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Steve Youngs [Sat, 17 Sep 2011 02:33:22 +0000 (12:33 +1000)]
Coverity fixes from Nelson
* merges:
CID:395 UNINIT - Fix uninitalized use of a member of struct gb
CID:456 FORWARD NULL - possible crash on dereference
Nelson Ferreira [Sat, 17 Sep 2011 02:25:36 +0000 (22:25 -0400)]
CID:395 UNINIT - Fix uninitalized use of a member of struct gb
* src/extents.c (extent_fragment_update): initialize width to 0, which seems better than some random value...
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Steve Youngs [Sat, 17 Sep 2011 02:14:03 +0000 (12:14 +1000)]
Coverity fixes from Nelson
* merges:
CID:468 MISSING_LOCK
CID:469 PW.BAD_MACRO_REDEF
CID:469 PW.BAD_MACRO_REDEF
CID:462 RESOURCE LEAK
Add missing semi-color Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Sat, 17 Sep 2011 02:09:06 +0000 (22:09 -0400)]
CID:456 FORWARD NULL - possible crash on dereference
* src/media/media-ffmpeg.c (media_ffmpeg_analyse_audio): Only switch on avcc->sample_fmt if avcc != NULL
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Sat, 17 Sep 2011 01:56:13 +0000 (21:56 -0400)]
CID:468 MISSING_LOCK
* src/media/sound-alsa.c (sound_alsa_play): Add the lock around aj->play_state
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Sat, 17 Sep 2011 01:53:29 +0000 (21:53 -0400)]
CID:469 PW.BAD_MACRO_REDEF
* src/media/media-sox.c: undef UNUSED before including media-sox.h
because sox.h conflicts with lisp.h definition. This should have
as proper fix a SXE_UNUSED macro... For a later time.
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Sat, 17 Sep 2011 01:52:53 +0000 (21:52 -0400)]
CID:469 PW.BAD_MACRO_REDEF
* src/media/media-sox.c: undef UNUSED before including media-sox.h
because sox.h conflicts with lisp.h definition. This should have
as proper fix a SXE_UNUSED macro... For a later time.
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Sat, 17 Sep 2011 01:36:23 +0000 (21:36 -0400)]
CID:462 RESOURCE LEAK
* src/media/media-sndfile.c (media_sndfile_open): free mtap on abnormal return
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 12:46:50 +0000 (08:46 -0400)]
Merge http://git.sxemacs.org/sxemacs
Steve Youngs [Fri, 16 Sep 2011 09:36:29 +0000 (19:36 +1000)]
quick typo fix
* quickfix:
Quick trivial one-char typo fix
Steve Youngs [Fri, 16 Sep 2011 09:35:35 +0000 (19:35 +1000)]
Quick trivial one-char typo fix
* src/media/sound-ao.c (sound_ao_play): Add missing ;
Signed-off-by: Steve Youngs <steve@sxemacs.org>
Steve Youngs [Fri, 16 Sep 2011 09:17:22 +0000 (19:17 +1000)]
Coverity fixes from Nelson
* njsf-merges:
Fix stupid strncat usage mistake Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Make sure a pointer to the local ures is not returned, but a copy instead. CID:199 Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Make sure to fclose the file on error CID:195 Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Make sure to use add.*_rune_noret when not interested on the return value.. CID:175,177,190 Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Make sure that the args array is initialized CID:394 Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Make sure dl.top_clip is initialized CID:406 Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Avoid doing decode_buffer twice when not doing clash detection CID:430 Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Remove unneeded initialization of command_builder pointer. CID:431 Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Do not assign the return of setlocale(LC_ALL,"C") to locale var since it will be no longer used afterwards. CID:432 Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Remove unused value of eckey CID:435 Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Make sure that check and change of state is done on the mutual exclusion zone. move the sleep outside of it. CID:440
make sure the optable_index cannot be negative, instead an assertion is made. CID:117,116,115,114,111,110,109,88,87 Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Make sure avfc is not NULL before dereferencing CID:457 Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Make sure that avfc is non null before de-reference. CID:458 Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Make sure the pointers are valid before dereferencing CID:461 Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Use strncat instead of strcat, even in a paranoid fashion. CID:463 Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Make sure that mtp has the proper play state before entering the loop. CID:466 Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 09:16:59 +0000 (05:16 -0400)]
Merge http://git.sxemacs.org/sxemacs
Nelson Ferreira [Fri, 16 Sep 2011 09:08:20 +0000 (05:08 -0400)]
Add missing semi-color
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 09:02:59 +0000 (05:02 -0400)]
Fix stupid strncat usage mistake
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 07:38:17 +0000 (03:38 -0400)]
Make sure a pointer to the local ures is not returned, but a
copy instead.
CID:199
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 07:35:38 +0000 (03:35 -0400)]
Make sure to fclose the file on error
CID:195
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 07:33:59 +0000 (03:33 -0400)]
Make sure to use add.*_rune_noret when not interested on the
return value..
CID:175,177,190
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 07:32:15 +0000 (03:32 -0400)]
Make sure that the args array is initialized
CID:394
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 07:24:30 +0000 (03:24 -0400)]
Make sure dl.top_clip is initialized
CID:406
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 07:22:27 +0000 (03:22 -0400)]
Avoid doing decode_buffer twice when not doing clash
detection
CID:430
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 07:20:33 +0000 (03:20 -0400)]
Remove unneeded initialization of command_builder pointer.
CID:431
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 07:12:13 +0000 (03:12 -0400)]
Do not assign the return of setlocale(LC_ALL,"C") to locale var
since it will be no longer used afterwards.
CID:432
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 07:08:39 +0000 (03:08 -0400)]
Remove unused value of eckey
CID:435
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 07:06:33 +0000 (03:06 -0400)]
Make sure that check and change of state is done on the
mutual exclusion zone. move the sleep outside of it.
CID:440
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 06:58:50 +0000 (02:58 -0400)]
make sure the optable_index cannot be negative, instead
an assertion is made.
CID:117,116,115,114,111,110,109,88,87
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 06:55:59 +0000 (02:55 -0400)]
Make sure avfc is not NULL before dereferencing
CID:457
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 06:54:12 +0000 (02:54 -0400)]
Make sure that avfc is non null before de-reference.
CID:458
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 06:42:43 +0000 (02:42 -0400)]
Make sure the pointers are valid before dereferencing
CID:461
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 06:39:23 +0000 (02:39 -0400)]
Use strncat instead of strcat, even in a paranoid fashion.
CID:463
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 06:29:35 +0000 (02:29 -0400)]
Make sure that mtp has the proper play state before entering
the loop.
CID:466
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Steve Youngs [Fri, 16 Sep 2011 04:19:32 +0000 (14:19 +1000)]
More Coverity fixes from Nelson
Nelson Ferreira [Fri, 16 Sep 2011 03:44:22 +0000 (23:44 -0400)]
Fix stupid typo on previous fix, that broke build.
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 03:33:33 +0000 (23:33 -0400)]
Fix several FILE* leaks in ssl
CID:193,194,195,196,197,198
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 03:17:23 +0000 (23:17 -0400)]
Make implementation comment about issues with strlen of
NULL pointers match the implementation
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 03:16:01 +0000 (23:16 -0400)]
Fix several invalid uses of negative returns on acessing an array
due to ase_optable_index
CID:87,88,109,110,111,114,115,116,117
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 02:59:24 +0000 (22:59 -0400)]
Allocate and copy ures when it would be the return address.
CID:200
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 02:43:44 +0000 (22:43 -0400)]
Move variable path definition to avoid out-of-scope references
to the memory location.
CID:201
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 02:36:53 +0000 (22:36 -0400)]
CID:326,325
Use snprintf instead of sprintf. Although current sizes and formatting
string are fine (since it is only integer printing), it won't hurt to
limit the buffer.
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 02:32:37 +0000 (22:32 -0400)]
Use snprint instead of sprintf. One of the uses of
this CID:342 was of valid concern.
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Fri, 16 Sep 2011 01:43:29 +0000 (21:43 -0400)]
Use snprint even if there is no issue with given size...
Actually reduced it, so that the stack is less likely to
blow up.
CID:343
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Thu, 15 Sep 2011 23:36:26 +0000 (19:36 -0400)]
Get rid of harmless warning about ignoring result of getc, while ignoring ESC ISO2022 sequences.
CID:11
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Thu, 15 Sep 2011 23:01:26 +0000 (19:01 -0400)]
Avoid potential race condition and check only mtp as loop
exit condition, which is updated at each switch condition
that may change the state and also updated under lock.
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Thu, 15 Sep 2011 22:58:11 +0000 (18:58 -0400)]
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Correct silly mistake in previous locking fix. Use UNLOCK instead
of LOCK.
CID:454
Steve Youngs [Thu, 15 Sep 2011 05:49:06 +0000 (15:49 +1000)]
Merge branch 'merges'
Nelson Ferreira [Thu, 15 Sep 2011 04:34:37 +0000 (00:34 -0400)]
Avoid resource leaks in redisplay (runes mostly).
CID:175,176,177,186,187,188,189,190,191
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Thu, 15 Sep 2011 03:44:13 +0000 (23:44 -0400)]
Enclosed the media stop status assignment inside the
mutex zone. Also made sure any "derived" vars were updated
CID:440,441,442
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Thu, 15 Sep 2011 03:34:49 +0000 (23:34 -0400)]
Use ssize_t for string length and return from read calls
CID:130,131,132,133
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Thu, 15 Sep 2011 03:25:35 +0000 (23:25 -0400)]
Initialize the return object to Qnil
CID:452
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Thu, 15 Sep 2011 03:13:27 +0000 (23:13 -0400)]
Check for NULL return from getenv on pdump_load. These
are made with assert since it is so early there is no
recovery possible or needed.
CID:443
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Thu, 15 Sep 2011 03:11:02 +0000 (23:11 -0400)]
Check for NULL return from getenv
CID:444
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Thu, 15 Sep 2011 02:54:49 +0000 (22:54 -0400)]
Remove superfluous pointer check which seems to trigger
CID:445
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Steve Youngs [Wed, 14 Sep 2011 11:58:56 +0000 (21:58 +1000)]
Merge branch 'merges'
Nelson Ferreira [Wed, 14 Sep 2011 10:17:22 +0000 (06:17 -0400)]
Fix potential usage of negative file handle CID:119
Nelson Ferreira [Wed, 14 Sep 2011 10:15:46 +0000 (06:15 -0400)]
Fix potential usage of negative file descriptor
CID:120
Nelson Ferreira [Wed, 14 Sep 2011 10:10:40 +0000 (06:10 -0400)]
Fix potential usage of negative file handle
CID:119
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Wed, 14 Sep 2011 09:45:51 +0000 (05:45 -0400)]
Make loop explicit in signal_if_x_error CID:61
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Wed, 14 Sep 2011 09:41:35 +0000 (05:41 -0400)]
Shutup unchecked call return value (CID:13)
Signed-off-by: Nelson Ferreira <nelson.ferreira@ieee.org>
Nelson Ferreira [Wed, 14 Sep 2011 09:34:29 +0000 (05:34 -0400)]
Fix potential array overrun of static due to sign bit expansion
CID:141
Nelson Ferreira [Wed, 14 Sep 2011 09:27:18 +0000 (05:27 -0400)]
Fix undefined order of eval in while condition.
CID:30
Nelson Ferreira [Wed, 14 Sep 2011 08:36:00 +0000 (04:36 -0400)]
Fix potential stack/string overflow warning
CID:379
Nelson Ferreira [Wed, 14 Sep 2011 08:29:22 +0000 (04:29 -0400)]
Fix potential stack overflow (via string overflow)
CID:380
Nelson Ferreira [Wed, 14 Sep 2011 08:24:09 +0000 (04:24 -0400)]
Use snprintf instead of sprint
CID:344 SECURE_CODING
Nelson Ferreira [Wed, 14 Sep 2011 08:16:58 +0000 (04:16 -0400)]
Fix strcpy from environment variable into fixed size buffer. Fix strcat from argument into fixed size buffer (call to expand_filename).
CID:381
Nelson Ferreira [Wed, 14 Sep 2011 08:15:53 +0000 (04:15 -0400)]
Fix unchecked strcpy from commandline argument into fixed size buffer
CID:382
Steve Youngs [Wed, 14 Sep 2011 05:30:04 +0000 (15:30 +1000)]
Merge branch 'merges'
Nelson Ferreira [Wed, 14 Sep 2011 05:05:59 +0000 (01:05 -0400)]
Fix the ent-mpc issues of Bug 126.
Nelson Ferreira [Wed, 14 Sep 2011 04:59:52 +0000 (00:59 -0400)]
Check the result of sxemacs_stat in Fwrite_region_internal (CID:14)
projects / sxemacs / log