Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 31 Dec 2019 04:00:24 +0000 (UTC)
From:      Kyle Evans <kevans@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r356215 - head/usr.sbin/inetd
Message-ID:  <201912310400.xBV40Oes011340@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: kevans
Date: Tue Dec 31 04:00:24 2019
New Revision: 356215
URL: https://svnweb.freebsd.org/changeset/base/356215

Log:
  inetd: knock out some clang analyze warnings
  
  chargen_dg: clang-analyze is convinced that endring could be non-NULL at
  entry, and thus wants to assume that rs == NULL. Just independently
  initialize rs if it's NULL to appease the analyzer.
  
  getconfigent: policy leaks on return
  
  free_connlist: reorganize the loop to make it clear that we're not going to
  access `conn` after it's been freed.
  
  cpmip/hashval: left-shifts performed will result in UB as we take
  signed 0xABC3D20F and left shift it by 5.

Modified:
  head/usr.sbin/inetd/builtins.c
  head/usr.sbin/inetd/inetd.c

Modified: head/usr.sbin/inetd/builtins.c
==============================================================================
--- head/usr.sbin/inetd/builtins.c	Tue Dec 31 03:43:13 2019	(r356214)
+++ head/usr.sbin/inetd/builtins.c	Tue Dec 31 04:00:24 2019	(r356215)
@@ -132,10 +132,10 @@ chargen_dg(int s, struct servtab *sep)
 	socklen_t size;
 	char text[LINESIZ+2];
 
-	if (endring == 0) {
+	if (endring == NULL)
 		initring();
+	if (rs == NULL)
 		rs = ring;
-	}
 
 	size = sizeof(ss);
 	if (recvfrom(s, text, sizeof(text), 0,

Modified: head/usr.sbin/inetd/inetd.c
==============================================================================
--- head/usr.sbin/inetd/inetd.c	Tue Dec 31 03:43:13 2019	(r356214)
+++ head/usr.sbin/inetd/inetd.c	Tue Dec 31 04:00:24 2019	(r356215)
@@ -1646,8 +1646,11 @@ more:
 			continue;
 		break;
 	}
-	if (cp == NULL)
-		return ((struct servtab *)0);
+	if (cp == NULL) {
+		free(policy);
+		return (NULL);
+	}
+
 	/*
 	 * clear the static buffer, since some fields (se_ctrladdr,
 	 * for example) don't get initialized here.
@@ -2206,7 +2209,7 @@ cpmip(const struct servtab *sep, int ctrl)
 	   (sep->se_family == AF_INET || sep->se_family == AF_INET6) &&
 	    getpeername(ctrl, (struct sockaddr *)&rss, &rssLen) == 0 ) {
 		time_t t = time(NULL);
-		int hv = 0xABC3D20F;
+		unsigned int hv = 0xABC3D20F;
 		int i;
 		int cnt = 0;
 		CHash *chBest = NULL;
@@ -2493,11 +2496,15 @@ resize_conn(struct servtab *sep, int maxpip)
 static void
 free_connlist(struct servtab *sep)
 {
-	struct conninfo *conn;
+	struct conninfo *conn, *conn_temp;
 	int i, j;
 
 	for (i = 0; i < PERIPSIZE; ++i) {
-		while ((conn = LIST_FIRST(&sep->se_conn[i])) != NULL) {
+		LIST_FOREACH_SAFE(conn, &sep->se_conn[i], co_link, conn_temp) {
+			if (conn == NULL) {
+				LIST_REMOVE(conn, co_link);
+				continue;
+			}
 			for (j = 0; j < conn->co_numchild; ++j)
 				free_proc(conn->co_proc[j]);
 			conn->co_numchild = 0;
@@ -2553,7 +2560,8 @@ free_proc(struct procinfo *proc)
 static int
 hashval(char *p, int len)
 {
-	int i, hv = 0xABC3D20F;
+	unsigned int hv = 0xABC3D20F;
+	int i;
 
 	for (i = 0; i < len; ++i, ++p)
 		hv = (hv << 5) ^ (hv >> 23) ^ *p;

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201912310400.xBV40Oes011340>