commit 4e4d66b33ee79217808936f9b6d0796456e2ab7f
Author: Dridi Boukelmoune <dridi.boukelmoune@gmail.com>
Date: Mon Dec 5 11:26:51 2022 +0100
acceptor: Address false positive in Coverity Scan
Upon success we expect a non-null pointer, and to make sure this is not
residual uninitialized stack memory, it is null'd beforehand.
/bin/varnishd/cache/cache_acceptor.c: 375 in vca_mk_tcp()
369 {
370 struct suckaddr *sa;
371 ssize_t sz;
372
373 AN(SES_Reserve_remote_addr(sp, &sa, &sz));
374 assert(sz == vsa_suckaddr_len);
>>> CID 1517259: Resource leaks (RESOURCE_LEAK)
>>> Failing to save or free storage allocated by "VSA_Build(sa, &wa->acceptaddr, wa->acceptaddrlen)" leaks it.
375 AN(VSA_Build(sa, &wa->acceptaddr, wa->acceptaddrlen));
376 sp->sattr[SA_CLIENT_ADDR] = sp->sattr[SA_REMOTE_ADDR];
It is precisely because we reserve the space to store the built suckaddr
that there won't be a malloc() call made behind our back.
For some reason, it only complained about one call site.
diff --git a/bin/varnishd/cache/cache_acceptor.c b/bin/varnishd/cache/cache_acceptor.c
index 67947114b..b25e186f0 100644
--- a/bin/varnishd/cache/cache_acceptor.c
+++ b/bin/varnishd/cache/cache_acceptor.c
@@ -367,10 +367,11 @@ static void
vca_mk_tcp(const struct wrk_accept *wa,
struct sess *sp, char *laddr, char *lport, char *raddr, char *rport)
{
- struct suckaddr *sa;
+ struct suckaddr *sa = NULL;
ssize_t sz;
AN(SES_Reserve_remote_addr(sp, &sa, &sz));
+ AN(sa);
assert(sz == vsa_suckaddr_len);
AN(VSA_Build(sa, &wa->acceptaddr, wa->acceptaddrlen));
sp->sattr[SA_CLIENT_ADDR] = sp->sattr[SA_REMOTE_ADDR];
@@ -390,11 +391,12 @@ static void
vca_mk_uds(struct wrk_accept *wa, struct sess *sp, char *laddr, char *lport,
char *raddr, char *rport)
{
- struct suckaddr *sa;
+ struct suckaddr *sa = NULL;
ssize_t sz;
(void) wa;
AN(SES_Reserve_remote_addr(sp, &sa, &sz));
+ AN(sa);
assert(sz == vsa_suckaddr_len);
AZ(SES_Set_remote_addr(sp, bogo_ip));
sp->sattr[SA_CLIENT_ADDR] = sp->sattr[SA_REMOTE_ADDR];
_______________________________________________
varnish-commit mailing list
varnish-commit@varnish-cache.org
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-commit
Author: Dridi Boukelmoune <dridi.boukelmoune@gmail.com>
Date: Mon Dec 5 11:26:51 2022 +0100
acceptor: Address false positive in Coverity Scan
Upon success we expect a non-null pointer, and to make sure this is not
residual uninitialized stack memory, it is null'd beforehand.
/bin/varnishd/cache/cache_acceptor.c: 375 in vca_mk_tcp()
369 {
370 struct suckaddr *sa;
371 ssize_t sz;
372
373 AN(SES_Reserve_remote_addr(sp, &sa, &sz));
374 assert(sz == vsa_suckaddr_len);
>>> CID 1517259: Resource leaks (RESOURCE_LEAK)
>>> Failing to save or free storage allocated by "VSA_Build(sa, &wa->acceptaddr, wa->acceptaddrlen)" leaks it.
375 AN(VSA_Build(sa, &wa->acceptaddr, wa->acceptaddrlen));
376 sp->sattr[SA_CLIENT_ADDR] = sp->sattr[SA_REMOTE_ADDR];
It is precisely because we reserve the space to store the built suckaddr
that there won't be a malloc() call made behind our back.
For some reason, it only complained about one call site.
diff --git a/bin/varnishd/cache/cache_acceptor.c b/bin/varnishd/cache/cache_acceptor.c
index 67947114b..b25e186f0 100644
--- a/bin/varnishd/cache/cache_acceptor.c
+++ b/bin/varnishd/cache/cache_acceptor.c
@@ -367,10 +367,11 @@ static void
vca_mk_tcp(const struct wrk_accept *wa,
struct sess *sp, char *laddr, char *lport, char *raddr, char *rport)
{
- struct suckaddr *sa;
+ struct suckaddr *sa = NULL;
ssize_t sz;
AN(SES_Reserve_remote_addr(sp, &sa, &sz));
+ AN(sa);
assert(sz == vsa_suckaddr_len);
AN(VSA_Build(sa, &wa->acceptaddr, wa->acceptaddrlen));
sp->sattr[SA_CLIENT_ADDR] = sp->sattr[SA_REMOTE_ADDR];
@@ -390,11 +391,12 @@ static void
vca_mk_uds(struct wrk_accept *wa, struct sess *sp, char *laddr, char *lport,
char *raddr, char *rport)
{
- struct suckaddr *sa;
+ struct suckaddr *sa = NULL;
ssize_t sz;
(void) wa;
AN(SES_Reserve_remote_addr(sp, &sa, &sz));
+ AN(sa);
assert(sz == vsa_suckaddr_len);
AZ(SES_Set_remote_addr(sp, bogo_ip));
sp->sattr[SA_CLIENT_ADDR] = sp->sattr[SA_REMOTE_ADDR];
_______________________________________________
varnish-commit mailing list
varnish-commit@varnish-cache.org
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-commit