clang -cc1 -cc1 -triple amd64-unknown-openbsd6.9 -analyze -disable-free -disable-llvm-verifier -discard-value-names -main-file-name buf.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 1 -pic-is-pie -mframe-pointer=all -relaxed-aliasing -fno-rounding-math -mconstructor-aliases -munwind-tables -target-cpu x86-64 -target-feature +retpoline-indirect-calls -target-feature +retpoline-indirect-branches -fno-split-dwarf-inlining -debugger-tuning=gdb -resource-dir /usr/local/lib/clang/11.1.0 -I /home/ben/Projects/got/got/../include -I /home/ben/Projects/got/got/../lib -D GOT_LIBEXECDIR=/home/ben/bin -D GOT_VERSION=0.53-current -internal-isystem /usr/local/lib/clang/11.1.0/include -internal-externc-isystem /usr/include -O0 -fdebug-compilation-dir /home/ben/Projects/got/got/obj -ferror-limit 19 -fwrapv -D_RET_PROTECTOR -ret-protector -fgnuc-version=4.2.1 -fno-builtin-malloc -fno-builtin-calloc -fno-builtin-realloc -fno-builtin-valloc -fno-builtin-free -fno-builtin-strdup -fno-builtin-strndup -analyzer-output=html -faddrsig -o /home/ben/Projects/got/scan/2021-05-28-230913-68537-1 -x c /home/ben/Projects/got/got/../lib/buf.c
1 | |
2 | |
3 | |
4 | |
5 | |
6 | |
7 | |
8 | |
9 | |
10 | |
11 | |
12 | |
13 | |
14 | |
15 | |
16 | |
17 | |
18 | |
19 | |
20 | |
21 | |
22 | |
23 | |
24 | |
25 | |
26 | |
27 | #include <sys/queue.h> |
28 | #include <sys/stat.h> |
29 | |
30 | #include <errno.h> |
31 | #include <fcntl.h> |
32 | #include <stdint.h> |
33 | #include <stdio.h> |
34 | #include <stdlib.h> |
35 | #include <string.h> |
36 | #include <unistd.h> |
37 | |
38 | #include "buf.h" |
39 | |
40 | #include "got_error.h" |
41 | |
42 | #define BUF_INCR 128 |
43 | |
44 | #define SIZE_LEFT(b) ((b)->cb_size - (b)->cb_len) |
45 | |
46 | static const struct got_error *buf_grow(BUF *, size_t); |
47 | |
48 | |
49 | |
50 | |
51 | |
52 | |
53 | const struct got_error * |
54 | buf_alloc(BUF **b, size_t len) |
55 | { |
56 | const struct got_error *err = NULL; |
57 | |
58 | *b = malloc(sizeof(**b)); |
| |
59 | if (*b == NULL) |
| 8 | | Assuming the condition is true | |
|
| |
60 | return NULL; |
| 10 | | Returning null pointer, which participates in a condition later | |
|
61 | |
62 | if (len > 0) { |
63 | (*b)->cb_buf = calloc(1, len); |
64 | if ((*b)->cb_buf == NULL) { |
65 | err = got_error_from_errno("calloc"); |
66 | free(*b); |
67 | *b = NULL; |
68 | return err; |
69 | } |
70 | } else |
71 | (*b)->cb_buf = NULL; |
72 | |
73 | (*b)->cb_size = len; |
74 | (*b)->cb_len = 0; |
75 | |
76 | return NULL; |
77 | } |
78 | |
79 | |
80 | |
81 | |
82 | |
83 | |
84 | |
85 | const struct got_error * |
86 | buf_load(BUF **buf, const char *path) |
87 | { |
88 | const struct got_error *err = NULL; |
89 | int fd; |
90 | ssize_t ret; |
91 | size_t len; |
92 | u_char *bp; |
93 | struct stat st; |
94 | |
95 | *buf = NULL; |
96 | |
97 | fd = open(path, O_RDONLY, 0600); |
98 | if (fd == -1) |
| 1 | Assuming the condition is false | |
|
| |
99 | return got_error_from_errno2("open", path); |
100 | |
101 | if (fstat(fd, &st) == -1) { |
| 3 | | Assuming the condition is false | |
|
| |
102 | err = got_error_from_errno2("fstat", path); |
103 | goto out; |
104 | } |
105 | |
106 | if ((uintmax_t)st.st_size > SIZE_MAX) { |
| |
107 | err = got_error_set_errno(EFBIG, path); |
108 | goto out; |
109 | } |
110 | err = buf_alloc(buf, st.st_size); |
| |
| 11 | | Returning from 'buf_alloc' | |
|
111 | if (err) |
| |
112 | goto out; |
113 | for (bp = (*buf)->cb_buf; ; bp += (size_t)ret) { |
| 13 | | Access to field 'cb_buf' results in a dereference of a null pointer |
|
114 | len = SIZE_LEFT(*buf); |
115 | ret = read(fd, bp, len); |
116 | if (ret == -1) { |
117 | err = got_error_from_errno2("read", path); |
118 | goto out; |
119 | } else if (ret == 0) |
120 | break; |
121 | |
122 | (*buf)->cb_len += (size_t)ret; |
123 | } |
124 | |
125 | out: |
126 | if (close(fd) == -1 && err == NULL) |
127 | err = got_error_from_errno2("close", path); |
128 | if (err) { |
129 | buf_free(*buf); |
130 | *buf = NULL; |
131 | } |
132 | return err; |
133 | } |
134 | |
135 | void |
136 | buf_free(BUF *b) |
137 | { |
138 | if (b == NULL) |
139 | return; |
140 | free(b->cb_buf); |
141 | free(b); |
142 | } |
143 | |
144 | |
145 | |
146 | |
147 | |
148 | |
149 | void * |
150 | buf_release(BUF *b) |
151 | { |
152 | void *tmp; |
153 | |
154 | tmp = b->cb_buf; |
155 | free(b); |
156 | return (tmp); |
157 | } |
158 | |
159 | u_char * |
160 | buf_get(BUF *b) |
161 | { |
162 | return (b->cb_buf); |
163 | } |
164 | |
165 | |
166 | |
167 | |
168 | void |
169 | buf_empty(BUF *b) |
170 | { |
171 | memset(b->cb_buf, 0, b->cb_size); |
172 | b->cb_len = 0; |
173 | } |
174 | |
175 | |
176 | |
177 | |
178 | const struct got_error * |
179 | buf_putc(BUF *b, int c) |
180 | { |
181 | const struct got_error *err = NULL; |
182 | u_char *bp; |
183 | |
184 | if (SIZE_LEFT(b) == 0) { |
185 | err = buf_grow(b, BUF_INCR); |
186 | if (err) |
187 | return err; |
188 | } |
189 | bp = b->cb_buf + b->cb_len; |
190 | *bp = (u_char)c; |
191 | b->cb_len++; |
192 | return NULL; |
193 | } |
194 | |
195 | |
196 | |
197 | |
198 | const struct got_error * |
199 | buf_puts(size_t *newlen, BUF *b, const char *str) |
200 | { |
201 | return buf_append(newlen, b, str, strlen(str)); |
202 | } |
203 | |
204 | |
205 | |
206 | |
207 | u_char |
208 | buf_getc(BUF *b, size_t pos) |
209 | { |
210 | return (b->cb_buf[pos]); |
211 | } |
212 | |
213 | |
214 | |
215 | |
216 | |
217 | |
218 | |
219 | const struct got_error * |
220 | buf_append(size_t *newlen, BUF *b, const void *data, size_t len) |
221 | { |
222 | const struct got_error *err = NULL; |
223 | size_t left, rlen; |
224 | u_char *bp; |
225 | |
226 | left = SIZE_LEFT(b); |
227 | rlen = len; |
228 | |
229 | if (left < len) { |
230 | err = buf_grow(b, len - left); |
231 | if (err) |
232 | return err; |
233 | } |
234 | bp = b->cb_buf + b->cb_len; |
235 | memcpy(bp, data, rlen); |
236 | b->cb_len += rlen; |
237 | |
238 | *newlen = rlen; |
239 | return NULL; |
240 | } |
241 | |
242 | |
243 | |
244 | |
245 | size_t |
246 | buf_len(BUF *b) |
247 | { |
248 | return (b->cb_len); |
249 | } |
250 | |
251 | |
252 | |
253 | |
254 | int |
255 | buf_write_fd(BUF *b, int fd) |
256 | { |
257 | u_char *bp; |
258 | size_t len; |
259 | ssize_t ret; |
260 | |
261 | len = b->cb_len; |
262 | bp = b->cb_buf; |
263 | |
264 | do { |
265 | ret = write(fd, bp, len); |
266 | if (ret == -1) { |
267 | if (errno == EINTR || errno == EAGAIN) |
268 | continue; |
269 | return (-1); |
270 | } |
271 | |
272 | len -= (size_t)ret; |
273 | bp += (size_t)ret; |
274 | } while (len > 0); |
275 | |
276 | return (0); |
277 | } |
278 | |
279 | |
280 | |
281 | |
282 | |
283 | const struct got_error * |
284 | buf_write(BUF *b, const char *path, mode_t mode) |
285 | { |
286 | const struct got_error *err = NULL; |
287 | int fd; |
288 | open: |
289 | if ((fd = open(path, O_WRONLY|O_CREAT|O_TRUNC, mode)) == -1) { |
290 | err = got_error_from_errno2("open", path); |
291 | if (errno == EACCES && unlink(path) != -1) |
292 | goto open; |
293 | else |
294 | return err; |
295 | } |
296 | |
297 | if (buf_write_fd(b, fd) == -1) { |
298 | err = got_error_from_errno("buf_write_fd"); |
299 | (void)unlink(path); |
300 | return err; |
301 | } |
302 | |
303 | if (fchmod(fd, mode) < 0) |
304 | err = got_error_from_errno2("fchmod", path); |
305 | |
306 | if (close(fd) == -1 && err == NULL) |
307 | err = got_error_from_errno2("close", path); |
308 | |
309 | return err; |
310 | } |
311 | |
312 | |
313 | |
314 | |
315 | |
316 | |
317 | const struct got_error * |
318 | buf_write_stmp(BUF *b, char *template) |
319 | { |
320 | const struct got_error *err = NULL; |
321 | int fd; |
322 | |
323 | if ((fd = mkstemp(template)) == -1) |
324 | return got_error_from_errno("mkstemp"); |
325 | |
326 | if (buf_write_fd(b, fd) == -1) { |
327 | err = got_error_from_errno("buf_write_fd"); |
328 | (void)unlink(template); |
329 | } |
330 | |
331 | if (close(fd) == -1 && err == NULL) |
332 | err = got_error_from_errno("close"); |
333 | |
334 | return err; |
335 | } |
336 | |
337 | |
338 | |
339 | |
340 | |
341 | static const struct got_error * |
342 | buf_grow(BUF *b, size_t len) |
343 | { |
344 | u_char *buf; |
345 | buf = reallocarray(b->cb_buf, 1, b->cb_size + len); |
346 | if (buf == NULL) |
347 | return got_error_from_errno("reallocarray"); |
348 | b->cb_buf = buf; |
349 | b->cb_size += len; |
350 | return NULL; |
351 | } |