From 80a5a11bb13e572d05d197526e243c5889ddf39e Mon Sep 17 00:00:00 2001 From: Vincent JARDIN Date: Wed, 27 Sep 2017 23:29:49 +0200 Subject: [PATCH 1/4] sha256: fix clang warning t0 and t1 are not used, but want do really want them to be reset to secure the stack. Suggested by Quentin: let's use memset() to be consistent. --- lib/sha256.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/sha256.c b/lib/sha256.c index a1b77901ee..e902021545 100644 --- a/lib/sha256.c +++ b/lib/sha256.c @@ -192,7 +192,8 @@ static void SHA256_Transform(uint32_t *state, const unsigned char block[64]) /* Clean the stack. */ memset(W, 0, 256); memset(S, 0, 32); - t0 = t1 = 0; + memset(t0, 0, sizeof(t0)); + memset(t1, 0, sizeof(t0)); } static unsigned char PAD[64] = { From c31a793b486d0bc34e498fdf703fd7120afbecf0 Mon Sep 17 00:00:00 2001 From: Vincent JARDIN Date: Wed, 27 Sep 2017 23:38:19 +0200 Subject: [PATCH 2/4] scan-build: cleanup some warnings Current cleanup is for unset values or variables that are not used anymore. Regarding ospfd/ospf_vty.c: argv_find() we'll never get it NULL, so get coststr = argv[idx]->arg; --- babeld/babel_main.c | 10 ++++++---- lib/zclient.c | 2 +- ospfd/ospf_vty.c | 7 +++---- pimd/pim_nht.c | 2 +- zebra/zebra_rnh.c | 1 + 5 files changed, 12 insertions(+), 10 deletions(-) diff --git a/babeld/babel_main.c b/babeld/babel_main.c index 6a8f9bb75f..239ab71f06 100644 --- a/babeld/babel_main.c +++ b/babeld/babel_main.c @@ -279,8 +279,7 @@ babel_load_state_file(void) if(fd >= 0 && rc < 0) { zlog_err("unlink(babel-state): %s", safe_strerror(errno)); /* If we couldn't unlink it, it's probably stale. */ - close(fd); - fd = -1; + goto fini; } if(fd >= 0) { char buf[100]; @@ -315,9 +314,12 @@ babel_load_state_file(void) zlog_err("Couldn't parse babel-state."); } } - close(fd); - fd = -1; + goto fini; } +fini: + if (fd >= 0) + close(fd); + return ; } static void diff --git a/lib/zclient.c b/lib/zclient.c index e30f166dde..0b06dbacba 100644 --- a/lib/zclient.c +++ b/lib/zclient.c @@ -1619,7 +1619,7 @@ static int zclient_read_sync_response(struct zclient *zclient, u_int16_t expected_cmd) { struct stream *s; - u_int16_t size; + u_int16_t size = -1; u_char marker; u_char version; vrf_id_t vrf_id; diff --git a/ospfd/ospf_vty.c b/ospfd/ospf_vty.c index 4cbd4b4a99..3ffc68191c 100644 --- a/ospfd/ospf_vty.c +++ b/ospfd/ospf_vty.c @@ -6075,12 +6075,11 @@ DEFUN (ip_ospf_cost, // get arguments char *coststr = NULL, *ifaddr = NULL; - coststr = argv_find(argv, argc, "(1-65535)", &idx) ? argv[idx]->arg - : NULL; - ifaddr = argv_find(argv, argc, "A.B.C.D", &idx) ? argv[idx]->arg : NULL; - + argv_find(argv, argc, "(1-65535)", &idx); + coststr = argv[idx]->arg; cost = strtol(coststr, NULL, 10); + ifaddr = argv_find(argv, argc, "A.B.C.D", &idx) ? argv[idx]->arg : NULL; if (ifaddr) { if (!inet_aton(ifaddr, &addr)) { vty_out(vty, diff --git a/pimd/pim_nht.c b/pimd/pim_nht.c index 1e88ff13ff..7a380796a1 100644 --- a/pimd/pim_nht.c +++ b/pimd/pim_nht.c @@ -194,7 +194,7 @@ int pim_find_or_track_nexthop(struct pim_instance *pim, struct prefix *addr, } if (up != NULL) - up = hash_get(pnc->upstream_hash, up, hash_alloc_intern); + hash_get(pnc->upstream_hash, up, hash_alloc_intern); if (pnc && CHECK_FLAG(pnc->flags, PIM_NEXTHOP_VALID)) { memcpy(out_pnc, pnc, sizeof(struct pim_nexthop_cache)); diff --git a/zebra/zebra_rnh.c b/zebra/zebra_rnh.c index 4bc9caca5d..fabb4f9e14 100644 --- a/zebra/zebra_rnh.c +++ b/zebra/zebra_rnh.c @@ -304,6 +304,7 @@ static void addr2hostprefix(int af, const union g_addr *addr, prefix->u.prefix6 = addr->ipv6; break; default: + memset(prefix, 0, sizeof(*prefix)); zlog_warn("%s: unknown address family %d", __func__, af); break; } From 89a48046dd5ce3c64bc3cbd9af85a10af8516d61 Mon Sep 17 00:00:00 2001 From: Vincent JARDIN Date: Thu, 28 Sep 2017 00:05:52 +0200 Subject: [PATCH 3/4] ospf_packet: scan-build/clang clean up get the code safer using snprintf(). --- ospfd/ospf_packet.c | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/ospfd/ospf_packet.c b/ospfd/ospf_packet.c index 36f9a6757a..0ab83c407f 100644 --- a/ospfd/ospf_packet.c +++ b/ospfd/ospf_packet.c @@ -4065,21 +4065,19 @@ void ospf_ls_ack_send_delayed(struct ospf_interface *oi) * punt-to-CPU set on them. This may overload the CPU control path that * can be avoided if the MAC was known apriori. */ -#define OSPF_PING_NBR_STR_MAX (8 + 40 + 20) +#define OSPF_PING_NBR_STR_MAX (BUFSIZ) void ospf_proactively_arp(struct ospf_neighbor *nbr) { char ping_nbr[OSPF_PING_NBR_STR_MAX]; - char *str_ptr; int ret; if (!nbr || !nbr->oi || !nbr->oi->ifp) return; - str_ptr = strcpy(ping_nbr, "ping -c 1 -I "); - str_ptr = strcat(str_ptr, nbr->oi->ifp->name); - str_ptr = strcat(str_ptr, " "); - str_ptr = strcat(str_ptr, inet_ntoa(nbr->address.u.prefix4)); - str_ptr = strcat(str_ptr, " > /dev/null 2>&1 &"); + snprintf(ping_nbr, sizeof(ping_nbr), + "ping -c 1 -I %s %s > /dev/null 2>&1 &", + nbr->oi->ifp->name, inet_ntoa(nbr->address.u.prefix4)); + ret = system(ping_nbr); if (IS_DEBUG_OSPF_EVENT) zlog_debug("Executed %s %s", ping_nbr, From 04d14c8be13f7218c0bc4279a6ec178276588e3e Mon Sep 17 00:00:00 2001 From: Vincent JARDIN Date: Thu, 28 Sep 2017 00:18:36 +0200 Subject: [PATCH 4/4] scan-build: fix warning Do not change the implementation, just fix scan-build/clang warning. --- babeld/neighbour.c | 1 - bgpd/bgp_route.c | 4 +--- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/babeld/neighbour.c b/babeld/neighbour.c index 5bf7e06fae..48a32c4a9c 100644 --- a/babeld/neighbour.c +++ b/babeld/neighbour.c @@ -165,7 +165,6 @@ update_neighbour(struct neighbour *neigh, int hello, int hello_interval) if(missed_hellos > 0) { neigh->reach >>= missed_hellos; neigh->hello_seqno = seqno_plus(neigh->hello_seqno, missed_hellos); - missed_hellos = 0; rc = 1; } diff --git a/bgpd/bgp_route.c b/bgpd/bgp_route.c index b9f23a387e..3307f86088 100644 --- a/bgpd/bgp_route.c +++ b/bgpd/bgp_route.c @@ -391,7 +391,7 @@ static int bgp_info_cmp(struct bgp *bgp, struct bgp_info *new, int exist_cluster; int internal_as_route; int confed_as_route; - int ret; + int ret = 0; char new_buf[PATH_ADDPATH_STR_BUFFER]; char exist_buf[PATH_ADDPATH_STR_BUFFER]; u_int32_t new_mm_seq; @@ -488,8 +488,6 @@ static int bgp_info_cmp(struct bgp *bgp, struct bgp_info *new, } /* 1. Weight check. */ - new_weight = exist_weight = 0; - new_weight = newattr->weight; exist_weight = existattr->weight;