diff --git a/examples/cbq.init-v0.7.3 b/examples/cbq.init-v0.7.3 index 1bc0d446..66448d88 100644 --- a/examples/cbq.init-v0.7.3 +++ b/examples/cbq.init-v0.7.3 @@ -532,7 +532,7 @@ cbq_off () { ### Prefixed message cbq_message () { - echo -e "**CBQ: $@" + echo -e "**CBQ: $*" } # cbq_message ### Failure message @@ -560,15 +560,15 @@ cbq_time2abs () { ### Display CBQ setup cbq_show () { for dev in `cbq_device_list`; do - [ `tc qdisc show dev $dev| wc -l` -eq 0 ] && continue + [ "`tc qdisc show dev $dev| wc -l`" -eq 0 ] && continue echo -e "### $dev: queueing disciplines\n" tc $1 qdisc show dev $dev; echo - [ `tc class show dev $dev| wc -l` -eq 0 ] && continue + [ "`tc class show dev $dev| wc -l`" -eq 0 ] && continue echo -e "### $dev: traffic classes\n" tc $1 class show dev $dev; echo - [ `tc filter show dev $dev| wc -l` -eq 0 ] && continue + [ "`tc filter show dev $dev| wc -l`" -eq 0 ] && continue echo -e "### $dev: filtering rules\n" tc $1 filter show dev $dev; echo done @@ -585,7 +585,7 @@ cbq_init () { ### Gather all DEVICE fields from $1/cbq-* DEVFIELDS=`find $1 -maxdepth 1 \( -type f -or -type l \) -name 'cbq-*' \ - -not -name '*~' | xargs sed -n 's/#.*//; \ + -not -name '*~' -print0 | xargs -0 sed -n 's/#.*//; \ s/[[:space:]]//g; /^DEVICE=[^,]*,[^,]*\(,[^,]*\)\?/ \ { s/.*=//; p; }'| sort -u` [ -z "$DEVFIELDS" ] && @@ -593,7 +593,7 @@ cbq_init () { ### Check for different DEVICE fields for the same device DEVICES=`echo "$DEVFIELDS"| sed 's/,.*//'| sort -u` - [ `echo "$DEVICES"| wc -l` -ne `echo "$DEVFIELDS"| wc -l` ] && + [ "`echo "$DEVICES"| wc -l`" -ne "`echo "$DEVFIELDS"| wc -l`" ] && cbq_failure "different DEVICE fields for single device!\n$DEVFIELDS" } # cbq_init @@ -618,7 +618,7 @@ cbq_load_class () { PRIO_MARK=$PRIO_MARK_DEFAULT PRIO_REALM=$PRIO_REALM_DEFAULT - eval `echo "$CFILE"| grep -E "^($CBQ_WORDS)="` + eval "`echo "$CFILE"| grep -E "^($CBQ_WORDS)="`" ### Require RATE/WEIGHT [ -z "$RATE" -o -z "$WEIGHT" ] && @@ -661,7 +661,7 @@ if [ "$1" = "compile" ]; then ### echo-only version of "tc" command tc () { - echo "$TC $@" + echo "$TC $*" } # tc elif [ -n "$CBQ_DEBUG" ]; then @@ -669,13 +669,13 @@ elif [ -n "$CBQ_DEBUG" ]; then ### Logging version of "ip" command ip () { - echo -e "\n# ip $@" >> $CBQ_DEBUG + echo -e "\n# ip $*" >> $CBQ_DEBUG $IP "$@" 2>&1 | tee -a $CBQ_DEBUG } # ip ### Logging version of "tc" command tc () { - echo -e "\n# tc $@" >> $CBQ_DEBUG + echo -e "\n# tc $*" >> $CBQ_DEBUG $TC "$@" 2>&1 | tee -a $CBQ_DEBUG } # tc else @@ -711,8 +711,8 @@ if [ "$1" != "compile" -a "$2" != "nocache" -a -z "$CBQ_DEBUG" ]; then ### validate the cache [ "$2" = "invalidate" -o ! -f $CBQ_CACHE ] && VALID=0 if [ $VALID -eq 1 ]; then - [ `find $CBQ_PATH -maxdepth 1 -newer $CBQ_CACHE| \ - wc -l` -gt 0 ] && VALID=0 + [ "`find $CBQ_PATH -maxdepth 1 -newer $CBQ_CACHE| \ + wc -l`" -gt 0 ] && VALID=0 fi ### compile the config if the cache is invalid diff --git a/ip/ifcfg b/ip/ifcfg index 083d9df3..30a2dc49 100644 --- a/ip/ifcfg +++ b/ip/ifcfg @@ -131,7 +131,7 @@ noarp=$? ip route add unreachable 224.0.0.0/24 >& /dev/null ip route add unreachable 255.255.255.255 >& /dev/null -if [ `ip link ls $dev | grep -c MULTICAST` -ge 1 ]; then +if [ "`ip link ls $dev | grep -c MULTICAST`" -ge 1 ]; then ip route add 224.0.0.0/4 dev $dev scope global >& /dev/null fi diff --git a/ip/iproute_lwtunnel.c b/ip/iproute_lwtunnel.c index 7dde4b27..14294c60 100644 --- a/ip/iproute_lwtunnel.c +++ b/ip/iproute_lwtunnel.c @@ -268,7 +268,7 @@ static char *ila_csum_mode2name(__u8 csum_mode) } } -static __u8 ila_csum_name2mode(char *name) +static int ila_csum_name2mode(char *name) { if (strcmp(name, "adj-transport") == 0) return ILA_CSUM_ADJUST_TRANSPORT; @@ -742,7 +742,7 @@ static int parse_encap_ila(struct rtattr *rta, size_t len, while (argc > 0) { if (strcmp(*argv, "csum-mode") == 0) { - __u8 csum_mode; + int csum_mode; NEXT_ARG(); @@ -751,7 +751,8 @@ static int parse_encap_ila(struct rtattr *rta, size_t len, invarg("\"csum-mode\" value is invalid\n", *argv); - rta_addattr8(rta, 1024, ILA_ATTR_CSUM_MODE, csum_mode); + rta_addattr8(rta, 1024, ILA_ATTR_CSUM_MODE, + (__u8)csum_mode); argc--; argv++; } else { @@ -867,7 +868,7 @@ static int lwt_parse_bpf(struct rtattr *rta, size_t len, err = bpf_parse_common(bpf_type, &cfg, &bpf_cb_ops, &x); if (err < 0) { fprintf(stderr, "Failed to parse eBPF program: %s\n", - strerror(err)); + strerror(-err)); return -1; } rta_nest_end(rta, nest); diff --git a/ip/ipvrf.c b/ip/ipvrf.c index 0094cf85..e6fad32a 100644 --- a/ip/ipvrf.c +++ b/ip/ipvrf.c @@ -372,12 +372,12 @@ static int vrf_switch(const char *name) /* -1 on length to add '/' to the end */ if (ipvrf_get_netns(netns, sizeof(netns) - 1) < 0) - return -1; + goto out; if (vrf_path(vpath, sizeof(vpath)) < 0) { fprintf(stderr, "Failed to get base cgroup path: %s\n", strerror(errno)); - return -1; + goto out; } /* if path already ends in netns then don't add it again */ @@ -428,13 +428,14 @@ static int vrf_switch(const char *name) snprintf(pid, sizeof(pid), "%d", getpid()); if (write(fd, pid, strlen(pid)) < 0) { fprintf(stderr, "Failed to join cgroup\n"); - goto out; + goto out2; } rc = 0; +out2: + close(fd); out: free(mnt); - close(fd); return rc; } diff --git a/lib/libnetlink.c b/lib/libnetlink.c index 81a344ab..874e660b 100644 --- a/lib/libnetlink.c +++ b/lib/libnetlink.c @@ -49,13 +49,17 @@ static int err_attr_cb(const struct nlattr *attr, void *data) const struct nlattr **tb = data; uint16_t type; - if (mnl_attr_type_valid(attr, NLMSGERR_ATTR_MAX) < 0) + if (mnl_attr_type_valid(attr, NLMSGERR_ATTR_MAX) < 0) { + fprintf(stderr, "Invalid extack attribute\n"); return MNL_CB_ERROR; + } type = mnl_attr_get_type(attr); - if (mnl_attr_validate(attr, extack_policy[type]) < 0) + if (mnl_attr_validate(attr, extack_policy[type]) < 0) { + fprintf(stderr, "extack attribute %d failed validation\n", + type); return MNL_CB_ERROR; - + } tb[type] = attr; return MNL_CB_OK; @@ -64,7 +68,7 @@ static int err_attr_cb(const struct nlattr *attr, void *data) /* dump netlink extended ack error message */ static int nl_dump_ext_err(const struct nlmsghdr *nlh, nl_ext_ack_fn_t errfn) { - struct nlattr *tb[NLMSGERR_ATTR_MAX + 1]; + struct nlattr *tb[NLMSGERR_ATTR_MAX + 1] = {}; const struct nlmsgerr *err = mnl_nlmsg_get_payload(nlh); const struct nlmsghdr *err_nlh = NULL; unsigned int hlen = sizeof(*err); @@ -79,7 +83,8 @@ static int nl_dump_ext_err(const struct nlmsghdr *nlh, nl_ext_ack_fn_t errfn) if (!(nlh->nlmsg_flags & NLM_F_CAPPED)) hlen += mnl_nlmsg_get_payload_len(&err->msg); - mnl_attr_parse(nlh, hlen, err_attr_cb, tb); + if (mnl_attr_parse(nlh, hlen, err_attr_cb, tb) != MNL_CB_OK) + return 0; if (tb[NLMSGERR_ATTR_MSG]) errmsg = mnl_attr_get_str(tb[NLMSGERR_ATTR_MSG]); diff --git a/misc/ifstat.c b/misc/ifstat.c index a853ee6d..1be21703 100644 --- a/misc/ifstat.c +++ b/misc/ifstat.c @@ -143,8 +143,10 @@ static int get_nlmsg_extended(const struct sockaddr_nl *who, struct rtattr *attr; attr = parse_rtattr_one_nested(sub_type, tb[filter_type]); - if (attr == NULL) + if (attr == NULL) { + free(n); return 0; + } memcpy(&n->val, RTA_DATA(attr), sizeof(n->val)); } memset(&n->rate, 0, sizeof(n->rate)); @@ -533,8 +535,12 @@ static void dump_kern_db(FILE *fp) else print_one_if(fp, n, n->val); } - if (json_output) - fprintf(fp, "\n} }\n"); + if (jw) { + jsonw_end_object(jw); + + jsonw_end_object(jw); + jsonw_destroy(&jw); + } } static void dump_incr_db(FILE *fp) diff --git a/misc/ss.c b/misc/ss.c index f0d1c22f..10360e5a 100644 --- a/misc/ss.c +++ b/misc/ss.c @@ -2688,41 +2688,44 @@ static int tcp_show_netlink_file(struct filter *f) { FILE *fp; char buf[16384]; + int err = -1; if ((fp = fopen(getenv("TCPDIAG_FILE"), "r")) == NULL) { perror("fopen($TCPDIAG_FILE)"); - return -1; + return err; } while (1) { - int status, err; + int status, err2; struct nlmsghdr *h = (struct nlmsghdr *)buf; struct sockstat s = {}; status = fread(buf, 1, sizeof(*h), fp); if (status < 0) { perror("Reading header from $TCPDIAG_FILE"); - return -1; + break; } if (status != sizeof(*h)) { perror("Unexpected EOF reading $TCPDIAG_FILE"); - return -1; + break; } status = fread(h+1, 1, NLMSG_ALIGN(h->nlmsg_len-sizeof(*h)), fp); if (status < 0) { perror("Reading $TCPDIAG_FILE"); - return -1; + break; } if (status + sizeof(*h) < h->nlmsg_len) { perror("Unexpected EOF reading $TCPDIAG_FILE"); - return -1; + break; } /* The only legal exit point */ - if (h->nlmsg_type == NLMSG_DONE) - return 0; + if (h->nlmsg_type == NLMSG_DONE) { + err = 0; + break; + } if (h->nlmsg_type == NLMSG_ERROR) { struct nlmsgerr *err = (struct nlmsgerr *)NLMSG_DATA(h); @@ -2733,7 +2736,7 @@ static int tcp_show_netlink_file(struct filter *f) errno = -err->error; perror("TCPDIAG answered"); } - return -1; + break; } parse_diag_msg(h, &s); @@ -2742,10 +2745,15 @@ static int tcp_show_netlink_file(struct filter *f) if (f && f->f && run_ssfilter(f->f, &s) == 0) continue; - err = inet_show_sock(h, &s); - if (err < 0) - return err; + err2 = inet_show_sock(h, &s); + if (err2 < 0) { + err = err2; + break; + } } + + fclose(fp); + return err; } static int tcp_show(struct filter *f, int socktype) @@ -3162,8 +3170,10 @@ static int unix_show(struct filter *f) if (name[0]) { u->name = strdup(name); - if (!u->name) + if (!u->name) { + free(u); break; + } } if (u->rport) { diff --git a/tc/em_ipset.c b/tc/em_ipset.c index fab975f5..b5975651 100644 --- a/tc/em_ipset.c +++ b/tc/em_ipset.c @@ -84,6 +84,7 @@ static int get_version(unsigned int *version) res = getsockopt(sockfd, SOL_IP, SO_IP_SET, &req_version, &size); if (res != 0) { perror("xt_set getsockopt"); + close(sockfd); return -1; } diff --git a/tipc/bearer.c b/tipc/bearer.c index 810344f6..c3d4491f 100644 --- a/tipc/bearer.c +++ b/tipc/bearer.c @@ -163,6 +163,7 @@ static int nl_add_udp_enable_opts(struct nlmsghdr *nlh, struct opt *opts, if (!remip) { if (generate_multicast(loc->ai_family, buf, sizeof(buf))) { fprintf(stderr, "Failed to generate multicast address\n"); + freeaddrinfo(loc); return -EINVAL; } remip = buf; @@ -177,6 +178,8 @@ static int nl_add_udp_enable_opts(struct nlmsghdr *nlh, struct opt *opts, if (rem->ai_family != loc->ai_family) { fprintf(stderr, "UDP local and remote AF mismatch\n"); + freeaddrinfo(rem); + freeaddrinfo(loc); return -EINVAL; } diff --git a/tipc/node.c b/tipc/node.c index 201fe1a4..fe085aec 100644 --- a/tipc/node.c +++ b/tipc/node.c @@ -109,7 +109,8 @@ static int cmd_node_get_addr(struct nlmsghdr *nlh, const struct cmd *cmd, socklen_t sz = sizeof(struct sockaddr_tipc); struct sockaddr_tipc addr; - if (!(sk = socket(AF_TIPC, SOCK_RDM, 0))) { + sk = socket(AF_TIPC, SOCK_RDM, 0); + if (sk < 0) { fprintf(stderr, "opening TIPC socket: %s\n", strerror(errno)); return -1; }