Rework the `nbWrite()` function so, that it gets safe
in terms of:
- operating on data written/data remaining integers
- has protection guards for extra big chunks to write at once
Refactor to use size_t/ssize_t instead of primitive int,
where possible (e.g. bytesWritten).
Let the `nbWrite()` use reference instead of pointer
for the bytes written parameter.
Fixes Coverity Scan report:
4. tainted_data_return: Called function write(fd, sp, nToWrite),
and a possible return value may be less than zero.
5. cast_overflow: An assign that casts to a different type,
which might trigger an overflow.
Overflowed integer argument (INTEGER_OVERFLOW)
13. overflow_sink: nToWrite, which might have overflowed,
is passed to write(fd, sp, nToWrite).
7. overflow: The expression nToWrite is considered
to have possibly overflowed.
Change-Id: I32aa6aae5ef5715d61a91714e62b0a094bc03f21
As long as the `TypeInt` is actually a long primitive,
and we tend to switch using the long type everywhere
within xml implementation, then
there is no need to support both `int` and `long`
types, just force users to be on `long` always.
Refactor the user code accordingly.
Change-Id: I5c5b032a824a84f69f99dc7c755d0da745a9a068
Don't try to double free the `_ssl_ssl` and `_ssl_ctx`
provided by `XmlRpcSource`, because this job
is already done by `XmlRpcSource::close()`.
Additionally:
- add a separate non-null check for the _ssl_ctx freeing
- move log lines from `XmlRpcClient::close()` to `XmlRpcSource::close()`
Change-Id: Ifef799fa6a0ffa65b60415f39c51f4b54ff4bb14
Additional logic around these two objects to free it during the
destruction phase.
Also add NULLing for the according pointers in other places
which might also free it before the destructor takes place,
which would lead otherwise to a double free attempt.
Change-Id: I046a660e4b1467a7093dbf2c0c3170a950d5f607
Don't appeal to the XmlRpcSource's members (e.g. `_ssl`)
if this has been freed via `this`.
To check this out see controllable delete behavior
via introduced getter `getsDeletedOnClose()`.
Should fix:
freed_arg: close frees this.
CID 542402: (#1 of 1): Read from pointer after free (USE_AFTER_FREE)
use_after_free: Using freed pointer this.
Change-Id: I8f23564957c57491db8cf051e7296671bf2a698a
Let STL handle memory management and type safety.
In the future this can be refactored further to eliminate the "Type"
enum and value, as the variant itself keeps this information.
Fix white spacing.
Change-Id: I6e903b51de339b686ba89bb7ae81f4d86eb66bc0
Store integers as long to reduce likelihood of overflows. Retain
overloaded accessors for compatibility.
Use time_t and suseconds_t for timestamps.
Fix up formatting strings to match the new types and to also fix
incorrect formatting of decimal values.
Remove unused methods.
Change-Id: I58bfcd8a34bef2363eac06242dfedf6aae8451e0
Move from debian/rules into actual makefile. This is not Debian-specific
and needs to be set for a successful build.
Also it's not a preprocessor option, it's a C++ option.
Change-Id: I19be56f4e319778def5697b1fdbc77a9988ccb9b
Add missing initialisers and fix order.
In some cases the member was actually unused and could just be removed.
Change-Id: I0f0c927eb8271c35dcfd371f225847f62bea2812
Warned-by: Coverity
Use a static cast to make sure we use the right type for
std::string::length()
Change-Id: I3b21146ca8898d7e1f3b35c83389d37eadac5ff6
Warned-by: Coverity
Make it more explicit that this is meant to set the flag instead of
doing a comparison with a typo.
Change-Id: I31a1a7f35b9072f157105f6c2acdd2caf9bea09a
Warned-by: Coverity
Give an exact size of the buf to the `snprintf()` and also treat the
returned value from it to eliminate this warning:
src/XmlRpcValue.cpp: In member function 'std::string XmlRpc::XmlRpcValue::timeToXml() const':
src/XmlRpcValue.cpp:404:53: warning: '%02d' directive output may be truncated writing between 2 and 11 bytes into a region of size between 0 and 7 [-Wformat-truncation=]
404 | snprintf(buf, sizeof(buf)-1, "%04d%02d%02dT%02d:%02d:%02d",
| ^~~~
In file included from /usr/include/stdio.h:867,
from /usr/include/c++/10/cstdio:42,
from /usr/include/c++/10/ext/string_conversions.h:43,
from /usr/include/c++/10/bits/basic_string.h:6545,
from /usr/include/c++/10/string:55,
from src/XmlRpcValue.h:14,
from src/XmlRpcValue.cpp:2:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:67:35: note: '__builtin___snprintf_chk' output between 18 and 70 bytes into a destination of size 19
67 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
| ~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
68 | __bos (__s), __fmt, __va_arg_pack ());
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Change-Id: Ic545bbc942715f433610f49286ee9d0f92ee25f6
We should provide a proper formation of the timestamp
in the `timeToXml()`. Just unify that in the manner
it's done in the rest of places.
It will fix then this:
src/XmlRpcValue.cpp: In member function 'std::string XmlRpc::XmlRpcValue::timeToXml() const':
src/XmlRpcValue.cpp:404:53: warning: '%02d' directive output may be truncated writing between 2 and 11 bytes into a region of size between 0 and 7 [-Wformat-truncation=]
404 | snprintf(buf, sizeof(buf)-1, "%04d%02d%02dT%02d:%02d:%02d",
| ^~~~
In file included from /usr/include/stdio.h:867,
from /usr/include/c++/10/cstdio:42,
from /usr/include/c++/10/ext/string_conversions.h:43,
from /usr/include/c++/10/bits/basic_string.h:6545,
from /usr/include/c++/10/string:55,
from src/XmlRpcValue.h:14,
from src/XmlRpcValue.cpp:2:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:67:35: note: '__builtin___snprintf_chk' output between 18 and 70 bytes into a destination of size 19
67 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
| ~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
68 | __bos (__s), __fmt, __va_arg_pack ());
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Change-Id: Iadfed6c14e1bdb0c8ed0b8b36b996ed08b129c42
A mistake in the bool of the return in the XmlRpc::tmEq():
src/XmlRpcValue.cpp: In function 'bool XmlRpc::tmEq(const tm&, const tm&)':
src/XmlRpcValue.cpp:144:52: warning: self-comparison always evaluates to true [-Wtautological-compare]
144 | t1.tm_hour == t2.tm_hour && t1.tm_mday == t1.tm_mday &&
|
Second one should be of the `t2` variable.
Change-Id: I7fbf3b1b2f9becdb14db2e994fb4d0abf0937964
Guillem Jover
Richard Fuchs
Donat Zenichev
Victor Seva
Stefan Sayer
Raphael Coeffic
Peter Lemenkov