From 7ceaa01b8b95ff9dc285031843143d0f2324a252 Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 14:27:04 -0600 Subject: [PATCH 01/28] utils: Fix coverity warning in adaptived_get_schedstat() Fix the following coverity warning by adding an explicit check for "cpu < 0" 512065 Negative array index read A memory location at a negative offset from the beginning of the array will be read, resulting in incorrect values. In adaptived_get_schedstat: Negative value used to index an array in a read operation (CWE-129) Signed-off-by: Tom Hromatka --- adaptived/src/utils/sched_utils.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/adaptived/src/utils/sched_utils.c b/adaptived/src/utils/sched_utils.c index 04c2008..56ebbc3 100644 --- a/adaptived/src/utils/sched_utils.c +++ b/adaptived/src/utils/sched_utils.c @@ -195,6 +195,9 @@ API int adaptived_get_schedstat(const char * const schedstat_file, struct adapti goto error; } } else if (0 == strncmp(line, "domain", 6)) { + if (cpu < 0) + continue; + token = strtok(line, " "); domain = atoi(token + 6); if (domain < 0 || domain >= MAX_DOMAIN_LEVELS) { From 4274789540f3efa738e3b0e8d5a825687ff1a59f Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 14:32:43 -0600 Subject: [PATCH 02/28] effects: Fix coverity warning in print_init() Fix the following coverity warning by explicitly initializing the print_opts struct to 0. 512057 Uninitialized pointer read Incorrect values could be read from, or even written to, an arbitrary memory location, causing incorrect computations. In print_init: Reads an uninitialized pointer or its targe (CWE-457) Signed-off-by: Tom Hromatka --- adaptived/src/effects/print.c | 1 + 1 file changed, 1 insertion(+) diff --git a/adaptived/src/effects/print.c b/adaptived/src/effects/print.c index 0309674..2daa50f 100644 --- a/adaptived/src/effects/print.c +++ b/adaptived/src/effects/print.c @@ -60,6 +60,7 @@ int print_init(struct adaptived_effect * const eff, struct json_object *args_obj ret = -ENOMEM; goto error; } + memset(opts, 0, sizeof(struct print_opts)); ret = adaptived_parse_string(args_obj, "message", &msg_str); if (ret == -ENOENT) { From d38cbdd78ee81877710ea8722d35b8c0b67ab2d9 Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 14:34:24 -0600 Subject: [PATCH 03/28] effects: Fix coverity warning in kill_processes_init() Fix the following coverity warning by initializing opts->proc_name to '\0' instead of '0'. 512051 Memset fill value of '0' The buffer will be filled with ASCII character '0' instead of actual zero bytes. In _kill_processes_init: A memset fill value of ASCII character '0' is likely intended to be 0 (CWE-665) Signed-off-by: Tom Hromatka --- adaptived/src/effects/kill_processes.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/adaptived/src/effects/kill_processes.c b/adaptived/src/effects/kill_processes.c index d8f331d..36cf2c0 100644 --- a/adaptived/src/effects/kill_processes.c +++ b/adaptived/src/effects/kill_processes.c @@ -102,7 +102,7 @@ static int _kill_processes_init(struct adaptived_effect * const eff, struct json goto error; } - memset(opts->proc_names, '0', sizeof(char *) * opts->proc_name_cnt); + memset(opts->proc_names, '\0', sizeof(char *) * opts->proc_name_cnt); for (i = 0; i < opts->proc_name_cnt; i++) { proc_name_obj = json_object_array_get_idx(proc_names_obj, i); From bd3b9f822aaf7991c6e7af52be9362125e2046b7 Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 14:37:51 -0600 Subject: [PATCH 04/28] effects: Fix coverity warning in sd_bus_set_str() Fix the following coverity warning by freeing the validate_value string if it's a valid pointer. 512049 Resource leak The system resource will not be reclaimed and reused, reducing the future availability of the resource. In adaptived_sd_bus_set_str: Leak of memory or pointers to system resources (CWE-404) Signed-off-by: Tom Hromatka --- adaptived/src/utils/sd_bus_utils.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/adaptived/src/utils/sd_bus_utils.c b/adaptived/src/utils/sd_bus_utils.c index d283514..b962259 100644 --- a/adaptived/src/utils/sd_bus_utils.c +++ b/adaptived/src/utils/sd_bus_utils.c @@ -425,8 +425,12 @@ API int adaptived_sd_bus_set_str(const char * const target, const char * const p char *validate_value = NULL; ret = adaptived_sd_bus_get_str(target, property, &validate_value); - if (ret) + if (ret) { + if (validate_value) + free(validate_value); + return ret; + } if (!validate_value) { adaptived_err("Failed to validate %s.\n", property); From 75c147a7f09f1935d9bf853099c68a35504ced32 Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 14:40:31 -0600 Subject: [PATCH 05/28] effects: Fix coverity warning in kill_cgroup_init() Fix the following coverity warning in kill_cgroup_init() by explicitly setting the opts struct to 0 prior to its usage. 512037 Uninitialized pointer read Incorrect values could be read from, or even written to, an arbitrary memory location, causing incorrect computations. In kill_cgroup_init: Reads an uninitialized pointer or its target (CWE-457) Signed-off-by: Tom Hromatka --- adaptived/src/effects/kill_cgroup.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/adaptived/src/effects/kill_cgroup.c b/adaptived/src/effects/kill_cgroup.c index 0abaa45..c94b655 100644 --- a/adaptived/src/effects/kill_cgroup.c +++ b/adaptived/src/effects/kill_cgroup.c @@ -58,6 +58,8 @@ int kill_cgroup_init(struct adaptived_effect * const eff, struct json_object *ar goto error; } + memset(opts, 0, sizeof(struct kill_cg_opts)); + ret = adaptived_parse_string(args_obj, "cgroup", &cgroup_path_str); if (ret) goto error; From d864f69cdf7565f8dc09c3a2608398bf96a8d587 Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 14:42:38 -0600 Subject: [PATCH 06/28] effects: Fix coverity warning in _cgroup_setting_init() Fix coverity warning in _cgroup_setting_init() by explicitly initializing the opts struct to 0. 512036 Uninitialized pointer read Incorrect values could be read from, or even written to, an arbitrary memory location, causing incorrect computations. In _cgroup_setting_init: Reads an uninitialized pointer or its target (CWE-457) Signed-off-by: Tom Hromatka --- adaptived/src/effects/cgroup_setting.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/adaptived/src/effects/cgroup_setting.c b/adaptived/src/effects/cgroup_setting.c index 0b66fa3..d0af2b7 100644 --- a/adaptived/src/effects/cgroup_setting.c +++ b/adaptived/src/effects/cgroup_setting.c @@ -64,6 +64,8 @@ static int _cgroup_setting_init(struct adaptived_effect * const eff, struct json ret = -ENOMEM; goto error; } + + memset(opts, 0, sizeof(struct cg_opts)); opts->value.type = ADAPTIVED_CGVAL_CNT; opts->limit.type = ADAPTIVED_CGVAL_CNT; opts->limit_provided = false; From a70fa0856e883495c15d0fd792b8085e898808f0 Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 14:45:06 -0600 Subject: [PATCH 07/28] parse: Fix coverity warning in parse_rule() Fix the following coverity warning by checking for a null pointer in the rule variable: 512066 Dereference after null check Either the check against null is unnecessary, or there may be a null pointer dereference. In parse_rule: Pointer is checked against null but then dereferenced anyway (CWE-476) Signed-off-by: Tom Hromatka --- adaptived/src/parse.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/adaptived/src/parse.c b/adaptived/src/parse.c index e454042..84789fe 100644 --- a/adaptived/src/parse.c +++ b/adaptived/src/parse.c @@ -605,7 +605,9 @@ int parse_rule(struct adaptived_ctx * const ctx, struct json_object * const rule return ret; error: - rule_destroy(&rule); + if (rule) + rule_destroy(&rule); + return ret; } From dc52e07f45353c5e3abe4a0033ef86bed6bfa6db Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 14:46:39 -0600 Subject: [PATCH 08/28] utils: Fix coverity warning in adaptived_cgroup_set_str() Fix the following coverity warning in adaptived_cgroup_set_str() by using ssize_t rather than size_t. 512063 Unsigned compared against 0 An unsigned value can never be negative, so this test will always evaluate the same way. In adaptived_cgroup_set_str: An unsigned value can never be less than 0 (CWE-570) Signed-off-by: Tom Hromatka --- adaptived/src/utils/cgroup_utils.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/adaptived/src/utils/cgroup_utils.c b/adaptived/src/utils/cgroup_utils.c index 5981237..7b0ae73 100644 --- a/adaptived/src/utils/cgroup_utils.c +++ b/adaptived/src/utils/cgroup_utils.c @@ -202,7 +202,7 @@ API int adaptived_cgroup_get_float(const char * const setting, float * const val API int adaptived_cgroup_set_str(const char * const setting, const char * const value, uint32_t flags) { char *validate_value; - size_t bytes_written; + ssize_t bytes_written; int ret = 0; int fd; From daaa7ce5116c5385e2e75b4a41b893cf1655ce85 Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 14:51:37 -0600 Subject: [PATCH 09/28] effects: Fix whitespace issues in logger.c Signed-off-by: Tom Hromatka --- adaptived/src/effects/logger.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/adaptived/src/effects/logger.c b/adaptived/src/effects/logger.c index cbf8842..b17ec4e 100644 --- a/adaptived/src/effects/logger.c +++ b/adaptived/src/effects/logger.c @@ -396,9 +396,9 @@ int logger_main(struct adaptived_effect * const eff) return ret; } - void logger_exit(struct adaptived_effect * const eff) - { - struct logger_opts *opts = (struct logger_opts *)eff->data; +void logger_exit(struct adaptived_effect * const eff) +{ + struct logger_opts *opts = (struct logger_opts *)eff->data; - free_opts(opts); + free_opts(opts); } From 5315841d57b52e5fb11e65d7fe4cff1c85422a7e Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 14:52:12 -0600 Subject: [PATCH 10/28] effects: Fix coverity warning in logger_main() Fix the following coverity warning by explicitly setting fnp to NULL after fclose'ing it. 512059 Use after close Operations on closed handles will fail. In logger_main: A resource handle or descriptor is used after being closed (CWE-672) Signed-off-by: Tom Hromatka --- adaptived/src/effects/logger.c | 1 + 1 file changed, 1 insertion(+) diff --git a/adaptived/src/effects/logger.c b/adaptived/src/effects/logger.c index b17ec4e..30e9567 100644 --- a/adaptived/src/effects/logger.c +++ b/adaptived/src/effects/logger.c @@ -355,6 +355,7 @@ int logger_main(struct adaptived_effect * const eff) read = fread(&buf[strlen(buf)], 1, min(opts->max_file_size, size), fnp); fclose(fnp); + fnp = NULL; if (read <= 0) { adaptived_err("logger_main: amount read from %s (%d) != size (%d)\n", filep->filename, read, size); From a7b969a1410a2f2c0153cc08d3d0f48f96e2c4b7 Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 14:54:55 -0600 Subject: [PATCH 11/28] effects: Fix coverity warning in logger_main() Fix the following coverity warning in logger_main() by promoting the variable `size` from int to long and updating the error message to utilize %ld rather than %d for the `size` and `read` variables. 512058 Invalid type in argument to printf format specifier An argument with the wrong type was passed to a format specifier, leading to undefined behavior. In logger_main: An argument with the wrong type was passed to a print format specifier. (CWE-686) Signed-off-by: Tom Hromatka --- adaptived/src/effects/logger.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/adaptived/src/effects/logger.c b/adaptived/src/effects/logger.c index 30e9567..f282334 100644 --- a/adaptived/src/effects/logger.c +++ b/adaptived/src/effects/logger.c @@ -316,7 +316,7 @@ int logger_main(struct adaptived_effect * const eff) filep = opts->file_list; do { struct stat statbuf; - int size; + long size; fnp = fopen(filep->filename, "r"); if (fnp == NULL) @@ -332,7 +332,7 @@ int logger_main(struct adaptived_effect * const eff) goto error; } size = statbuf.st_size; - if (!size || size >= opts->max_file_size) + if (size == 0 || size >= opts->max_file_size) size = opts->max_file_size; buf = malloc(size + 1); if (!buf) { @@ -357,7 +357,7 @@ int logger_main(struct adaptived_effect * const eff) fclose(fnp); fnp = NULL; if (read <= 0) { - adaptived_err("logger_main: amount read from %s (%d) != size (%d)\n", + adaptived_err("logger_main: amount read from %s (%ld) != size (%ld)\n", filep->filename, read, size); ret = -EINVAL; goto error; From d38bbe013820307e52230a343581ae957400e6de Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 14:57:45 -0600 Subject: [PATCH 12/28] adaptived: Fix coverity warning in adaptived_release() Fix the following coverity warning by explicitly verifying the ctx pointer before dereferencing it. 512056 Dereference before null check There may be a null pointer dereference, or else the comparison against null is unnecessary. In adaptived_release: All paths that lead to this null pointer comparison already dereference the pointer earlier (CWE-476) Signed-off-by: Tom Hromatka --- adaptived/src/main.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/adaptived/src/main.c b/adaptived/src/main.c index d6ccf35..1504d29 100644 --- a/adaptived/src/main.c +++ b/adaptived/src/main.c @@ -130,10 +130,11 @@ API struct adaptived_ctx *adaptived_init(const char * const config_file) API void adaptived_release(struct adaptived_ctx **ctx) { - cleanup(*ctx); + if (ctx == NULL) + return; - if (*ctx) - free(*ctx); + cleanup(*ctx); + free(*ctx); (*ctx) = NULL; } From 7782068a7c8b6d351ef2d5eea4723a24660f1c6f Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 14:59:42 -0600 Subject: [PATCH 13/28] parse: Fix coverity warning in adaptived_parse_string() Fix the following coverity warning in adaptived_parse_string() by checking for a NULL pointer in value and *value in separate checks. 512055 Dereference after null check Either the check against null is unnecessary, or there may be a null pointer dereference. In adaptived_parse_string: Pointer is checked against null but then dereferenced anyway (CWE-476) Signed-off-by: Tom Hromatka --- adaptived/src/parse.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/adaptived/src/parse.c b/adaptived/src/parse.c index 84789fe..52d3983 100644 --- a/adaptived/src/parse.c +++ b/adaptived/src/parse.c @@ -64,7 +64,7 @@ API int adaptived_parse_string(struct json_object * const obj, const char * cons json_bool exists; int ret = 0; - if (!value && !(*value)) { + if (!value) { ret = -EINVAL; goto error; } @@ -86,6 +86,9 @@ API int adaptived_parse_string(struct json_object * const obj, const char * cons return ret; error: + if (value) + (*value) = NULL; + return ret; } From 49a2e6a71e986cd369a3f9d2dbfc0e61b4aeb3e7 Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 15:01:48 -0600 Subject: [PATCH 14/28] effects: Fix coverity warning in logger_main() Fix the following coverity warning in logger_main() by removing the dead code. 512054 Logically dead code The indicated dead code may have performed some action; that action will never occur. In logger_main: Code can never be reached because of a logical contradiction (CWE-561) Signed-off-by: Tom Hromatka --- adaptived/src/effects/logger.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/adaptived/src/effects/logger.c b/adaptived/src/effects/logger.c index f282334..cfb2de7 100644 --- a/adaptived/src/effects/logger.c +++ b/adaptived/src/effects/logger.c @@ -299,11 +299,10 @@ int logger_main(struct adaptived_effect * const eff) strftime(dateline, FILENAME_MAX, opts->date_format, localtime(&now)); strcpy(&separator[strlen(separator)], dateline); } - if (opts->separator_postfix) { + + if (opts->separator_postfix) strcpy(&separator[strlen(separator)], opts->separator_postfix); - if (ret < 0) - goto error; - } + adaptived_dbg("%s: separator = %s\n", __func__, separator); write = fwrite(separator, 1, strlen(separator), log); From c766ccc596cc995c0cabc0ac4b67db6bb06444d1 Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 15:03:16 -0600 Subject: [PATCH 15/28] parse: Fix coverity warning in adaptived_parse_float() Fix the following coverity warning by checking for a null pointer in value and *value in separate checks 512052 Dereference after null check Either the check against null is unnecessary, or there may be a null pointer dereference. In adaptived_parse_float: Pointer is checked against null but then dereferenced anyway (CWE-476) Signed-off-by: Tom Hromatka --- adaptived/src/parse.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/adaptived/src/parse.c b/adaptived/src/parse.c index 52d3983..5f82436 100644 --- a/adaptived/src/parse.c +++ b/adaptived/src/parse.c @@ -124,7 +124,7 @@ API int adaptived_parse_float(struct json_object * const obj, const char * const int ret = 0; char *end; - if (!value && !(*value)) { + if (!value) { ret = -EINVAL; goto error; } From b45179f8322309b409c57c23ad5ae234576c3d1f Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 15:05:53 -0600 Subject: [PATCH 16/28] effects: Fix coverity warning in logger_main() Fix the following coverity warning in logger main by utilizing '%ld' rather than '%d' 512047 Invalid type in argument to printf format specifier An argument with the wrong type was passed to a format specifier, leading to undefined behavior. In logger_main: An argument with the wrong type was passed to a print format specifier. (CWE-686) Signed-off-by: Tom Hromatka --- adaptived/src/effects/logger.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/adaptived/src/effects/logger.c b/adaptived/src/effects/logger.c index cfb2de7..d48be95 100644 --- a/adaptived/src/effects/logger.c +++ b/adaptived/src/effects/logger.c @@ -363,8 +363,8 @@ int logger_main(struct adaptived_effect * const eff) } write = fwrite(separator, 1, strlen(separator), log); if (write != strlen(separator)) { - adaptived_err("logger_main: amount written (%d) != " - "strlen(separator) (%d)\n", write, strlen(separator)); + adaptived_err("logger_main: amount written (%ld) != " + "strlen(separator) (%ld)\n", write, strlen(separator)); ret = -EINVAL; goto error; } From a8c7fc142d3fd4a7595c128a276849941e185569 Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 15:07:18 -0600 Subject: [PATCH 17/28] utils: Fix coverity warning in adaptived_cgroup_set_ll() Fix the following coverity warning in adaptived_cgroup_set_ll() by changing bytes_written to type ssize_t. 512046 Unsigned compared against 0 An unsigned value can never be negative, so this test will always evaluate the same way. In adaptived_cgroup_set_ll: An unsigned value can never be less than 0 (CWE-570) Signed-off-by: Tom Hromatka --- adaptived/src/utils/cgroup_utils.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/adaptived/src/utils/cgroup_utils.c b/adaptived/src/utils/cgroup_utils.c index 7b0ae73..b6583dc 100644 --- a/adaptived/src/utils/cgroup_utils.c +++ b/adaptived/src/utils/cgroup_utils.c @@ -44,7 +44,7 @@ API int adaptived_cgroup_set_ll(const char * const setting, long long value, uint32_t flags) { long long validate_value; - size_t bytes_written; + ssize_t bytes_written; char buf[LL_MAX]; int ret = 0; int fd; From 568c18e3efca270c48129485e434e47a644e9374 Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 15:14:25 -0600 Subject: [PATCH 18/28] parse: Fix coverity warning in parse_config() Fix the following coverity warning in parse_config() by utilizing '%ld' rather than '%d' 512043 Invalid type in argument to printf format specifier An argument with the wrong type was passed to a format specifier, leading to undefined behavior. In parse_config: An argument with the wrong type was passed to a print format specifier. (CWE-686) Signed-off-by: Tom Hromatka --- adaptived/src/parse.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/adaptived/src/parse.c b/adaptived/src/parse.c index 5f82436..765539e 100644 --- a/adaptived/src/parse.c +++ b/adaptived/src/parse.c @@ -681,7 +681,7 @@ int parse_config(struct adaptived_ctx * const ctx) chars_read = fread(buf, sizeof(char), config_size, config_fd); if (chars_read != config_size) { - adaptived_err("Expected to read %d bytes but read %d bytes\n", + adaptived_err("Expected to read %ld bytes but read %ld bytes\n", config_size, chars_read); ret = -EIO; goto out; From 161e873a2632d8f6f692fcb8ed47ecae83816d63 Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 15:15:34 -0600 Subject: [PATCH 19/28] parse: Fix coverity warning in adaptived_parse_int() Fix the following coverity warning in adaptived_parse_int() by checking for a NULL pointer in value and *value in separate checks 512041 Dereference after null check Either the check against null is unnecessary, or there may be a null pointer dereference. In adaptived_parse_int: Pointer is checked against null but then dereferenced anyway (CWE-476) Signed-off-by: Tom Hromatka --- adaptived/src/parse.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/adaptived/src/parse.c b/adaptived/src/parse.c index 765539e..7c56152 100644 --- a/adaptived/src/parse.c +++ b/adaptived/src/parse.c @@ -98,7 +98,7 @@ API int adaptived_parse_int(struct json_object * const obj, const char * const k int ret = 0; char *end; - if (!value && !(*value)) { + if (!value) { ret = -EINVAL; goto error; } From b861ec51c0fa36637d9b93db0f772d7c109fceac Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 15:21:38 -0600 Subject: [PATCH 20/28] utils: Fix coverity warning in adaptived_path_walk_next() Fix the following coverity warning by performing the proper null check in adaptived_path_walk_next() 512033 Logically dead code The indicated dead code may have performed some action; that action will never occur. In adaptived_path_walk_next: Code can never be reached because of a logical contradiction (CWE-561) Signed-off-by: Tom Hromatka --- adaptived/src/utils/path_utils.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/adaptived/src/utils/path_utils.c b/adaptived/src/utils/path_utils.c index 2812f60..da3f097 100644 --- a/adaptived/src/utils/path_utils.c +++ b/adaptived/src/utils/path_utils.c @@ -245,7 +245,7 @@ API int adaptived_path_walk_next(struct adaptived_path_walk_handle **handle, cha path_len = strlen(whandle->path) + strlen(de->d_name) + 2; *path = malloc(sizeof(char) * path_len); - if (!path) + if (!(*path)) return -ENOMEM; sprintf(*path, "%s/%s", whandle->path, de->d_name); From db59bb3318e76ce325fdae48bfc9f849ebdfe7cc Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 15:23:31 -0600 Subject: [PATCH 21/28] adaptived: Fix coverity warning in adaptived_loop() Fix the following coverity warning by obtaining the ctx_mutex prior to reading the ctx->daemon_mode variable. 512032 Data race condition The value of the shared data will be determined by the interleaving of thread execution. In adaptived_loop: Thread shared data is accessed without holding an appropriate lock, possibly causing a race condition (CWE-366) Signed-off-by: Tom Hromatka --- adaptived/src/main.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/adaptived/src/main.c b/adaptived/src/main.c index 1504d29..6b793c4 100644 --- a/adaptived/src/main.c +++ b/adaptived/src/main.c @@ -441,18 +441,22 @@ API int adaptived_loop(struct adaptived_ctx * const ctx, bool parse) if (ret) return ret; } + + pthread_mutex_lock(&ctx->ctx_mutex); if (ctx->daemon_mode) { adaptived_dbg("adaptived_loop: Try to run as daemon, nochdir = %d, noclose = %d\n", ctx->daemon_nochdir, ctx->daemon_noclose); ret = daemon(ctx->daemon_nochdir, ctx->daemon_noclose); if (ret) { adaptived_err("Failed to become daemon: %d.\n", errno); + pthread_mutex_unlock(&ctx->ctx_mutex); return -errno; } adaptived_dbg("adaptived_loop: running as daemon.\n"); } else { adaptived_dbg("adaptived_loop: Debug mode. Skip running as daemon.\n"); } + pthread_mutex_unlock(&ctx->ctx_mutex); ctx->loop_cnt = 0; From b3018e87c4f352e3d2985886c4b75152d91b3e71 Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 15:25:58 -0600 Subject: [PATCH 22/28] effects: Fix coverity warning in snooze_main() Fix the following coverity warning in snooze_main() 512030 Result is not floating-point The result of the division is truncated to an integer (a whole number), which is usually a loss of precision in a calculation. In snooze_main: When dividing two values of integer types, integer division is used, which ignores any remainder. When such a result is used in a context expecting a floating-point number, it is likely that floating-point division was intended. Signed-off-by: Tom Hromatka --- adaptived/src/effects/snooze.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/adaptived/src/effects/snooze.c b/adaptived/src/effects/snooze.c index fdaaba6..f8024cf 100644 --- a/adaptived/src/effects/snooze.c +++ b/adaptived/src/effects/snooze.c @@ -81,7 +81,7 @@ int snooze_main(struct adaptived_effect * const eff) diff = difftime(cur_time, opts->prev_trigger); adaptived_dbg("Snooze duration: %d, Current diff: %.0lf\n", opts->duration, diff); - if (diff < (double)(opts->duration / 1000)) + if (diff < (double)(opts->duration / 1000.0f)) /* inform adaptived to skip the remaining effects in this rule */ return -EALREADY; From b11454d3dab8afa8720337d39527da2472876080 Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 15:27:27 -0600 Subject: [PATCH 23/28] parse: Fix coverity warning in adaptived_parse_long_long() Fix the following coverity warning in adaptived_parse_long_long() by checking for a NULL in value and *value in separate checks. 512029 Dereference after null check Either the check against null is unnecessary, or there may be a null pointer dereference. In adaptived_parse_long_long: Pointer is checked against null but then dereferenced anyway (CWE-476) Signed-off-by: Tom Hromatka --- adaptived/src/parse.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/adaptived/src/parse.c b/adaptived/src/parse.c index 7c56152..d81aa91 100644 --- a/adaptived/src/parse.c +++ b/adaptived/src/parse.c @@ -150,7 +150,7 @@ API int adaptived_parse_long_long(struct json_object * const obj, const char * c int ret = 0; char *end; - if (!value && !(*value)) { + if (!value) { ret = -EINVAL; goto error; } From 9f7bc39cd0943ef9db03d27cf687f312139e53ab Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 15:31:21 -0600 Subject: [PATCH 24/28] adaptived: Fix coverity warning in adaptived_loop() Fix wrong parameter coverity warning in adaptived_loop() by changing "%d" to "%ld" 512027 Invalid type in argument to printf format specifier An argument with the wrong type was passed to a format specifier, leading to undefined behavior. In adaptived_loop: An argument with the wrong type was passed to a print format specifier. (CWE-686) Signed-off-by: Tom Hromatka --- adaptived/src/main.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/adaptived/src/main.c b/adaptived/src/main.c index 6b793c4..0b3f8e0 100644 --- a/adaptived/src/main.c +++ b/adaptived/src/main.c @@ -551,7 +551,8 @@ API int adaptived_loop(struct adaptived_ctx * const ctx, bool parse) if (!skip_sleep) { sleep.tv_sec = interval / 1000; sleep.tv_nsec = (interval % 1000) * 1000000LL; - adaptived_dbg("sleeping for %d seconds and %ld nanoseconds\n", sleep.tv_sec, sleep.tv_nsec); + adaptived_dbg("sleeping for %ld seconds and %ld nanoseconds\n", + sleep.tv_sec, sleep.tv_nsec); ret = nanosleep(&sleep, NULL); if (ret) From 126931a19f1db9f5de1993097ac9ba5f74ffb48b Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 15:35:52 -0600 Subject: [PATCH 25/28] effects: Fix coverity warning in kill_processes_init() Fix the following coverity warning in kill_processes_init() by checking that opts is non-null prior to freeing it. 512024 Dereference after null check Either the check against null is unnecessary, or there may be a null pointer dereference. In _kill_processes_init: Pointer is checked against null but then dereferenced anyway (CWE-476) Signed-off-by: Tom Hromatka --- adaptived/src/effects/kill_processes.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/adaptived/src/effects/kill_processes.c b/adaptived/src/effects/kill_processes.c index 36cf2c0..d672b82 100644 --- a/adaptived/src/effects/kill_processes.c +++ b/adaptived/src/effects/kill_processes.c @@ -165,7 +165,8 @@ static int _kill_processes_init(struct adaptived_effect * const eff, struct json return ret; error: - free_opts(opts); + if (opts) + free_opts(opts); return ret; } From 4975a9dd9104c187d52da7e0d4050fcada38f283 Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 16:36:20 -0600 Subject: [PATCH 26/28] effects: Fix coverity warning in logger_main() Fix coverity warning in logger main by utilizing "%ld" rather than "%d" 512047 Invalid type in argument to printf format specifier An argument with the wrong type was passed to a format specifier, leading to undefined behavior. In logger_main: An argument with the wrong type was passed to a print format specifier. (CWE-686) Signed-off-by: Tom Hromatka --- adaptived/src/effects/logger.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/adaptived/src/effects/logger.c b/adaptived/src/effects/logger.c index d48be95..a9e4aa5 100644 --- a/adaptived/src/effects/logger.c +++ b/adaptived/src/effects/logger.c @@ -307,7 +307,7 @@ int logger_main(struct adaptived_effect * const eff) write = fwrite(separator, 1, strlen(separator), log); if (write != strlen(separator)) { - adaptived_err("logger_main: amount written (%d) != strlen(separator) (%d)\n", + adaptived_err("logger_main: amount written (%ld) != strlen(separator) (%ld)\n", write, strlen(separator)); ret = -EINVAL; goto error; From 72a3b9cfe49ac767fcf6d1b0442f18262211b9c7 Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 16:49:12 -0600 Subject: [PATCH 27/28] effects: Fix coverity warning in logger_main() Fix coverity warning in logger main by utilizing "%ld" instead of "%d" 512047 Invalid type in argument to printf format specifier An argument with the wrong type was passed to a format specifier, leading to undefined behavior. In logger_main: An argument with the wrong type was passed to a print format specifier. (CWE-686) Signed-off-by: Tom Hromatka --- adaptived/src/effects/logger.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/adaptived/src/effects/logger.c b/adaptived/src/effects/logger.c index a9e4aa5..f84514d 100644 --- a/adaptived/src/effects/logger.c +++ b/adaptived/src/effects/logger.c @@ -370,8 +370,8 @@ int logger_main(struct adaptived_effect * const eff) } write = fwrite(buf, 1, strlen(buf), log); if (write != strlen(buf)) { - adaptived_err("logger_main: amount written (%d) != " - "strlen(buf) (%d) of %s\n", + adaptived_err("logger_main: amount written (%ld) != " + "strlen(buf) (%ld) of %s\n", write, strlen(buf), filep->filename); ret = -EINVAL; goto error; From 6eac631ed039dac2917438495bd3087c6f64776f Mon Sep 17 00:00:00 2001 From: Tom Hromatka Date: Fri, 1 Nov 2024 19:44:39 -0600 Subject: [PATCH 28/28] utils: Fix coverity warning in handle_special_properties() Fix coverity warning in handle_special_properties() by converting the percent variable to unsigned. 512039 Overflowed constant The overflowed value due to arithmetic on constants is too small or unexpectedly negative, causing incorrect computations. In handle_special_properties: Integer overflow occurs in arithmetic on constant operands (CWE-190) Signed-off-by: Tom Hromatka --- adaptived/src/utils/sd_bus_utils.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/adaptived/src/utils/sd_bus_utils.c b/adaptived/src/utils/sd_bus_utils.c index b962259..1896ff5 100644 --- a/adaptived/src/utils/sd_bus_utils.c +++ b/adaptived/src/utils/sd_bus_utils.c @@ -107,10 +107,10 @@ static int handle_special_properties(sd_bus_message *m, const char *property, co x = UINT64_MAX; } else if (strcmp(real_property, "CPUQuotaPerSecUSec") == 0){ if (endswith(value->value.str_value, "%")) { - int percent = -1; + unsigned int percent; items = sscanf(value->value.str_value, "%d%%", &percent); - if ((items != 1) || (percent == -1)) { + if (items != 1) { adaptived_err("%s: sd_bus_message_append() failed, r=%d\n", __func__, r); return -EINVAL;