Rooba
/
boinc
mirror of https://github.com/BOINC/boinc.git
1
0
Fork 0
Code Issues 1 Packages Projects Releases Wiki Activity

Merge pull request #1418 from BOINC/fix_defects_server 

Fix Coverity defects in server component
This commit is contained in:
Christian Beer 2015-11-11 08:38:03 +01:00
parent 3077f0e27d 4eec734bc4
commit 5b31d68ec1
37 changed files with 245 additions and 94 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
coverity-model.cpp Normal file
View File

@ -0,0 +1,42 @@
// This file is part of BOINC.
// http://boinc.berkeley.edu
// Copyright (C) 2015 University of California
//
// BOINC is free software; you can redistribute it and/or modify it
// under the terms of the GNU Lesser General Public License
// as published by the Free Software Foundation,
// either version 3 of the License, or (at your option) any later version.
//
// BOINC is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
// See the GNU Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public License
// along with BOINC. If not, see <http://www.gnu.org/licenses/>.
/*
* Coverity Scan Modeling file for BOINC
*
* This defines behaviour of functions that Coverity Scan is not aware of.
*
* For how to create a model see:
* https://scan.coverity.com/tune and https://scan.coverity.com/models#overriding
*
* If you add anything here it has no immediate effect. A user with the
* Maintainer/Owner role on scan.coverity.com has to upload the file to
* https://scan.coverity.com/projects/boinc-boinc?tab=analysis_settings
*
**/
// the dir string is kind of sanitized here
// prevents tainted string defects involving SCHED_CONFIG::project_path()
//
bool is_project_dir(const char *dir) {
bool ok_string;
if (ok_string == true) {
__coverity_tainted_string_sanitize_content__((void*)dir);
return true;
}
return false;
}

2
sched/adjust_user_priority.cpp
View File

@ -80,7 +80,7 @@ int main(int argc, char** argv) {
}
DB_APP app;
sprintf(buf, "where name='%s'", app_name);
snprintf(buf, sizeof(buf), "where name='%s'", app_name);
retval = app.lookup(buf);
if (retval) {
fprintf(stderr, "no such app %s\n", argv[3]);

1
sched/assimilator.cpp
View File

@ -318,6 +318,7 @@ int main(int argc, char** argv) {
log_messages.printf(MSG_NORMAL, "Starting assimilator handler\n");
install_stop_signal_handler();
// coverity[loop_top] - infinite loop is intended
do {
if (!do_pass(app)) {
if (!one_pass) {

53
sched/db_dump.cpp
View File

@ -225,6 +225,7 @@ public:
log_messages.printf(MSG_CRITICAL,
"Couldn't open %s for output\n", filename
);
exit(ERR_FOPEN);
}
fprintf(f,
"<?xml version=\"1.0\" encoding=\"iso-8859-1\"?>\n<%s>\n", tag.c_str()
@ -485,11 +486,11 @@ void write_user(USER& user, FILE* f, bool /*detail*/) {
void write_badge_user(char* output_dir) {
DB_BADGE_USER bu;
char path[MAXPATHLEN];
ZFILE* f = new ZFILE("badge_users", COMPRESSION_GZIP);
ZFILE zf("badge_users", COMPRESSION_GZIP);
sprintf(path, "%s/badge_user", output_dir);
f->open(path);
zf.open(path);
while (!bu.enumerate("")) {
fprintf(f->f,
fprintf(zf.f,
" <badge_user>\n"
" <user_id>%lu</user_id>\n"
" <badge_id>%lu</badge_id>\n"
@ -500,17 +501,17 @@ void write_badge_user(char* output_dir) {
bu.create_time
);
}
f->close();
zf.close();
}
void write_badge_team(char* output_dir) {
DB_BADGE_TEAM bt;
char path[MAXPATHLEN];
ZFILE* f = new ZFILE("badge_teams", COMPRESSION_GZIP);
ZFILE zf("badge_teams", COMPRESSION_GZIP);
sprintf(path, "%s/badge_team", output_dir);
f->open(path);
zf.open(path);
while (!bt.enumerate("")) {
fprintf(f->f,
fprintf(zf.f,
" <badge_team>\n"
" <team_id>%lu</team_id>\n"
" <badge_id>%lu</badge_id>\n"
@ -521,7 +522,7 @@ void write_badge_team(char* output_dir) {
bt.create_time
);
}
f->close();
zf.close();
}
void write_team(TEAM& team, FILE* f, bool detail) {
@ -681,23 +682,23 @@ void print_badges(FILE* f) {
int tables_file(char* dir) {
char buf[256];
ZFILE f("tables", false);
ZFILE zf("tables", false);
sprintf(buf, "%s/tables.xml", dir);
f.open(buf);
fprintf(f.f,
zf.open(buf);
fprintf(zf.f,
" <update_time>%d</update_time>\n",
(int)time(0)
);
if (config.credit_by_app) {
fprintf(f.f, " <credit_by_app/>\n");
fprintf(zf.f, " <credit_by_app/>\n");
}
if (nusers) fprintf(f.f, " <nusers_total>%d</nusers_total>\n", nusers);
if (nteams) fprintf(f.f, " <nteams_total>%d</nteams_total>\n", nteams);
if (nhosts) fprintf(f.f, " <nhosts_total>%d</nhosts_total>\n", nhosts);
if (total_credit) fprintf(f.f, " <total_credit>%lf</total_credit>\n", total_credit);
print_apps(f.f);
print_badges(f.f);
f.close();
if (nusers) fprintf(zf.f, " <nusers_total>%d</nusers_total>\n", nusers);
if (nteams) fprintf(zf.f, " <nteams_total>%d</nteams_total>\n", nteams);
if (nhosts) fprintf(zf.f, " <nhosts_total>%d</nhosts_total>\n", nhosts);
if (total_credit) fprintf(zf.f, " <total_credit>%lf</total_credit>\n", total_credit);
print_apps(zf.f);
print_badges(zf.f);
zf.close();
return 0;
}
@ -818,8 +819,14 @@ int ENUMERATION::make_it_happen(char* output_dir) {
}
for (i=0; i<outputs.size(); i++) {
OUTPUT& out = outputs[i];
if (out.zfile) out.zfile->close();
if (out.nzfile) out.nzfile->close();
if (out.zfile) {
out.zfile->close();
delete out.zfile;
}
if (out.nzfile) {
out.nzfile->close();
delete out.nzfile;
}
}
return 0;
}
@ -870,6 +877,8 @@ int main(int argc, char** argv) {
exit(1);
}
retry_period = atoi(argv[i]);
if (retry_period < 0) retry_period = 0;
if (retry_period > 1000000) retry_period = 1000000;
} else if (is_arg(argv[i], "d") || is_arg(argv[i], "debug_level")) {
if (!argv[++i]) {
log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]);
@ -988,7 +997,7 @@ int main(int argc, char** argv) {
write_badge_team(spec.output_dir);
}
sprintf(buf, "cp %s %s/db_dump.xml", spec_filename, spec.output_dir);
snprintf(buf, sizeof(buf), "cp %s %s/db_dump.xml", spec_filename, spec.output_dir);
retval = system(buf);
if (retval) {
log_messages.printf(MSG_CRITICAL,

10
sched/db_purge.cpp
View File

@ -138,15 +138,15 @@ void open_archive(const char* filename_prefix, FILE*& f){
);
}
// append appropriate suffix for file type
strcat(path, suffix[compression_type]);
safe_strcat(path, suffix[compression_type]);
// and construct appropriate command if needed
if (compression_type == COMPRESSION_GZIP) {
sprintf(command, "gzip - > %s", path);
snprintf(command, sizeof(command), "gzip - > %s", path);
}
if (compression_type == COMPRESSION_ZIP) {
sprintf(command, "zip - - > %s", path);
snprintf(command, sizeof(command), "zip - - > %s", path);
}
log_messages.printf(MSG_NORMAL,
@ -213,7 +213,7 @@ void close_archive(const char *filename, FILE*& fp){
);
}
// append appropriate file type
strcat(path, suffix[compression_type]);
safe_strcat(path, suffix[compression_type]);
log_messages.printf(MSG_NORMAL,
"Closed archive file %s containing records of %d workunits\n",
@ -731,7 +731,7 @@ int main(int argc, char** argv) {
id_modulus = atoi(argv[++i]);
id_remainder = atoi(argv[++i]);
} else if (is_arg(argv[i], "app")) {
strcpy(app_name, argv[++i]);
safe_strcpy(app_name, argv[++i]);
} else {
log_messages.printf(MSG_CRITICAL,
"unknown command line argument: %s\n\n", argv[i]

15
sched/edf_sim.h
View File

@ -36,14 +36,23 @@ struct IP_RESULT {
bool misses_deadline;
double estimated_completion_time;
IP_RESULT() {}
void init() {
strcpy(name, "");
computation_deadline = 0;
report_deadline = 0;
cpu_time_remaining = 0;
misses_deadline = false;
estimated_completion_time = 0;
}
IP_RESULT() {
init();
}
IP_RESULT(const char* n, double d, double c) {
init();
safe_strcpy(name, n);
report_deadline = d;
computation_deadline = d;
cpu_time_remaining = c;
misses_deadline = false;
estimated_completion_time = 0;
}
};

15
sched/feeder.cpp
View File

@ -414,8 +414,12 @@ static void update_job_stats() {
sum += e;
sum_sqr += e*e;
}
double mean = sum/n;
double stdev = sqrt((sum_sqr - sum*mean)/n);
double mean = 0;
double stdev = 1;
if (n != 0) {
mean = sum/n;
stdev = sqrt((sum_sqr - sum*mean)/n);
}
for (i=0; i<ssp->max_wu_results; i++) {
WU_RESULT& wu_result = ssp->wu_results[i];
if (wu_result.state != WR_STATE_PRESENT) continue;
@ -556,10 +560,7 @@ void feeder_loop() {
// may need one enumeration per app; create vector
//
for (int i=0; i<napps; i++) {
DB_WORK_ITEM* wi = new DB_WORK_ITEM();
work_items.push_back(*wi);
}
work_items.resize(napps);
while (1) {
bool action;
@ -774,7 +775,7 @@ int main(int argc, char** argv) {
exit(1);
}
strcat(mod_select_clause, " and workunit.appid in (");
strcat(mod_select_clause, argv[i]);
safe_strcat(mod_select_clause, argv[i]);
strcat(mod_select_clause, ")");
} else if (is_arg(argv[i], "mod")) {
if (!argv[i+1] || !argv[i+2]) {

3
sched/file_deleter.cpp
View File

@ -372,7 +372,7 @@ bool do_pass(bool retry_error) {
if (xml_doc_like) {
strcat(clause, " and xml_doc like '");
strcat(clause, xml_doc_like);
safe_strcat(clause, xml_doc_like);
strcat(clause, "'");
}
sprintf(buf,
@ -597,6 +597,7 @@ int main(int argc, char** argv) {
bool retry_errors_now = !dont_retry_errors;
double next_error_time=0;
// coverity[loop_top] - infinite loop is intended
while (1) {
bool got_any = do_pass(false);
if (retry_errors_now) {

32
sched/file_upload_handler.cpp
View File

@ -154,6 +154,7 @@ int copy_socket_to_file(FILE* in, char* path, double offset, double nbytes) {
// Advisory file locking is not guaranteed reliable when
// used with stream buffered IO.
//
// coverity[toctou]
fd = open(path,
O_WRONLY|O_CREAT,
S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH
@ -209,7 +210,18 @@ int copy_socket_to_file(FILE* in, char* path, double offset, double nbytes) {
path, (int)sbuf.st_size, offset
);
}
if (offset) lseek(fd, offset, SEEK_SET);
if (offset) {
if (-1 == lseek(fd, offset, SEEK_SET)) {
log_messages.printf(MSG_CRITICAL,
"lseek(%s, %.0f) failed: %s (%d).\n",
this_filename, offset, strerror(errno), errno
);
close(fd);
return return_error(ERR_TRANSIENT,
"can't resume partial file %s: %s\n", path, strerror(errno)
);
}
}
if (sbuf.st_size > offset) {
log_messages.printf(MSG_CRITICAL,
"file %s length on disk %d bytes; host upload starting at %.0f bytes.\n",
@ -538,7 +550,6 @@ int handle_request(FILE* in, R_RSA_PUBLIC_KEY& key) {
char buf[256];
char file_name[256];
int major, minor, release, retval=0;
bool got_version = true;
bool did_something = false;
double start_time = dtime();
@ -554,23 +565,14 @@ int handle_request(FILE* in, R_RSA_PUBLIC_KEY& key) {
} else if (parse_int(buf, "<core_client_release>", release)) {
continue;
} else if (match_tag(buf, "<file_upload>")) {
if (!got_version) {
retval = return_error(ERR_PERMANENT, "Missing version");
} else {
retval = handle_file_upload(in, key);
}
retval = handle_file_upload(in, key);
did_something = true;
break;
} else if (parse_str(buf, "<get_file_size>", file_name, sizeof(file_name))) {
if (strstr(file_name, "..")) {
return return_error(ERR_PERMANENT, "Bad filename");
}
if (!got_version) {
retval = return_error(ERR_PERMANENT, "Missing version");
} else {
retval = handle_get_file_size(file_name);
}
retval = handle_get_file_size(file_name);
did_something = true;
break;
} else if (match_tag(buf, "<data_server_request>")) {
@ -683,7 +685,9 @@ int main(int argc, char *argv[]) {
installer();
get_log_path(log_path, "file_upload_handler.log");
if (get_log_path(log_path, "file_upload_handler.log") == ERR_MKDIR) {
fprintf(stderr, "Can't create log directory '%s' (errno: %d)\n", log_path, errno);
}
#ifndef _USING_FCGI_
if (!freopen(log_path, "a", stderr)) {
fprintf(stderr, "Can't open log file '%s' (errno: %d)\n",

1
sched/message_handler.cpp
View File

@ -116,6 +116,7 @@ int main_loop(bool one_pass) {
exit(1);
}
*/
// coverity[loop_top] - infinite loop is intended
while (1) {
check_stop_daemons();
did_something = do_message_scan();

1
sched/sample_assimilator.cpp
View File

@ -91,6 +91,7 @@ int assimilate_handler(
"sample_results/%s_%s", wu.name, "no_output_files"
);
FILE* f = fopen(copy_path, "w");
if (!f) return ERR_FOPEN;
fclose(f);
}
} else {

1
sched/sample_bitwise_validator.cpp
View File

@ -81,6 +81,7 @@ int init_result(RESULT& result, void*& data) {
"[RESULT#%lu %s] check_set: can't get output filenames\n",
result.id, result.name
);
delete fcl;
return retval;
}

4
sched/sample_work_generator.cpp
View File

@ -242,13 +242,13 @@ int main(int argc, char** argv) {
exit(1);
}
sprintf(buf, "where name='%s'", app_name);
snprintf(buf, sizeof(buf), "where name='%s'", app_name);
if (app.lookup(buf)) {
log_messages.printf(MSG_CRITICAL, "can't find app %s\n", app_name);
exit(1);
}
sprintf(buf, "templates/%s", in_template_file);
snprintf(buf, sizeof(buf), "templates/%s", in_template_file);
if (read_file_malloc(config.project_path(buf), in_template)) {
log_messages.printf(MSG_CRITICAL, "can't read input template %s\n", buf);
exit(1);

2
sched/sched_array.cpp
View File

@ -437,7 +437,7 @@ void send_work_old() {
"[send_scan] scanning for jobs from non-preferred applications\n"
);
}
scan_work_array();
if (scan_work_array()) return;
}
}

4
sched/sched_config.cpp
View File

@ -374,9 +374,9 @@ int SCHED_CONFIG::download_path(const char* filename, char* path) {
static bool is_project_dir(const char* dir) {
char buf[1024];
sprintf(buf, "%s/%s", dir, CONFIG_FILE);
snprintf(buf, sizeof(buf), "%s/%s", dir, CONFIG_FILE);
if (!is_file_follow_symlinks(buf)) return false;
sprintf(buf, "%s/cgi-bin", dir);
snprintf(buf, sizeof(buf), "%s/cgi-bin", dir);
if (!is_dir_follow_symlinks(buf)) return false;
return true;
}

8
sched/sched_driver.cpp
View File

@ -74,14 +74,14 @@ void read_hosts() {
HOST_DESC hd;
safe_strcpy(buf2, buf);
char* p1 = strtok(buf2, "\t\n");
safe_strcpy(hd.os_name, p1);
char* p2 = strtok(0, "\t\n");
safe_strcpy(hd.p_vendor, p2);
char* p3 = strtok(0, "\t\n");
if (!p3) {
if (!p1 || !p2 || !p3) {
fprintf(stderr, "bad line: %s\n", buf);
exit(1);
}
safe_strcpy(hd.os_name, p1);
safe_strcpy(hd.p_vendor, p2);
safe_strcpy(hd.p_model, p3);
host_descs.push_back(hd);
}
@ -164,6 +164,8 @@ int main(int argc, char** argv) {
exit(1);
}
nrequests = atoi(argv[i]);
if (nrequests < 0) nrequests = 0;
if (nrequests > 10000000) nrequests = 10000000;
}
else if (!strcmp(argv[i], "--reqs_per_second")) {
if (!argv[++i]) {

4
sched/sched_main.cpp
View File

@ -429,7 +429,9 @@ int main(int argc, char** argv) {
}
} else {
char *stderr_buffer;
get_log_path(path, "scheduler.log");
if (get_log_path(path, "scheduler.log") == ERR_MKDIR) {
fprintf(stderr, "Can't create log directory '%s' (errno: %d)\n", path, errno);
}
#ifndef _USING_FCGI_
char buf[256];
if (!freopen(path, "a", stderr)) {

1
sched/sched_send.cpp
View File

@ -573,6 +573,7 @@ static int insert_after(char* buffer, const char* after, const char* text) {
return ERR_XML_PARSE;
}
p += strlen(after);
// coverity[fixed_size_dest]
strcpy(temp, p);
strcpy(p, text);
strcat(p, temp);

54
sched/sched_types.cpp
View File

@ -177,6 +177,48 @@ void WORK_REQ::add_no_work_message(const char* message) {
no_work_messages.push_back(USER_MESSAGE(message, "notice"));
}
SCHEDULER_REQUEST::SCHEDULER_REQUEST() {
clear();
}
void SCHEDULER_REQUEST::clear() {
strcpy(authenticator, "");
strcpy(cross_project_id, "");
hostid = 0;
core_client_major_version = 0;
core_client_minor_version = 0;
core_client_release = 0;
core_client_version = 0;
rpc_seqno = 0;
work_req_seconds = 0;
cpu_req_secs = 0;
cpu_req_instances = 0;
resource_share_fraction = 0;
rrs_fraction = 0;
prrs_fraction = 0;
cpu_estimated_delay = 0;
duration_correction_factor = 0;
uptime = 0;
previous_uptime = 0;
strcpy(global_prefs_xml, "");
strcpy(working_global_prefs_xml, "");
strcpy(code_sign_key, "");
dont_send_work = false;
strcpy(client_brand, "");
global_prefs.defaults();
strcpy(global_prefs_source_email_hash, "");
results_truncated = false;
have_other_results_list = false;
have_ip_results_list = false;
have_time_stats_log = false;
client_cap_plan_class = false;
sandbox = -1;
allow_multiple_clients = -1;
using_weak_auth = false;
last_rpc_dayofyear = 0;
current_rpc_dayofyear = 0;
}
// return an error message or NULL
//
const char* SCHEDULER_REQUEST::parse(XML_PARSER& xp) {
@ -220,7 +262,9 @@ const char* SCHEDULER_REQUEST::parse(XML_PARSER& xp) {
return "xp.get_tag() failed";
}
if (xp.match_tag("?xml")) {
xp.get_tag();
if (xp.get_tag()) {
return "xp.get_tag() failed";
}
}
if (!xp.match_tag("scheduler_request")) return "no start tag";
while (!xp.get_tag()) {
@ -326,8 +370,12 @@ const char* SCHEDULER_REQUEST::parse(XML_PARSER& xp) {
continue;
}
if (xp.match_tag("time_stats_log")) {
handle_time_stats_log(xp.f->f);
have_time_stats_log = true;
if (handle_time_stats_log(xp.f->f)) {
log_messages.printf(MSG_NORMAL,
"SCHEDULER_REQUEST::parse(): Couldn't parse contents of <time_stats_log>. Ignoring it.");
} else {
have_time_stats_log = true;
}
continue;
}
if (xp.match_tag("net_stats")) {

7
sched/sched_types.h
View File

@ -182,9 +182,13 @@ struct BEST_APP_VERSION {
// get the HOST_APP_VERSION, if any
BEST_APP_VERSION() {
appid = 0;
for_64b_jobs = false;
present = false;
cavp = NULL;
avp = NULL;
reliable = false;
trusted = false;
}
};
@ -338,8 +342,9 @@ struct SCHEDULER_REQUEST {
int current_rpc_dayofyear;
std::string client_opaque;
SCHEDULER_REQUEST(){};
SCHEDULER_REQUEST();
~SCHEDULER_REQUEST(){};
void clear();
const char* parse(XML_PARSER&);
int write(FILE*); // write request info to file: not complete
};

21
sched/sched_util_basic.cpp
View File

@ -30,6 +30,7 @@
#include "filesys.h"
#include "md5_file.h"
#include "util.h"
#include "str_replace.h"
#include "sched_config.h"
#include "sched_msgs.h"
@ -143,7 +144,7 @@ int try_fopen(const char* path, FCGI_FILE*& f, const char *mode) {
return 0;
}
void get_log_path(char* p, const char* filename) {
int get_log_path(char* p, const char* filename) {
char host[256];
const char *dir;
@ -153,10 +154,13 @@ void get_log_path(char* p, const char* filename) {
dir = config.project_path("log_%s", host);
sprintf(p, "%s/%s", dir, filename);
mode_t old_mask = umask(0);
mkdir(dir, 01770);
// make log_x directory sticky and group-rwx
// so that whatever apache puts there will be owned by us
// make log_x directory sticky and group-rwx
// so that whatever apache puts there will be owned by us
int retval = mkdir(dir, 01770);
umask(old_mask);
if (retval && errno != EEXIST) return ERR_MKDIR;
return 0;
}
static void filename_hash(const char* filename, int fanout, char* dir) {
@ -176,13 +180,13 @@ int dir_hier_path(
int retval;
if (fanout==0) {
sprintf(path, "%s/%s", root, filename);
snprintf(path, MAXPATHLEN, "%s/%s", root, filename);
return 0;
}
filename_hash(filename, fanout, dir);
sprintf(dirpath, "%s/%s", root, dir);
snprintf(dirpath, MAXPATHLEN, "%s/%s", root, dir);
if (create) {
retval = boinc_mkdir(dirpath);
if (retval && (errno != EEXIST)) {
@ -192,7 +196,7 @@ int dir_hier_path(
return ERR_MKDIR;
}
}
sprintf(path, "%s/%s", dirpath, filename);
snprintf(path, MAXPATHLEN, "%s/%s", dirpath, filename);
return 0;
}
@ -229,6 +233,7 @@ int mylockf(int fd) {
// if lock failed, find out why
errno=0;
// coverity[check_return]
fcntl(fd, F_GETLK, &fl);
if (fl.l_pid>0) return fl.l_pid;
return -1;
@ -237,7 +242,7 @@ int mylockf(int fd) {
bool is_arg(const char* x, const char* y) {
char buf[256];
strcpy(buf, "--");
strcat(buf, y);
safe_strcat(buf, y);
if (!strcmp(buf, x)) return true;
if (!strcmp(buf+1, x)) return true;
return false;

2
sched/sched_util_basic.h
View File

@ -38,7 +38,7 @@ extern void daemon_sleep(int);
extern bool check_stop_sched();
extern void install_stop_signal_handler();
extern int try_fopen(const char* path, FILE*& f, const char* mode);
extern void get_log_path(char*, const char*);
extern int get_log_path(char*, const char*);
// convert filename to path in a hierarchical directory system
//

2
sched/sched_version.cpp
View File

@ -401,7 +401,7 @@ void estimate_flops(HOST_USAGE& hu, APP_VERSION& av) {
//
static void app_version_desc(BEST_APP_VERSION& bav, char* buf) {
if (!bav.present) {
safe_strcpy(buf, "none");
strcpy(buf, "none");
return;
}
if (bav.cavp) {

4
sched/single_job_assimilator.cpp
View File

@ -102,6 +102,10 @@ int assimilate_handler(
//
sprintf(filename, "%s/job_summary_%lu", job_dir, wu.id);
f = fopen(filename, "w");
if (!f) {
log_messages.printf(MSG_CRITICAL, "Can't open job summary file %s\n", filename);
return ERR_FOPEN;
}
// If job was successful, copy the output files
//

4
sched/size_regulator.cpp
View File

@ -83,6 +83,8 @@ int main(int argc, char** argv) {
log_messages.set_debug_level(atoi(argv[++i]));
} else if (!strcmp(argv[i], "--sleep_time")) {
sleep_time = atoi(argv[++i]);
if (sleep_time < 0) sleep_time = 0;
if (sleep_time > 1000000) sleep_time = 1000000;
} else if (!strcmp(argv[i], "--random_order")) {
order_clause = " order by random ";
} else if (!strcmp(argv[i], "--priority_asc")) {
@ -119,7 +121,7 @@ int main(int argc, char** argv) {
exit(1);
}
sprintf(buf, "where name='%s'", app_name);
snprintf(buf, sizeof(buf), "where name='%s'", app_name);
if (app.lookup(buf)) {
log_messages.printf(MSG_CRITICAL, "no such app: %s\n", app_name);
exit(1);

4
sched/time_stats_log.cpp
View File

@ -34,8 +34,8 @@ static char* stats_buf = 0;
// don't write them to disk yet, since we haven't authenticated the host
//
void handle_time_stats_log(FILE* fin) {
dup_element_contents(fin, "</time_stats_log>", &stats_buf);
int handle_time_stats_log(FILE* fin) {
return dup_element_contents(fin, "</time_stats_log>", &stats_buf);
}
// The host has been authenticated, so write the stats.

2
sched/time_stats_log.h
View File

@ -17,6 +17,6 @@
#include <cstdio>
extern void handle_time_stats_log(FILE* fin);
extern int handle_time_stats_log(FILE* fin);
extern void write_time_stats_log();
extern bool have_time_stats_log();

1
sched/trickle_handler.cpp
View File

@ -79,6 +79,7 @@ bool do_trickle_scan() {
}
int main_loop(bool one_pass) {
// coverity[loop_top] - infinite loop is intended
while (1) {
check_stop_daemons();
bool did_something = do_trickle_scan();

6
sched/validator.cpp
View File

@ -583,6 +583,12 @@ int handle_wu(
}
if (update_host) {
retval = host.update_diff_validator(host_initial);
if (retval) {
log_messages.printf(MSG_CRITICAL,
"[HOST#%lu] host.update_diff_validator() failed: %s\n",
host.id, boincerror(retval)
);
}
}
if (update_result) {
retval = validator.update_result(result);

2
tools/backend_lib.cpp
View File

@ -237,7 +237,7 @@ int create_work(
vector<INFILE_DESC> infile_specs(ninfiles);
for (int i=0; i<ninfiles; i++) {
infile_specs[i].is_remote = false;
strcpy(infile_specs[i].name, infiles[i]);
safe_strcpy(infile_specs[i].name, infiles[i]);
}
return create_work2(
wu,

2
tools/cancel_jobs.cpp
View File

@ -47,7 +47,7 @@ int main(int argc, char** argv) {
if (!strcmp(argv[1], "--name")) {
DB_WORKUNIT wu;
char buf[256];
sprintf(buf, "where name='%s'", argv[2]);
snprintf(buf, sizeof(buf), "where name='%s'", argv[2]);
retval = wu.lookup(buf);
if (retval) {
fprintf(stderr, "No workunit named '%s'\n", argv[2]);

16
tools/create_work.cpp
View File

@ -151,13 +151,13 @@ void JOB_DESC::parse_cmdline(int argc, char** argv) {
if (arg(argv, i, (char*)"command_line")) {
command_line = argv[++i];
} else if (arg(argv, i, (char*)"wu_name")) {
strcpy(wu.name, argv[++i]);
safe_strcpy(wu.name, argv[++i]);
} else if (arg(argv, i, (char*)"remote_file")) {
INFILE_DESC id;
id.is_remote = true;
strcpy(id.url, argv[++i]);
safe_strcpy(id.url, argv[++i]);
id.nbytes = atof(argv[++i]);
strcpy(id.md5, argv[++i]);
safe_strcpy(id.md5, argv[++i]);
infiles.push_back(id);
} else if (arg(argv, i, "target_host")) {
assign_flag = true;
@ -176,7 +176,7 @@ void JOB_DESC::parse_cmdline(int argc, char** argv) {
}
INFILE_DESC id;
id.is_remote = false;
strcpy(id.name, argv[i]);
safe_strcpy(id.name, argv[i]);
infiles.push_back(id);
}
}
@ -249,7 +249,7 @@ int main(int argc, char** argv) {
} else if (arg(argv, i, "command_line")) {
jd.command_line= argv[++i];
} else if (arg(argv, i, "additional_xml")) {
strcpy(jd.additional_xml, argv[++i]);
safe_strcpy(jd.additional_xml, argv[++i]);
} else if (arg(argv, i, "wu_id")) {
jd.wu.id = atoi(argv[++i]);
} else if (arg(argv, i, "broadcast")) {
@ -291,9 +291,9 @@ int main(int argc, char** argv) {
} else if (arg(argv, i, (char*)"remote_file")) {
INFILE_DESC id;
id.is_remote = true;
strcpy(id.url, argv[++i]);
safe_strcpy(id.url, argv[++i]);
id.nbytes = atof(argv[++i]);
strcpy(id.md5, argv[++i]);
safe_strcpy(id.md5, argv[++i]);
jd.infiles.push_back(id);
} else if (arg(argv, i, "verbose")) {
verbose = true;
@ -306,7 +306,7 @@ int main(int argc, char** argv) {
}
INFILE_DESC id;
id.is_remote = false;
strcpy(id.name, argv[i]);
safe_strcpy(id.name, argv[i]);
jd.infiles.push_back(id);
}
i++;

2
tools/dir_hier_move.cpp
View File

@ -61,7 +61,7 @@ int main(int argc, char** argv) {
fprintf(stderr, "dir_hier_path: %s\n", boincerror(retval));
exit(1);
}
sprintf(src_path, "%s/%s", src_dir, filename.c_str());
snprintf(src_path, sizeof(src_path), "%s/%s", src_dir, filename.c_str());
retval = rename(src_path, dst_path);
if (retval) {
perror("rename");

2
tools/process_input_template.cpp
View File

@ -57,6 +57,7 @@ static bool got_md5_info(
// get mod time for md5 cache file
//
// coverity[toctou]
if (stat(md5name, &md5stat)) {
return false;
}
@ -107,6 +108,7 @@ static void write_md5_info(
// if file already exists with this name, don't touch it.
//
// coverity[toctou]
sprintf(md5name, "%s.md5", path);
if (!stat(md5name, &statbuf)) {
return;

5
tools/process_result_template.cpp
View File

@ -25,6 +25,7 @@
#include "error_numbers.h"
#include "parse.h"
#include "sched_config.h"
#include "str_replace.h"
#include "crypt.h"
#ifdef _USING_FCGI_
@ -74,7 +75,7 @@ int add_signatures(char* xml, R_RSA_PRIVATE_KEY& key) {
"<xml_signature>\n%s</xml_signature>\n", signature_hex
);
if (retval) return retval;
strcpy(buf2, q2);
safe_strcpy(buf2, q2);
strcpy(q1, buf);
strcat(q1, signature_xml);
strcat(q1, buf2);
@ -155,7 +156,7 @@ int process_result_template(
//
p = strstr(result_template, "<output_template>");
if (p) {
strcpy(temp, result_template+strlen("<output_template>"));
safe_strcpy(temp, result_template+strlen("<output_template>"));
q = strstr(temp, "</output_template>");
if (q) *q = 0;
strcpy(result_template, temp);

2
vda/ssim.cpp
View File

@ -566,12 +566,14 @@ int main(int argc, char** argv) {
//
#if 0
policy.replication = 2;
policy.max_ft = 1;
policy.coding_levels = 1;
policy.codings[0].n = 4;
policy.codings[0].k = 2;
policy.codings[0].m = 6;
#else
policy.replication = 1;
policy.max_ft = 0;
policy.coding_levels = 2;
policy.codings[0].n = 4;
policy.codings[0].k = 2;

2
vda/vda.cpp
View File

@ -223,7 +223,7 @@ int handle_status(const char* name) {
int handle_update(const char* name) {
DB_VDA_FILE dvf;
char buf[1024];
sprintf(buf, "where file_name='%s'", name);
snprintf(buf, sizeof(buf), "where file_name='%s'", name);
int retval = dvf.lookup(buf);
if (retval) return retval;
return dvf.update_field("need_update=1");