From 60bb1c34dec9697a9f74d1ad79a8f13234b3fa93 Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin Date: Fri, 28 Sep 2018 16:17:20 +0500 Subject: [PATCH 1/2] src/Cedar/BridgeUnix.c: resolve null pointer dereference found by coverity --- src/Cedar/BridgeUnix.c | 155 +++++++++++++++++++++-------------------- 1 file changed, 78 insertions(+), 77 deletions(-) diff --git a/src/Cedar/BridgeUnix.c b/src/Cedar/BridgeUnix.c index 7e4fbc29..af7ed5e5 100644 --- a/src/Cedar/BridgeUnix.c +++ b/src/Cedar/BridgeUnix.c @@ -2676,6 +2676,7 @@ bool EthProcessIpPacketInnerIpRaw(ETH *e, PKT *p) void EthPutPacketLinuxIpRaw(ETH *e, void *data, UINT size) { PKT *p; + SOCK *s = NULL; // Validate arguments if (e == NULL || data == NULL) { @@ -2688,8 +2689,13 @@ void EthPutPacketLinuxIpRaw(ETH *e, void *data, UINT size) } p = ParsePacket(data, size); + if (p == NULL) + { + Free(data); + return; + } - if (p != NULL && (p->BroadcastPacket || Cmp(p->MacAddressDest, e->RawIpMyMacAddr, 6) == 0)) + if (p->BroadcastPacket || Cmp(p->MacAddressDest, e->RawIpMyMacAddr, 6) == 0) { if (IsValidUnicastMacAddress(p->MacAddressSrc)) { @@ -2705,93 +2711,88 @@ void EthPutPacketLinuxIpRaw(ETH *e, void *data, UINT size) return; } - if (p != NULL) + + if (p->TypeL3 == L3_IPV4) { - SOCK *s = NULL; - - if (p->TypeL3 == L3_IPV4) + if (p->TypeL4 == L4_TCP) { - if (p->TypeL4 == L4_TCP) + if (IsZeroIP(&e->MyPhysicalIP) == false) { - if (IsZeroIP(&e->MyPhysicalIP) == false) - { - s = e->RawTcp; - } - } - else if (p->TypeL4 == L4_UDP) - { - if (EthProcessIpPacketInnerIpRaw(e, p) == false) - { - s = e->RawUdp; - } - } - else if (p->TypeL4 == L4_ICMPV4) - { - if (IsZeroIP(&e->MyPhysicalIP) == false) - { - s = e->RawIcmp; - } - } - else if (p->TypeL4 == L4_FRAGMENT) - { - if (IsZeroIP(&e->MyPhysicalIP) == false) - { - s = e->RawIcmp; - } + s = e->RawTcp; } } - else if (p->TypeL3 == L3_ARPV4) + else if (p->TypeL4 == L4_UDP) { - EthProcessIpPacketInnerIpRaw(e, p); - } - - if (s != NULL && p->L3.IPv4Header->DstIP != 0xffffffff && p->BroadcastPacket == false && - p->L3.IPv4Header->SrcIP == IPToUINT(&e->YourIP)) - { - UCHAR *send_data = p->IPv4PayloadData; - UCHAR *head = p->PacketData; - UINT remove_header_size = (UINT)(send_data - head); - - if (p->PacketSize > remove_header_size) + if (EthProcessIpPacketInnerIpRaw(e, p) == false) { - IP dest; - UINT send_data_size = p->PacketSize - remove_header_size; - - // checksum - if (p->TypeL4 == L4_UDP) - { - p->L4.UDPHeader->Checksum = 0; - } - else if (p->TypeL4 == L4_TCP) - { - p->L4.TCPHeader->Checksum = 0; - p->L4.TCPHeader->Checksum = CalcChecksumForIPv4(IPToUINT(&e->MyPhysicalIP), - p->L3.IPv4Header->DstIP, IP_PROTO_TCP, - p->L4.TCPHeader, p->IPv4PayloadSize, 0); - } - - UINTToIP(&dest, p->L3.IPv4Header->DstIP); - - if (s->RawIP_HeaderIncludeFlag == false) - { - SendTo(s, &dest, 0, send_data, send_data_size); - } - else - { - IPV4_HEADER *ip = p->L3.IPv4Header; - - ip->SrcIP = IPToUINT(&e->MyPhysicalIP); - ip->Checksum = 0; - ip->Checksum = IpChecksum(ip, IPV4_GET_HEADER_LEN(ip) * 4); - - SendTo(s, &dest, 0, ip, ((UCHAR *)p->PacketData - (UCHAR *)ip) + p->PacketSize); - } + s = e->RawUdp; } } - - FreePacket(p); + else if (p->TypeL4 == L4_ICMPV4) + { + if (IsZeroIP(&e->MyPhysicalIP) == false) + { + s = e->RawIcmp; + } + } + else if (p->TypeL4 == L4_FRAGMENT) + { + if (IsZeroIP(&e->MyPhysicalIP) == false) + { + s = e->RawIcmp; + } + } + } + else if (p->TypeL3 == L3_ARPV4) + { + EthProcessIpPacketInnerIpRaw(e, p); } + if (s != NULL && p->L3.IPv4Header->DstIP != 0xffffffff && p->BroadcastPacket == false && + p->L3.IPv4Header->SrcIP == IPToUINT(&e->YourIP)) + { + UCHAR *send_data = p->IPv4PayloadData; + UCHAR *head = p->PacketData; + UINT remove_header_size = (UINT)(send_data - head); + + if (p->PacketSize > remove_header_size) + { + IP dest; + UINT send_data_size = p->PacketSize - remove_header_size; + + // checksum + if (p->TypeL4 == L4_UDP) + { + p->L4.UDPHeader->Checksum = 0; + } + else if (p->TypeL4 == L4_TCP) + { + p->L4.TCPHeader->Checksum = 0; + p->L4.TCPHeader->Checksum = CalcChecksumForIPv4(IPToUINT(&e->MyPhysicalIP), + p->L3.IPv4Header->DstIP, IP_PROTO_TCP, + p->L4.TCPHeader, p->IPv4PayloadSize, 0); + } + + UINTToIP(&dest, p->L3.IPv4Header->DstIP); + + if (s->RawIP_HeaderIncludeFlag == false) + { + SendTo(s, &dest, 0, send_data, send_data_size); + } + else + { + IPV4_HEADER *ip = p->L3.IPv4Header; + + ip->SrcIP = IPToUINT(&e->MyPhysicalIP); + ip->Checksum = 0; + ip->Checksum = IpChecksum(ip, IPV4_GET_HEADER_LEN(ip) * 4); + + SendTo(s, &dest, 0, ip, ((UCHAR *)p->PacketData - (UCHAR *)ip) + p->PacketSize); + } + } + } + + FreePacket(p); Free(data); } From 564ca6087fc489ba3551e5b5aa0afc0f18093494 Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin Date: Sat, 29 Sep 2018 00:39:01 +0500 Subject: [PATCH 2/2] src/Mayaqua/Object.c: remove redundant conditionals found by PVS analyzer src/Mayaqua/Object.c 318 warn V547 Expression 'c->Ready == 0' is always false. src/Mayaqua/Object.c 348 warn V547 Expression 'c->Ready == 0' is always false. src/Mayaqua/Object.c 383 warn V547 Expression 'c->Ready == 0' is always false. --- src/Mayaqua/Object.c | 35 +++++++---------------------------- 1 file changed, 7 insertions(+), 28 deletions(-) diff --git a/src/Mayaqua/Object.c b/src/Mayaqua/Object.c index 71de8622..1657ba8c 100644 --- a/src/Mayaqua/Object.c +++ b/src/Mayaqua/Object.c @@ -315,14 +315,7 @@ UINT Count(COUNTER *c) Lock(c->lock); { - if (c->Ready == false) - { - ret = 0; - } - else - { - ret = c->c; - } + ret = c->c; } Unlock(c->lock); @@ -345,15 +338,8 @@ UINT Inc(COUNTER *c) Lock(c->lock); { - if (c->Ready == false) - { - ret = 0; - } - else - { - c->c++; - ret = c->c; - } + c->c++; + ret = c->c; } Unlock(c->lock); @@ -380,21 +366,14 @@ UINT Dec(COUNTER *c) Lock(c->lock); { - if (c->Ready == false) + if (c->c != 0) { - ret = 0; + c->c--; + ret = c->c; } else { - if (c->c != 0) - { - c->c--; - ret = c->c; - } - else - { - ret = 0; - } + ret = 0; } } Unlock(c->lock);