aboutsummaryrefslogtreecommitdiff
path: root/util
diff options
context:
space:
mode:
Diffstat (limited to 'util')
-rw-r--r--util/aes.c2
-rw-r--r--util/qemu-option.c8
-rw-r--r--util/qemu-sockets.c26
-rw-r--r--util/uri.c61
4 files changed, 37 insertions, 60 deletions
diff --git a/util/aes.c b/util/aes.c
index 6058f1950b..3d7c4be9b6 100644
--- a/util/aes.c
+++ b/util/aes.c
@@ -1161,7 +1161,7 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
rk += 8;
}
}
- return 0;
+ abort();
}
/**
diff --git a/util/qemu-option.c b/util/qemu-option.c
index a708241643..d3ab65d24f 100644
--- a/util/qemu-option.c
+++ b/util/qemu-option.c
@@ -213,7 +213,7 @@ void parse_option_size(const char *name, const char *value,
bool has_help_option(const char *param)
{
size_t buflen = strlen(param) + 1;
- char *buf = g_malloc0(buflen);
+ char *buf = g_malloc(buflen);
const char *p = param;
bool result = false;
@@ -230,14 +230,14 @@ bool has_help_option(const char *param)
}
out:
- free(buf);
+ g_free(buf);
return result;
}
bool is_valid_option_list(const char *param)
{
size_t buflen = strlen(param) + 1;
- char *buf = g_malloc0(buflen);
+ char *buf = g_malloc(buflen);
const char *p = param;
bool result = true;
@@ -255,7 +255,7 @@ bool is_valid_option_list(const char *param)
}
out:
- free(buf);
+ g_free(buf);
return result;
}
diff --git a/util/qemu-sockets.c b/util/qemu-sockets.c
index a76bb3c913..61fc3c1364 100644
--- a/util/qemu-sockets.c
+++ b/util/qemu-sockets.c
@@ -512,7 +512,7 @@ InetSocketAddress *inet_parse(const char *str, Error **errp)
{
InetSocketAddress *addr;
const char *optstr, *h;
- char host[64];
+ char host[65];
char port[33];
int to;
int pos;
@@ -694,7 +694,7 @@ int unix_listen_opts(QemuOpts *opts, Error **errp)
sock = qemu_socket(PF_UNIX, SOCK_STREAM, 0);
if (sock < 0) {
- error_setg_errno(errp, errno, "Failed to create socket");
+ error_setg_errno(errp, errno, "Failed to create Unix socket");
return -1;
}
@@ -703,9 +703,15 @@ int unix_listen_opts(QemuOpts *opts, Error **errp)
if (path && strlen(path)) {
snprintf(un.sun_path, sizeof(un.sun_path), "%s", path);
} else {
- char *tmpdir = getenv("TMPDIR");
- snprintf(un.sun_path, sizeof(un.sun_path), "%s/qemu-socket-XXXXXX",
- tmpdir ? tmpdir : "/tmp");
+ const char *tmpdir = getenv("TMPDIR");
+ tmpdir = tmpdir ? tmpdir : "/tmp";
+ if (snprintf(un.sun_path, sizeof(un.sun_path), "%s/qemu-socket-XXXXXX",
+ tmpdir) >= sizeof(un.sun_path)) {
+ error_setg_errno(errp, errno,
+ "TMPDIR environment variable (%s) too large", tmpdir);
+ goto err;
+ }
+
/*
* This dummy fd usage silences the mktemp() unsecure warning.
* Using mkstemp() doesn't make things more secure here
@@ -713,13 +719,19 @@ int unix_listen_opts(QemuOpts *opts, Error **errp)
* to unlink first and thus re-open the race window. The
* worst case possible is bind() failing, i.e. a DoS attack.
*/
- fd = mkstemp(un.sun_path); close(fd);
+ fd = mkstemp(un.sun_path);
+ if (fd < 0) {
+ error_setg_errno(errp, errno,
+ "Failed to make a temporary socket name in %s", tmpdir);
+ goto err;
+ }
+ close(fd);
qemu_opt_set(opts, "path", un.sun_path);
}
unlink(un.sun_path);
if (bind(sock, (struct sockaddr*) &un, sizeof(un)) < 0) {
- error_setg_errno(errp, errno, "Failed to bind socket");
+ error_setg_errno(errp, errno, "Failed to bind socket to %s", un.sun_path);
goto err;
}
if (listen(sock, 1) < 0) {
diff --git a/util/uri.c b/util/uri.c
index 918d23516d..1cfd78bdb5 100644
--- a/util/uri.c
+++ b/util/uri.c
@@ -928,12 +928,10 @@ uri_parse(const char *str) {
if (str == NULL)
return(NULL);
uri = uri_new();
- if (uri != NULL) {
- ret = rfc3986_parse_uri_reference(uri, str);
- if (ret) {
- uri_free(uri);
- return(NULL);
- }
+ ret = rfc3986_parse_uri_reference(uri, str);
+ if (ret) {
+ uri_free(uri);
+ return(NULL);
}
return(uri);
}
@@ -974,15 +972,13 @@ uri_parse_raw(const char *str, int raw) {
if (str == NULL)
return(NULL);
uri = uri_new();
- if (uri != NULL) {
- if (raw) {
- uri->cleanup |= 2;
- }
- ret = uri_parse_into(uri, str);
- if (ret) {
- uri_free(uri);
- return(NULL);
- }
+ if (raw) {
+ uri->cleanup |= 2;
+ }
+ ret = uri_parse_into(uri, str);
+ if (ret) {
+ uri_free(uri);
+ return(NULL);
}
return(uri);
}
@@ -1053,14 +1049,12 @@ uri_to_string(URI *uri) {
while (*p != 0) {
if (len >= max) {
temp = realloc2n(ret, &max);
- if (temp == NULL) goto mem_error;
ret = temp;
}
ret[len++] = *p++;
}
if (len >= max) {
temp = realloc2n(ret, &max);
- if (temp == NULL) goto mem_error;
ret = temp;
}
ret[len++] = ':';
@@ -1070,7 +1064,6 @@ uri_to_string(URI *uri) {
while (*p != 0) {
if (len + 3 >= max) {
temp = realloc2n(ret, &max);
- if (temp == NULL) goto mem_error;
ret = temp;
}
if (IS_RESERVED(*(p)) || IS_UNRESERVED(*(p)))
@@ -1087,7 +1080,6 @@ uri_to_string(URI *uri) {
if (uri->server != NULL) {
if (len + 3 >= max) {
temp = realloc2n(ret, &max);
- if (temp == NULL) goto mem_error;
ret = temp;
}
ret[len++] = '/';
@@ -1097,7 +1089,6 @@ uri_to_string(URI *uri) {
while (*p != 0) {
if (len + 3 >= max) {
temp = realloc2n(ret, &max);
- if (temp == NULL) goto mem_error;
ret = temp;
}
if ((IS_UNRESERVED(*(p))) ||
@@ -1116,7 +1107,6 @@ uri_to_string(URI *uri) {
}
if (len + 3 >= max) {
temp = realloc2n(ret, &max);
- if (temp == NULL) goto mem_error;
ret = temp;
}
ret[len++] = '@';
@@ -1125,7 +1115,6 @@ uri_to_string(URI *uri) {
while (*p != 0) {
if (len >= max) {
temp = realloc2n(ret, &max);
- if (temp == NULL) goto mem_error;
ret = temp;
}
ret[len++] = *p++;
@@ -1133,7 +1122,6 @@ uri_to_string(URI *uri) {
if (uri->port > 0) {
if (len + 10 >= max) {
temp = realloc2n(ret, &max);
- if (temp == NULL) goto mem_error;
ret = temp;
}
len += snprintf(&ret[len], max - len, ":%d", uri->port);
@@ -1141,7 +1129,6 @@ uri_to_string(URI *uri) {
} else if (uri->authority != NULL) {
if (len + 3 >= max) {
temp = realloc2n(ret, &max);
- if (temp == NULL) goto mem_error;
ret = temp;
}
ret[len++] = '/';
@@ -1150,7 +1137,6 @@ uri_to_string(URI *uri) {
while (*p != 0) {
if (len + 3 >= max) {
temp = realloc2n(ret, &max);
- if (temp == NULL) goto mem_error;
ret = temp;
}
if ((IS_UNRESERVED(*(p))) ||
@@ -1169,7 +1155,6 @@ uri_to_string(URI *uri) {
} else if (uri->scheme != NULL) {
if (len + 3 >= max) {
temp = realloc2n(ret, &max);
- if (temp == NULL) goto mem_error;
ret = temp;
}
ret[len++] = '/';
@@ -1189,7 +1174,6 @@ uri_to_string(URI *uri) {
(!strcmp(uri->scheme, "file"))) {
if (len + 3 >= max) {
temp = realloc2n(ret, &max);
- if (temp == NULL) goto mem_error;
ret = temp;
}
ret[len++] = *p++;
@@ -1199,7 +1183,6 @@ uri_to_string(URI *uri) {
while (*p != 0) {
if (len + 3 >= max) {
temp = realloc2n(ret, &max);
- if (temp == NULL) goto mem_error;
ret = temp;
}
if ((IS_UNRESERVED(*(p))) || ((*(p) == '/')) ||
@@ -1219,7 +1202,6 @@ uri_to_string(URI *uri) {
if (uri->query != NULL) {
if (len + 1 >= max) {
temp = realloc2n(ret, &max);
- if (temp == NULL) goto mem_error;
ret = temp;
}
ret[len++] = '?';
@@ -1227,7 +1209,6 @@ uri_to_string(URI *uri) {
while (*p != 0) {
if (len + 1 >= max) {
temp = realloc2n(ret, &max);
- if (temp == NULL) goto mem_error;
ret = temp;
}
ret[len++] = *p++;
@@ -1237,7 +1218,6 @@ uri_to_string(URI *uri) {
if (uri->fragment != NULL) {
if (len + 3 >= max) {
temp = realloc2n(ret, &max);
- if (temp == NULL) goto mem_error;
ret = temp;
}
ret[len++] = '#';
@@ -1245,7 +1225,6 @@ uri_to_string(URI *uri) {
while (*p != 0) {
if (len + 3 >= max) {
temp = realloc2n(ret, &max);
- if (temp == NULL) goto mem_error;
ret = temp;
}
if ((IS_UNRESERVED(*(p))) || (IS_RESERVED(*(p))))
@@ -1261,15 +1240,10 @@ uri_to_string(URI *uri) {
}
if (len >= max) {
temp = realloc2n(ret, &max);
- if (temp == NULL) goto mem_error;
ret = temp;
}
ret[len] = 0;
return(ret);
-
-mem_error:
- g_free(ret);
- return(NULL);
}
/**
@@ -1675,8 +1649,6 @@ uri_resolve(const char *uri, const char *base) {
else {
if (*uri) {
ref = uri_new();
- if (ref == NULL)
- goto done;
ret = uri_parse_into(ref, uri);
}
else
@@ -1695,8 +1667,6 @@ uri_resolve(const char *uri, const char *base) {
ret = -1;
else {
bas = uri_new();
- if (bas == NULL)
- goto done;
ret = uri_parse_into(bas, base);
}
if (ret != 0) {
@@ -1727,8 +1697,6 @@ uri_resolve(const char *uri, const char *base) {
* document.
*/
res = uri_new();
- if (res == NULL)
- goto done;
if ((ref->scheme == NULL) && (ref->path == NULL) &&
((ref->authority == NULL) && (ref->server == NULL))) {
res->scheme = g_strdup(bas->scheme);
@@ -1933,8 +1901,6 @@ uri_resolve_relative (const char *uri, const char * base)
* First parse URI into a standard form
*/
ref = uri_new ();
- if (ref == NULL)
- return NULL;
/* If URI not already in "relative" form */
if (uri[0] != '.') {
ret = uri_parse_into (ref, uri);
@@ -1951,8 +1917,6 @@ uri_resolve_relative (const char *uri, const char * base)
goto done;
}
bas = uri_new ();
- if (bas == NULL)
- goto done;
if (base[0] != '.') {
ret = uri_parse_into (bas, base);
if (ret != 0)
@@ -1971,7 +1935,8 @@ uri_resolve_relative (const char *uri, const char * base)
val = g_strdup (uri);
goto done;
}
- if (!strcmp(bas->path, ref->path)) {
+ if (bas->path == ref->path ||
+ (bas->path && ref->path && !strcmp(bas->path, ref->path))) {
val = g_strdup("");
goto done;
}