diff options
author | Michael R Sweet <michael.r.sweet@gmail.com> | 2019-11-17 10:18:09 -0500 |
---|---|---|
committer | Michael R Sweet <michael.r.sweet@gmail.com> | 2019-11-18 11:19:16 -0500 |
commit | f4a99aeb0252068ee78bf2158fb01fef6f4599ca (patch) | |
tree | 31028c3e796a4b1701a10a06ffe37d823360d783 /cups | |
parent | f950947148bd1867c247a211af7404056b2b2e36 (diff) | |
download | cups-f4a99aeb0252068ee78bf2158fb01fef6f4599ca.tar.gz |
Address multiple minor issues reported by the LGTM security scanner:
- Lots of usage of localtime and gmtime (use _r/_s versions instead -
Issue #5685)
- Some unnecessary comparisons
- Suppress checks that are not useful (header guards, short global names, and
the integer overflow checks which don't reflect the actual range of values)
Diffstat (limited to 'cups')
-rw-r--r-- | cups/encode.c | 2 | ||||
-rw-r--r-- | cups/http-support.c | 10 | ||||
-rw-r--r-- | cups/http.c | 2 | ||||
-rw-r--r-- | cups/ipp.c | 20 | ||||
-rw-r--r-- | cups/string.c | 8 |
5 files changed, 20 insertions, 22 deletions
diff --git a/cups/encode.c b/cups/encode.c index 2469406e2..5bcbf6fe5 100644 --- a/cups/encode.c +++ b/cups/encode.c @@ -523,7 +523,7 @@ _cupsEncodeOption( quote = *sep; } - else if (*sep == ',' && count > 1) + else if (*sep == ',') break; else if (*sep == '\\' && sep[1]) { diff --git a/cups/http-support.c b/cups/http-support.c index 824b8dcf1..63175145e 100644 --- a/cups/http-support.c +++ b/cups/http-support.c @@ -799,14 +799,12 @@ httpGetDateString2(time_t t, /* I - Time in seconds */ char *s, /* I - String buffer */ int slen) /* I - Size of string buffer */ { - struct tm *tdate; /* UNIX date/time data */ + struct tm tdate; /* UNIX date/time data */ - tdate = gmtime(&t); - if (tdate) - snprintf(s, (size_t)slen, "%s, %02d %s %d %02d:%02d:%02d GMT", http_days[tdate->tm_wday], tdate->tm_mday, http_months[tdate->tm_mon], tdate->tm_year + 1900, tdate->tm_hour, tdate->tm_min, tdate->tm_sec); - else - s[0] = '\0'; + gmtime_r(&t, &tdate); + + snprintf(s, (size_t)slen, "%s, %02d %s %d %02d:%02d:%02d GMT", http_days[tdate.tm_wday], tdate.tm_mday, http_months[tdate.tm_mon], tdate.tm_year + 1900, tdate.tm_hour, tdate.tm_min, tdate.tm_sec); return (s); } diff --git a/cups/http.c b/cups/http.c index fbb1bf13c..8d69ce31f 100644 --- a/cups/http.c +++ b/cups/http.c @@ -1733,7 +1733,7 @@ httpPeek(http_t *http, /* I - HTTP connection */ if (http->used > 0 && ((z_stream *)http->stream)->avail_in < HTTP_MAX_BUFFER) { - size_t buflen = buflen = HTTP_MAX_BUFFER - ((z_stream *)http->stream)->avail_in; + size_t buflen = HTTP_MAX_BUFFER - ((z_stream *)http->stream)->avail_in; /* Number of bytes to copy */ if (((z_stream *)http->stream)->avail_in > 0 && diff --git a/cups/ipp.c b/cups/ipp.c index 1bd59cef1..d0cac8cfe 100644 --- a/cups/ipp.c +++ b/cups/ipp.c @@ -4659,7 +4659,7 @@ ippSetVersion(ipp_t *ipp, /* I - IPP message */ const ipp_uchar_t * /* O - RFC-2579 date/time data */ ippTimeToDate(time_t t) /* I - Time in seconds */ { - struct tm *unixdate; /* UNIX unixdate/time info */ + struct tm unixdate; /* UNIX unixdate/time info */ ipp_uchar_t *date = _cupsGlobals()->ipp_date; /* RFC-2579 date/time data */ @@ -4681,16 +4681,16 @@ ippTimeToDate(time_t t) /* I - Time in seconds */ * 10 UTC minutes (0 to 59) */ - unixdate = gmtime(&t); - unixdate->tm_year += 1900; + gmtime_r(&t, &unixdate); + unixdate.tm_year += 1900; - date[0] = (ipp_uchar_t)(unixdate->tm_year >> 8); - date[1] = (ipp_uchar_t)(unixdate->tm_year); - date[2] = (ipp_uchar_t)(unixdate->tm_mon + 1); - date[3] = (ipp_uchar_t)unixdate->tm_mday; - date[4] = (ipp_uchar_t)unixdate->tm_hour; - date[5] = (ipp_uchar_t)unixdate->tm_min; - date[6] = (ipp_uchar_t)unixdate->tm_sec; + date[0] = (ipp_uchar_t)(unixdate.tm_year >> 8); + date[1] = (ipp_uchar_t)(unixdate.tm_year); + date[2] = (ipp_uchar_t)(unixdate.tm_mon + 1); + date[3] = (ipp_uchar_t)unixdate.tm_mday; + date[4] = (ipp_uchar_t)unixdate.tm_hour; + date[5] = (ipp_uchar_t)unixdate.tm_min; + date[6] = (ipp_uchar_t)unixdate.tm_sec; date[7] = 0; date[8] = '+'; date[9] = 0; diff --git a/cups/string.c b/cups/string.c index 54f7bd0cf..93cdad19d 100644 --- a/cups/string.c +++ b/cups/string.c @@ -146,7 +146,7 @@ _cupsStrDate(char *buf, /* I - Buffer */ size_t bufsize, /* I - Size of buffer */ time_t timeval) /* I - Time value */ { - struct tm *dateval; /* Local date/time */ + struct tm date; /* Local date/time */ char temp[1024]; /* Temporary buffer */ _cups_globals_t *cg = _cupsGlobals(); /* Per-thread globals */ @@ -154,15 +154,15 @@ _cupsStrDate(char *buf, /* I - Buffer */ if (!cg->lang_default) cg->lang_default = cupsLangDefault(); - dateval = localtime(&timeval); + localtime_r(&timeval, &date); if (cg->lang_default->encoding != CUPS_UTF8) { - strftime(temp, sizeof(temp), "%c", dateval); + strftime(temp, sizeof(temp), "%c", &date); cupsCharsetToUTF8((cups_utf8_t *)buf, temp, (int)bufsize, cg->lang_default->encoding); } else - strftime(buf, bufsize, "%c", dateval); + strftime(buf, bufsize, "%c", &date); return (buf); } |