diff options
author | Pete Batard <pete@akeo.ie> | 2014-05-16 23:01:57 +0100 |
---|---|---|
committer | Pete Batard <pete@akeo.ie> | 2014-05-16 23:01:57 +0100 |
commit | bcc4e517d5ce41e541484ade9b2800ba06a9b903 (patch) | |
tree | dc8e64e893606d2371d076d0f712273712e07db6 | |
parent | 26dab3d6808a00c28a0d222c8f6625d4e719a5b2 (diff) | |
download | libusb-bcc4e517d5ce41e541484ade9b2800ba06a9b903.tar.gz |
core: fix/silence issues reported by Coverity
* libusb has been added to Coverity at https://scan.coverity.com/projects/2180
* Use "// coverity[keyword]" to silence the issues we don't care about
* All other issues from the Windows build have been fixed, apart from the closing of the DLLs.
-rw-r--r-- | examples/ezusb.c | 14 | ||||
-rw-r--r-- | examples/xusb.c | 1 | ||||
-rw-r--r-- | libusb/core.c | 20 | ||||
-rw-r--r-- | libusb/os/windows_usb.c | 30 | ||||
-rw-r--r-- | libusb/version_nano.h | 2 |
5 files changed, 38 insertions, 29 deletions
diff --git a/examples/ezusb.c b/examples/ezusb.c index 5111f98..f369e50 100644 --- a/examples/ezusb.c +++ b/examples/ezusb.c @@ -442,9 +442,11 @@ static int parse_iic(FILE *image, void *context, if (initial_pos < 0) return -1; - fseek(image, 0L, SEEK_END); + if (fseek(image, 0L, SEEK_END) != 0) + return -1; file_size = ftell(image); - fseek(image, initial_pos, SEEK_SET); + if (fseek(image, initial_pos, SEEK_SET) != 0) + return -1; for (;;) { /* Ignore the trailing reset IIC data (5 bytes) */ if (ftell(image) >= (file_size - 5)) @@ -633,7 +635,8 @@ static int fx3_load_ram(libusb_device_handle *device, const char *path) if (dLength == 0) break; // done - dImageBuf = calloc(dLength, sizeof(uint32_t)); + // coverity[tainted_data] + dImageBuf = (uint32_t*)calloc(dLength, sizeof(uint32_t)); if (dImageBuf == NULL) { logerror("could not allocate buffer for image chunk\n"); ret = -4; @@ -813,9 +816,10 @@ int ezusb_load_ram(libusb_device_handle *device, const char *path, int fx_type, } } - if (verbose) + if (verbose && (ctx.count != 0)) { logerror("... WROTE: %d bytes, %d segments, avg %d\n", - (int)ctx.total, (int)ctx.count, (int)(ctx.total/ctx.count)); + (int)ctx.total, (int)ctx.count, (int)(ctx.total/ctx.count)); + } /* if required, reset the CPU so it runs what we just uploaded */ if (cpucs_addr && !ezusb_cpucs(device, cpucs_addr, true)) diff --git a/examples/xusb.c b/examples/xusb.c index 77c8c46..540c90e 100644 --- a/examples/xusb.c +++ b/examples/xusb.c @@ -512,6 +512,7 @@ static int test_mass_storage(libusb_device_handle *handle, uint8_t endpoint_in, get_sense(handle, endpoint_in, endpoint_out); } + // coverity[tainted_data] data = (unsigned char*) calloc(1, block_size); if (data == NULL) { perr(" unable to allocate data buffer\n"); diff --git a/libusb/core.c b/libusb/core.c index ffce020..14417f5 100644 --- a/libusb/core.c +++ b/libusb/core.c @@ -775,22 +775,22 @@ int API_EXPORTED libusb_get_port_numbers(libusb_device *dev, uint8_t* port_numbers, int port_numbers_len) { int i = port_numbers_len; + struct libusb_context *ctx = DEVICE_CTX(dev); - while(dev) { - // HCDs can be listed as devices and would have port #0 - // TODO: see how the other backends want to implement HCDs as parents - if (dev->port_number == 0) - break; - i--; - if (i < 0) { - usbi_warn(DEVICE_CTX(dev), - "port numbers array too small"); + if (port_numbers_len <= 0) + return LIBUSB_ERROR_INVALID_PARAM; + + // HCDs can be listed as devices with port #0 + while((dev) && (dev->port_number != 0)) { + if (--i < 0) { + usbi_warn(ctx, "port numbers array is too small"); return LIBUSB_ERROR_OVERFLOW; } port_numbers[i] = dev->port_number; dev = dev->parent_dev; } - memmove(port_numbers, &port_numbers[i], port_numbers_len - i); + if (i < port_numbers_len) + memmove(port_numbers, &port_numbers[i], port_numbers_len - i); return port_numbers_len - i; } diff --git a/libusb/os/windows_usb.c b/libusb/os/windows_usb.c index 7f4f315..488ea7b 100644 --- a/libusb/os/windows_usb.c +++ b/libusb/os/windows_usb.c @@ -209,7 +209,7 @@ static char* sanitize_path(const char* path) size = safe_strlen(path)+1; root_size = sizeof(root_prefix)-1; - // Microsoft indiscriminatly uses '\\?\', '\\.\', '##?#" or "##.#" for root prefixes. + // Microsoft indiscriminately uses '\\?\', '\\.\', '##?#" or "##.#" for root prefixes. if (!((size > 3) && (((path[0] == '\\') && (path[1] == '\\') && (path[3] == '\\')) || ((path[0] == '#') && (path[1] == '#') && (path[3] == '#'))))) { add_root = root_size; @@ -221,7 +221,7 @@ static char* sanitize_path(const char* path) safe_strcpy(&ret_path[add_root], size-add_root, path); - // Ensure consistancy with root prefix + // Ensure consistency with root prefix for (j=0; j<root_size; j++) ret_path[j] = root_prefix[j]; @@ -1028,6 +1028,7 @@ static int cache_config_descriptors(struct libusb_device *dev, HANDLE hub_handle // Dummy call to get the required data size. Initial failures are reported as info rather // than error as they can occur for non-penalizing situations, such as with some hubs. + // coverity[tainted_data_argument] if (!DeviceIoControl(hub_handle, IOCTL_USB_GET_DESCRIPTOR_FROM_NODE_CONNECTION, &cd_buf_short, size, &cd_buf_short, size, &ret_size, NULL)) { usbi_info(ctx, "could not access configuration descriptor (dummy) for '%s': %s", device_id, windows_error_str(0)); @@ -1078,7 +1079,7 @@ static int cache_config_descriptors(struct libusb_device *dev, HANDLE hub_handle // Cache the descriptor priv->config_descriptor[i] = (unsigned char*) malloc(cd_data->wTotalLength); if (priv->config_descriptor[i] == NULL) - return LIBUSB_ERROR_NO_MEM; + LOOP_BREAK(LIBUSB_ERROR_NO_MEM); memcpy(priv->config_descriptor[i], cd_data, cd_data->wTotalLength); } return LIBUSB_SUCCESS; @@ -1094,13 +1095,14 @@ static int init_device(struct libusb_device* dev, struct libusb_device* parent_d DWORD size; USB_NODE_CONNECTION_INFORMATION_EX conn_info; struct windows_device_priv *priv, *parent_priv; - struct libusb_context *ctx = DEVICE_CTX(dev); + struct libusb_context *ctx; struct libusb_device* tmp_dev; unsigned i; if ((dev == NULL) || (parent_dev == NULL)) { return LIBUSB_ERROR_NOT_FOUND; } + ctx = DEVICE_CTX(dev); priv = _device_priv(dev); parent_priv = _device_priv(parent_dev); if (parent_priv->apib->id != USB_API_HUB) { @@ -1148,6 +1150,7 @@ static int init_device(struct libusb_device* dev, struct libusb_device* parent_d } size = sizeof(conn_info); conn_info.ConnectionIndex = (ULONG)port_number; + // coverity[tainted_data_argument] if (!DeviceIoControl(handle, IOCTL_USB_GET_NODE_CONNECTION_INFORMATION_EX, &conn_info, size, &conn_info, size, &size, NULL)) { usbi_warn(ctx, "could not get node connection information for device '%s': %s", @@ -1687,10 +1690,12 @@ static int windows_get_device_list(struct libusb_context *ctx, struct discovered } // Unref newly allocated devs - for (i=0; i<unref_cur; i++) { - safe_unref_device(unref_list[i]); + if (unref_list != NULL) { + for (i=0; i<unref_cur; i++) { + safe_unref_device(unref_list[i]); + } + free(unref_list); } - safe_free(unref_list); return r; } @@ -2229,7 +2234,7 @@ unsigned __stdcall windows_clock_gettime_threaded(void* param) case 0: WaitForSingleObject(timer_mutex, INFINITE); // Requests to this thread are for hires always - if (QueryPerformanceCounter(&hires_counter) != 0) { + if ((QueryPerformanceCounter(&hires_counter) != 0) && (hires_frequency != 0)) { timer_tp.tv_sec = (long)(hires_counter.QuadPart / hires_frequency); timer_tp.tv_nsec = (long)(((hires_counter.QuadPart % hires_frequency)/1000) * hires_ticks_to_ps); } else { @@ -2765,11 +2770,10 @@ static int winusbx_claim_interface(int sub_api, struct libusb_device_handle *dev usbi_err(ctx, "could not open device %s: %s", filter_path, windows_error_str(0)); } else { WinUSBX[sub_api].Free(winusb_handle); - if (!WinUSBX[sub_api].Initialize(file_handle, &winusb_handle)) { - continue; - } - found_filter = true; - break; + if (WinUSBX[sub_api].Initialize(file_handle, &winusb_handle)) + found_filter = true; + else + usbi_err(ctx, "could not initialize filter driver for %s", filter_path); } } } diff --git a/libusb/version_nano.h b/libusb/version_nano.h index 43d1ae3..350a2d4 100644 --- a/libusb/version_nano.h +++ b/libusb/version_nano.h @@ -1 +1 @@ -#define LIBUSB_NANO 10887 +#define LIBUSB_NANO 10888 |