WT-3134 Coverity scan reports 1368529 and 1368528 (#3251)

* Coverity complains: CID 1368529: Security best practices violations (TOCTOU) Calling function "fopen" that uses "fname" after a check function. This can cause a time-of-check, time-of-use race condition. We're doing: snprintf(buffer); stat(buffer); snprintf(buffer); fopen(buffer); and I think Coverity is ignoring the second snprintf(), and is complaining about a stat followed by an fopen some number of lines of code later. It's simple enough to give the two calls their own buffers, hopefully that will keep Coverity quiet. Use 1024 as the size of a path instead of 512, (that's the traditional MAXPATHLEN value). Use sizeof(home) in calls to testutil_work_dir_from_path() so we don't accidentally diverge from the declared size. Clean up an error call, there's no need for two error messages. * Coverity complains: CID 1368528: (DEADCODE) Execution cannot reach the expression "","" inside this statement: "pos += (uint32_t)snprintf(c...". Replace boolean variable with a "const char *" that's set to either an empty string or a comma, removing the need for the test. Use size_t as the size of an object in memory, not a uint32_t. Don't declare variables in block scope. Assignment operators are the lowest priority operator (well, except for comma), don't bother declaring the order of evalution for an assignment operator. strlen() returns a size_t length, don't evaluate it as a boolean.
author: Keith Bostic <keith.bostic@mongodb.com> 2017-01-18 21:05:06 -0500
committer: Sulabh Mahajan <sulabh.mahajan@mongodb.com> 2017-01-19 13:05:06 +1100
commit: 91dd1fa489cab34a40e3f0115fe6771326e9c410 (patch)
tree: fceb27de9cc55311b844f69e6e891e45b267cca5
parent: 25a7c8aae547b7a0c50081656935c663c640a9f0 (diff)
download: mongo-91dd1fa489cab34a40e3f0115fe6771326e9c410.tar.gz
3 files changed, 65 insertions, 74 deletions
diff --git a/bench/wtperf/wtperf.c b/bench/wtperf/wtperf.c
index 2f747fa3fc7..91cedee8328 100644
--- a/bench/wtperf/wtperf.c
+++ b/bench/wtperf/wtperf.c
@@ -2361,11 +2361,11 @@ main(int argc, char *argv[])
 {
 	CONFIG_OPTS *opts;
 	WTPERF *wtperf, _wtperf;
-	size_t req_len, sreq_len;
+	size_t pos, req_len, sreq_len;
 	bool monitor_set;
 	int ch, ret;
 	const char *cmdflags = "C:h:m:O:o:T:";
-	const char *config_opts;
+	const char *append_comma, *config_opts;
 	char *cc_buf, *path, *sess_cfg, *tc_buf, *user_cconfig, *user_tconfig;
 
 	/* The first WTPERF structure (from which all others are derived). */
@@ -2502,19 +2502,14 @@ main(int argc, char *argv[])
 	__wt_stream_set_line_buffer(stdout);
 
 	/* Concatenate non-default configuration strings. */
-	if ((opts->verbose > 1 && strlen(debug_cconfig)) ||
+	if ((opts->verbose > 1 && strlen(debug_cconfig) != 0) ||
 	     user_cconfig != NULL || opts->session_count_idle > 0 ||
 	     wtperf->compress_ext != NULL || wtperf->async_config != NULL) {
-		bool append_comma;
-		uint32_t pos;
-
-		append_comma = false;
-		pos = 0;
 		req_len = 20;
-		req_len += (wtperf->async_config != NULL ?
-		    strlen(wtperf->async_config) : 0);
-		req_len += (wtperf->compress_ext != NULL ?
-		    strlen(wtperf->compress_ext) : 0);
+		req_len += wtperf->async_config != NULL ?
+		    strlen(wtperf->async_config) : 0;
+		req_len += wtperf->compress_ext != NULL ?
+		    strlen(wtperf->compress_ext) : 0;
 		if (opts->session_count_idle > 0) {
 			sreq_len = strlen("session_max=") + 6;
 			req_len += sreq_len;
@@ -2524,89 +2519,88 @@ main(int argc, char *argv[])
 			    opts->session_count_idle +
 			    wtperf->workers_cnt + opts->populate_threads + 10);
 		}
-		req_len += (user_cconfig != NULL ? strlen(user_cconfig) : 0);
-		req_len += (debug_cconfig != NULL ? strlen(debug_cconfig) : 0);
+		req_len += user_cconfig != NULL ? strlen(user_cconfig) : 0;
+		req_len += debug_cconfig != NULL ? strlen(debug_cconfig) : 0;
 		cc_buf = dmalloc(req_len);
 
+		pos = 0;
+		append_comma = "";
 		if (wtperf->async_config != NULL &&
-		    strlen(wtperf->async_config)) {
-			pos += (uint32_t)snprintf(
+		    strlen(wtperf->async_config) != 0) {
+			pos += (size_t)snprintf(
 			    cc_buf + pos, req_len - pos, "%s%s",
-			    append_comma ? "," : "", wtperf->async_config);
-			append_comma = true;
+			    append_comma, wtperf->async_config);
+			append_comma = ",";
 		}
 		if (wtperf->compress_ext != NULL &&
-		    strlen(wtperf->compress_ext)) {
-			pos += (uint32_t)snprintf(
+		    strlen(wtperf->compress_ext) != 0) {
+			pos += (size_t)snprintf(
 			    cc_buf + pos, req_len - pos, "%s%s",
-			    append_comma ? "," : "", wtperf->compress_ext);
-			append_comma = true;
+			    append_comma, wtperf->compress_ext);
+			append_comma = ",";
 		}
-		if (sess_cfg != NULL && strlen(sess_cfg)) {
-			pos += (uint32_t)snprintf(
+		if (sess_cfg != NULL && strlen(sess_cfg) != 0) {
+			pos += (size_t)snprintf(
 			    cc_buf + pos, req_len - pos, "%s%s",
-			    append_comma ? "," : "", sess_cfg);
-			append_comma = true;
+			    append_comma, sess_cfg);
+			append_comma = ",";
 		}
-		if (user_cconfig != NULL && strlen(user_cconfig)) {
-			pos += (uint32_t)snprintf(
+		if (user_cconfig != NULL && strlen(user_cconfig) != 0) {
+			pos += (size_t)snprintf(
 			    cc_buf + pos, req_len - pos, "%s%s",
-			    append_comma ? "," : "", user_cconfig);
-			append_comma = true;
+			    append_comma, user_cconfig);
+			append_comma = ",";
 		}
-		if (opts->verbose > 1 && strlen(debug_cconfig)) {
-			pos += (uint32_t)snprintf(
+		if (opts->verbose > 1 && strlen(debug_cconfig) != 0) {
+			pos += (size_t)snprintf(
 			    cc_buf + pos, req_len - pos, "%s%s",
-			    append_comma ? "," : "", debug_cconfig);
-			append_comma = true;
+			    append_comma, debug_cconfig);
+			append_comma = ",";
 		}
 
-		if (strlen(cc_buf) && (ret =
+		if (strlen(cc_buf) != 0 && (ret =
 		    config_opt_name_value(wtperf, "conn_config", cc_buf)) != 0)
 			goto err;
 	}
-	if ((opts->verbose > 1 && strlen(debug_tconfig)) || opts->index ||
+	if ((opts->verbose > 1 && strlen(debug_tconfig) != 0) || opts->index ||
 	    user_tconfig != NULL || wtperf->compress_table != NULL) {
-		bool append_comma;
-		uint32_t pos;
-
-		append_comma = false;
-		pos = 0;
 		req_len = 20;
-		req_len += (wtperf->compress_table != NULL ?
-		    strlen(wtperf->compress_table) : 0);
-		req_len += (opts->index ? strlen(INDEX_COL_NAMES) : 0);
-		req_len += (user_tconfig != NULL ? strlen(user_tconfig) : 0);
-		req_len += (debug_tconfig != NULL ? strlen(debug_tconfig) : 0);
+		req_len += wtperf->compress_table != NULL ?
+		    strlen(wtperf->compress_table) : 0;
+		req_len += opts->index ? strlen(INDEX_COL_NAMES) : 0;
+		req_len += user_tconfig != NULL ? strlen(user_tconfig) : 0;
+		req_len += debug_tconfig != NULL ? strlen(debug_tconfig) : 0;
 		tc_buf = dmalloc(req_len);
 
+		pos = 0;
+		append_comma = "";
 		if (wtperf->compress_table != NULL &&
-		    strlen(wtperf->compress_table)) {
-			pos += (uint32_t)snprintf(
+		    strlen(wtperf->compress_table) != 0) {
+			pos += (size_t)snprintf(
 			    tc_buf + pos, req_len - pos, "%s%s",
-			    append_comma ? "," : "", wtperf->compress_table);
-			append_comma = true;
+			    append_comma, wtperf->compress_table);
+			append_comma = ",";
 		}
 		if (opts->index) {
-			pos += (uint32_t)snprintf(
+			pos += (size_t)snprintf(
 			    tc_buf + pos, req_len - pos, "%s%s",
-			    append_comma ? "," : "", INDEX_COL_NAMES);
-			append_comma = true;
+			    append_comma, INDEX_COL_NAMES);
+			append_comma = ",";
 		}
-		if (user_tconfig != NULL && strlen(user_tconfig)) {
-			pos += (uint32_t)snprintf(
+		if (user_tconfig != NULL && strlen(user_tconfig) != 0) {
+			pos += (size_t)snprintf(
 			    tc_buf + pos, req_len - pos, "%s%s",
-			    append_comma ? "," : "", user_tconfig);
-			append_comma = true;
+			    append_comma, user_tconfig);
+			append_comma = ",";
 		}
-		if (opts->verbose > 1 && strlen(debug_tconfig)) {
-			pos += (uint32_t)snprintf(
+		if (opts->verbose > 1 && strlen(debug_tconfig) != 0) {
+			pos += (size_t)snprintf(
 			    tc_buf + pos, req_len - pos, "%s%s",
-			    append_comma ? "," : "", debug_tconfig);
-			append_comma = true;
+			    append_comma, debug_tconfig);
+			append_comma = ",";
 		}
 
-		if (strlen(tc_buf) && (ret =
+		if (strlen(tc_buf) != 0 && (ret =
 		    config_opt_name_value(wtperf, "table_config", tc_buf)) != 0)
 			goto err;
 	}
diff --git a/test/recovery/random-abort.c b/test/recovery/random-abort.c
index a6e4d9801e5..660ef0cca67 100644
--- a/test/recovery/random-abort.c
+++ b/test/recovery/random-abort.c
@@ -31,7 +31,7 @@
 #include <sys/wait.h>
 #include <signal.h>
 
-static char home[512];			/* Program working dir */
+static char home[1024];			/* Program working dir */
 static const char *progname;		/* Program name */
 /*
  * These two names for the URI and file system must be maintained in tandem.
@@ -227,7 +227,7 @@ main(int argc, char *argv[])
 	pid_t pid;
 	bool fatal, rand_th, rand_time, verify_only;
 	const char *working_dir;
-	char fname[64], kname[64];
+	char fname[64], kname[64], statname[1024];
 
 	if ((progname = strrchr(argv[0], DIR_DELIM)) == NULL)
 		progname = argv[0];
@@ -268,7 +268,7 @@ main(int argc, char *argv[])
 	if (argc != 0)
 		usage();
 
-	testutil_work_dir_from_path(home, 512, working_dir);
+	testutil_work_dir_from_path(home, sizeof(home), working_dir);
 	/*
 	 * If the user wants to verify they need to tell us how many threads
 	 * there were so we can find the old record files.
@@ -316,8 +316,8 @@ main(int argc, char *argv[])
 		 * still exists in case the child aborts for some reason we
 		 * don't stay in this loop forever.
 		 */
-		snprintf(fname, sizeof(fname), "%s/%s", home, fs_main);
-		while (stat(fname, &sb) != 0 && kill(pid, 0) == 0)
+		snprintf(statname, sizeof(statname), "%s/%s", home, fs_main);
+		while (stat(statname, &sb) != 0 && kill(pid, 0) == 0)
 			sleep(1);
 		sleep(timeout);
 
@@ -352,11 +352,8 @@ main(int argc, char *argv[])
 	for (i = 0; i < nth; ++i) {
 		middle = 0;
 		snprintf(fname, sizeof(fname), RECORDS_FILE, i);
-		if ((fp = fopen(fname, "r")) == NULL) {
-			fprintf(stderr,
-			    "Failed to open %s. i %" PRIu32 "\n", fname, i);
-			testutil_die(errno, "fopen");
-		}
+		if ((fp = fopen(fname, "r")) == NULL)
+			testutil_die(errno, "fopen: %s", fname);
 
 		/*
 		 * For every key in the saved file, verify that the key exists
diff --git a/test/recovery/truncated-log.c b/test/recovery/truncated-log.c
index c265263d44c..6a142b8e710 100644
--- a/test/recovery/truncated-log.c
+++ b/test/recovery/truncated-log.c
@@ -35,7 +35,7 @@
 #define	snprintf _snprintf
 #endif
 
-static char home[512];			/* Program working dir */
+static char home[1024];			/* Program working dir */
 static const char *progname;		/* Program name */
 static const char * const uri = "table:main";
 
@@ -290,7 +290,7 @@ main(int argc, char *argv[])
 	if (argc != 0)
 		usage();
 
-	testutil_work_dir_from_path(home, 512, working_dir);
+	testutil_work_dir_from_path(home, sizeof(home), working_dir);
 	testutil_make_work_dir(home);
 
 	/*
author	Keith Bostic <keith.bostic@mongodb.com>	2017-01-18 21:05:06 -0500
committer	Sulabh Mahajan <sulabh.mahajan@mongodb.com>	2017-01-19 13:05:06 +1100
commit	91dd1fa489cab34a40e3f0115fe6771326e9c410 (patch)
tree	fceb27de9cc55311b844f69e6e891e45b267cca5
parent	25a7c8aae547b7a0c50081656935c663c640a9f0 (diff)
download	mongo-91dd1fa489cab34a40e3f0115fe6771326e9c410.tar.gz