diff options
-rw-r--r-- | .travis.yml | 6 | ||||
-rw-r--r-- | doc/iscsi-iname.8 | 2 | ||||
-rw-r--r-- | iscsiuio/src/uip/ipv6.c | 2 | ||||
-rw-r--r-- | iscsiuio/src/unix/libs/qedi.c | 4 | ||||
-rw-r--r-- | iscsiuio/src/unix/main.c | 1 | ||||
-rw-r--r-- | iscsiuio/src/unix/nic_nl.c | 2 | ||||
-rw-r--r-- | iscsiuio/src/unix/nic_utils.c | 1 | ||||
-rw-r--r-- | usr/auth.c | 6 | ||||
-rw-r--r-- | usr/host.c | 6 | ||||
-rw-r--r-- | usr/iscsi_net_util.c | 16 | ||||
-rw-r--r-- | usr/iscsi_sysfs.c | 2 | ||||
-rw-r--r-- | usr/iscsi_util.c | 1 | ||||
-rw-r--r-- | usr/iscsiadm.c | 36 | ||||
-rw-r--r-- | usr/iscsid_req.c | 4 | ||||
-rw-r--r-- | usr/sysfs.c | 8 | ||||
-rw-r--r-- | utils/fwparam_ibft/fwparam_ppc.c | 4 | ||||
-rw-r--r-- | utils/iscsi-iname.c | 18 |
17 files changed, 65 insertions, 54 deletions
diff --git a/.travis.yml b/.travis.yml index c6aebda..f11db8b 100644 --- a/.travis.yml +++ b/.travis.yml @@ -5,6 +5,9 @@ dist: bionic env: global: + # This is an excrypted setting of COVERITY_SCAN_TOKEN=<token> + # Travis-CI has the private key to decrypt this and set the environment + # variable with the token needed for Coverity API access - secure: kUIw3pil4akjNycH+R2mq8oUszQrt/TCwkQb20oBRXoqsRzYLF6I9VT5wdAERjPsD7BDSiWLxLnisYrdRAs/tQ9h3xvnOJQAX8wKvVF/B883kOwOdI17DkY/dKdzWT+LbojjaXCHZf2yaKVAjibRPO2E8J9zsvpuDLDlon7zD123Amnb/XrSVJH4jefscs1OXFVtaMIKNs7AQPoPK7V9oMZoIbBF5NhYSPpytlf5/VL6ePQlXdd4xAiQR+dg5PvEbMquJh4GvcTo5DzOAJN8L9nGvlGlH5YKxHo7tkOpKFRnCATyenbpVaUBTb/TzA9OsVmxfSr/WrzLLXQxCwfOG6ktZp+1+ANRuL5wLCtDJLooGCw4Wxsicgw69snBoFPWoPW8w4osNQAaGINZnPKM2WSFxq2DBrqHrccGk1lze7upNHikBrwSTgv+SklmZUfcDQjWYxC2owH21BHhVTV6hgNShwS5q9gwWtSWAHc4f34Qvn1gjdV2/791Skk/t4GgTSmt0j0ZVcfsQJaZBvDwkot1yDJ0u/3av+ElMAmCb/9wG3dSqUXv9/V6mAutNb243igIZko6Vmpcosp2bJKXyeVbRkgbMoIfH2VQf9n1sbb01+V9lZsk9usIZZYRcW9Bz6d2H+ooDrM/ha1kQjVqMDP2EyCdBKmQjr8iAi9E4yQ= addons: @@ -21,9 +24,10 @@ addons: coverity_scan: project: name: open-iscsi/open-iscsi + notification_email: cleech@redhat.com build_command: make branch_pattern: coverity_scan before_install: echo -n | openssl s_client -connect scan.coverity.com:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | sudo tee -a /etc/ssl/certs/ca- -script: if [ "{COVERITY_SCAN_BRANCH}" != 1 ]; then make; fi +script: if [ "${COVERITY_SCAN_BRANCH}" != 1 ]; then make; fi diff --git a/doc/iscsi-iname.8 b/doc/iscsi-iname.8 index a55d666..6a413f6 100644 --- a/doc/iscsi-iname.8 +++ b/doc/iscsi-iname.8 @@ -14,7 +14,7 @@ generates a unique iSCSI node name on every invocation. Display help .TP .BI [-p=]\fIprefix\fP -Use the prefix passed in instead of the default "iqn.2005-03.org.open-iscsi" +Use the prefix passed in instead of the default "iqn.2016-04.com.open-iscsi" .SH AUTHORS Open-iSCSI project <http://www.open-iscsi.com/> diff --git a/iscsiuio/src/uip/ipv6.c b/iscsiuio/src/uip/ipv6.c index 05efa73..5710199 100644 --- a/iscsiuio/src/uip/ipv6.c +++ b/iscsiuio/src/uip/ipv6.c @@ -521,7 +521,7 @@ static void ipv6_insert_protocol_chksum(struct ipv6_hdr *ipv6) sum = 0; ptr = (u16_t *)&ipv6->ipv6_src; - for (i = 0; i < sizeof(struct ipv6_addr); i++) { + for (i = 0; i < sizeof(struct ipv6_addr); i += 2) { sum += HOST_TO_NET16(*ptr); ptr++; } diff --git a/iscsiuio/src/unix/libs/qedi.c b/iscsiuio/src/unix/libs/qedi.c index b7595d5..3414cb5 100644 --- a/iscsiuio/src/unix/libs/qedi.c +++ b/iscsiuio/src/unix/libs/qedi.c @@ -442,7 +442,7 @@ static int qedi_open(nic_t *nic) qedi_t *bp = NULL; struct stat uio_stat; int i, rc; - int count; + size_t count; uint32_t bus; uint32_t slot; uint32_t func; @@ -666,7 +666,7 @@ static int qedi_open(nic_t *nic) nic->mac_addr[0], nic->mac_addr[1], nic->mac_addr[2], nic->mac_addr[3], nic->mac_addr[4], nic->mac_addr[5]); - qedi_get_library_name(&nic->library_name, (size_t *)&count); + qedi_get_library_name(&nic->library_name, &count); LOG_INFO("%s: qedi initialized", nic->log_name); bp->flags |= QEDI_OPENED; diff --git a/iscsiuio/src/unix/main.c b/iscsiuio/src/unix/main.c index 5168e4e..5e3f66c 100644 --- a/iscsiuio/src/unix/main.c +++ b/iscsiuio/src/unix/main.c @@ -196,6 +196,7 @@ static void daemon_init() dup2(fd, 2); setsid(); chdir("/"); + close(fd); } #define ISCSI_OOM_PATH_LEN 48 diff --git a/iscsiuio/src/unix/nic_nl.c b/iscsiuio/src/unix/nic_nl.c index 6588432..f830656 100644 --- a/iscsiuio/src/unix/nic_nl.c +++ b/iscsiuio/src/unix/nic_nl.c @@ -278,7 +278,7 @@ static const struct timespec ctldev_sleep_req = { static int ctldev_handle(char *data, nic_t *nic) { - int rc; + int rc = 0; struct iscsi_uevent *ev; uint8_t *payload; struct iscsi_path *path; diff --git a/iscsiuio/src/unix/nic_utils.c b/iscsiuio/src/unix/nic_utils.c index aad679e..84ffc5c 100644 --- a/iscsiuio/src/unix/nic_utils.c +++ b/iscsiuio/src/unix/nic_utils.c @@ -245,6 +245,7 @@ int nic_discover_iscsi_hosts() "space for NIC %s " "during scan", raw); + free(raw); rc = -ENOMEM; break; } @@ -259,7 +259,7 @@ static int acl_text_to_number(const char *text, unsigned long *num) { char *end; - unsigned long number = *num; + unsigned long number; if (text[0] == '0' && (text[1] == 'x' || text[1] == 'X')) number = strtoul(text + 2, &end, 16); @@ -1838,6 +1838,8 @@ acl_init_chap_digests(int *value_list) { return i; } +#define MAX(a,b) ((a) > (b) ? (a) : (b)) + int acl_init(int node_type, int buf_desc_count, struct auth_buffer_desc *buff_desc) { @@ -1846,7 +1848,7 @@ acl_init(int node_type, int buf_desc_count, struct auth_buffer_desc *buff_desc) struct auth_str_block *send_str_blk; struct auth_large_binary *recv_chap_challenge; struct auth_large_binary *send_chap_challenge; - int value_list[3]; + int value_list[MAX(AUTH_METHOD_MAX_COUNT, AUTH_CHAP_ALG_MAX_COUNT)]; if (buf_desc_count != 5 || !buff_desc) return AUTH_STATUS_ERROR; @@ -217,7 +217,7 @@ static int print_host_iface(void *data, struct iface_rec *iface) static void print_host_ifaces(struct host_info *hinfo, char *prefix) { - int nr_found; + int nr_found = 0; iscsi_sysfs_for_each_iface_on_host(prefix, hinfo->host_no, &nr_found, print_host_iface); @@ -262,14 +262,14 @@ static int host_info_print_tree(void *data, struct host_info *hinfo) matched_ses[matched_se_count++] = ses[i]; if (!matched_se_count) - return 0; + goto out; printf("\t*********\n"); printf("\tSessions:\n"); printf("\t*********\n"); session_info_print_tree(matched_ses, matched_se_count, "\t", session_info_flags, 0/* don't show password */); - +out: free(matched_ses); return 0; } diff --git a/usr/iscsi_net_util.c b/usr/iscsi_net_util.c index 6339082..b5a910f 100644 --- a/usr/iscsi_net_util.c +++ b/usr/iscsi_net_util.c @@ -193,22 +193,24 @@ static char *find_vlan_dev(char *netdev, int vlan_id) { sockfd = socket(AF_INET, SOCK_DGRAM, 0); - strncpy(if_hwaddr.ifr_name, netdev, IFNAMSIZ); + strlcpy(if_hwaddr.ifr_name, netdev, IFNAMSIZ); ioctl(sockfd, SIOCGIFHWADDR, &if_hwaddr); - if (if_hwaddr.ifr_hwaddr.sa_family != ARPHRD_ETHER) + if (if_hwaddr.ifr_hwaddr.sa_family != ARPHRD_ETHER) { + close(sockfd); return NULL; + } ifni = if_nameindex(); for (i = 0; ifni[i].if_index && ifni[i].if_name; i++) { - strncpy(vlan_hwaddr.ifr_name, ifni[i].if_name, IFNAMSIZ); + strlcpy(vlan_hwaddr.ifr_name, ifni[i].if_name, IFNAMSIZ); ioctl(sockfd, SIOCGIFHWADDR, &vlan_hwaddr); if (vlan_hwaddr.ifr_hwaddr.sa_family != ARPHRD_ETHER) continue; if (!memcmp(if_hwaddr.ifr_hwaddr.sa_data, vlan_hwaddr.ifr_hwaddr.sa_data, ETH_ALEN)) { - strncpy(vlanrq.device1, ifni[i].if_name, IFNAMSIZ); + strlcpy(vlanrq.device1, ifni[i].if_name, IFNAMSIZ); rc = ioctl(sockfd, SIOCGIFVLAN, &vlanrq); if ((rc == 0) && (vlanrq.u.VID == vlan_id)) { vlan = strdup(vlanrq.device1); @@ -271,7 +273,8 @@ int net_setup_netdev(char *netdev, char *local_ip, char *mask, char *gateway, if ((sock = socket(AF_INET, SOCK_DGRAM, 0)) == -1) { log_error("Could not open socket to manage network " "(err %d - %s)", errno, strerror(errno)); - return errno; + ret = errno; + goto done; } /* Bring up NIC with correct address - unless it @@ -389,7 +392,8 @@ int net_setup_netdev(char *netdev, char *local_ip, char *mask, char *gateway, ret = 0; done: - close(sock); + if (sock >= 0) + close(sock); if (vlan_id) free(netdev); return ret; diff --git a/usr/iscsi_sysfs.c b/usr/iscsi_sysfs.c index f79a1af..418f51b 100644 --- a/usr/iscsi_sysfs.c +++ b/usr/iscsi_sysfs.c @@ -464,7 +464,7 @@ int iscsi_sysfs_get_flashnode_info(struct flashnode_rec *fnode, log_debug(7, "could not get transport name for host%d", host_no); else - strncpy(fnode->transport_name, t->name, + strlcpy(fnode->transport_name, t->name, ISCSI_TRANSPORT_NAME_MAXLEN); snprintf(sess_id, sizeof(sess_id), ISCSI_FLASHNODE_SESS, host_no, diff --git a/usr/iscsi_util.c b/usr/iscsi_util.c index 0570dd5..fd8fc0c 100644 --- a/usr/iscsi_util.c +++ b/usr/iscsi_util.c @@ -62,6 +62,7 @@ void daemon_init(void) setsid(); if (chdir("/") < 0) log_debug(1, "Could not chdir to /: %s", strerror(errno)); + close(fd); } #define ISCSI_OOM_PATH_LEN 48 diff --git a/usr/iscsiadm.c b/usr/iscsiadm.c index 39583dd..2ce1cf5 100644 --- a/usr/iscsiadm.c +++ b/usr/iscsiadm.c @@ -524,10 +524,9 @@ login_by_startup(char *mode) */ struct iface_rec *pattern_iface, *tmp_iface; struct node_rec *rec, *tmp_rec; - struct list_head iface_list; + LIST_HEAD(iface_list); int missed_leading_login = 0; log_debug(1, "Logging into leading-login portals"); - INIT_LIST_HEAD(&iface_list); iface_link_ifaces(&iface_list); list_for_each_entry_safe(pattern_iface, tmp_iface, &iface_list, list) { @@ -657,10 +656,9 @@ static int for_each_matched_rec(struct node_rec *rec, void *data, static int login_portals(struct node_rec *pattern_rec) { - struct list_head rec_list; + LIST_HEAD(rec_list); int nr_found, rc, err; - INIT_LIST_HEAD(&rec_list); err = for_each_matched_rec(pattern_rec, &rec_list, link_recs); if (err == ISCSI_ERR_NO_OBJS_FOUND) return err; @@ -974,7 +972,7 @@ static int add_static_rec(int *found, char *targetname, int tpgt, if (rc) { log_error("Could not read iface %s. Error %d", iface->name, rc); - return rc; + goto free_drec; } iface_copy(&rec->iface, iface); @@ -987,6 +985,7 @@ static int add_static_rec(int *found, char *targetname, int tpgt, rec->iface.transport_name, iface_str(&rec->iface), ip, port, tpgt, targetname); } +free_drec: free(drec); free_rec: free(rec); @@ -1171,11 +1170,10 @@ static int do_software_sendtargets(discovery_rec_t *drec, struct list_head *ifaces, int info_level, int do_login, int op, int sync_drec) { - struct list_head rec_list; + LIST_HEAD(rec_list); struct node_rec *rec, *tmp; int rc; - INIT_LIST_HEAD(&rec_list); /* * compat: if the user did not pass any op then we do all * ops for them @@ -1221,11 +1219,10 @@ do_software_sendtargets(discovery_rec_t *drec, struct list_head *ifaces, static int do_isns(discovery_rec_t *drec, struct list_head *ifaces, int info_level, int do_login, int op) { - struct list_head rec_list; + LIST_HEAD(rec_list); struct node_rec *rec, *tmp; int rc; - INIT_LIST_HEAD(&rec_list); /* * compat: if the user did not pass any op then we do all * ops for them @@ -1663,7 +1660,7 @@ static int set_host_chap_info(uint32_t host_no, uint64_t chap_index, rc = ISCSI_ERR; } - goto exit_set_chap; + goto free_iovec; } ipc->ctldev_close(); @@ -2883,14 +2880,13 @@ out: static int exec_fw_disc_op(discovery_rec_t *drec, struct list_head *ifaces, int info_level, int do_login, int op) { - struct list_head targets, rec_list, new_ifaces; + LIST_HEAD(targets); + LIST_HEAD(rec_list); + LIST_HEAD(new_ifaces); struct iface_rec *iface, *tmp_iface; struct node_rec *rec, *tmp_rec; int rc = 0; - INIT_LIST_HEAD(&targets); - INIT_LIST_HEAD(&rec_list); - INIT_LIST_HEAD(&new_ifaces); /* * compat: if the user did not pass any op then we do all * ops for them @@ -2971,13 +2967,11 @@ static int exec_fw_op(discovery_rec_t *drec, struct list_head *ifaces, int info_level, int do_login, int op) { struct boot_context *context; - struct list_head targets, rec_list; + LIST_HEAD(targets); + LIST_HEAD(rec_list); struct node_rec *rec; int rc = 0; - INIT_LIST_HEAD(&targets); - INIT_LIST_HEAD(&rec_list); - if (drec) return exec_fw_disc_op(drec, ifaces, info_level, do_login, op); @@ -3531,13 +3525,13 @@ main(int argc, char **argv) int timeout = ISCSID_REQ_TIMEOUT; struct sigaction sa_old; struct sigaction sa_new; - struct list_head ifaces; + LIST_HEAD(ifaces); struct iface_rec *iface = NULL, *tmp; struct node_rec *rec = NULL; uint64_t host_no = (uint64_t)MAX_HOST_NO + 1; uint64_t index = ULLONG_MAX; struct user_param *param; - struct list_head params; + LIST_HEAD(params); struct iscsi_context *ctx = NULL; int librc = LIBISCSI_OK; struct iscsi_session **ses = NULL; @@ -3550,8 +3544,6 @@ main(int argc, char **argv) goto out; } - INIT_LIST_HEAD(¶ms); - INIT_LIST_HEAD(&ifaces); /* do not allow ctrl-c for now... */ memset(&sa_old, 0, sizeof(struct sigaction)); memset(&sa_new, 0, sizeof(struct sigaction)); diff --git a/usr/iscsid_req.c b/usr/iscsid_req.c index b6940db..d872eb7 100644 --- a/usr/iscsid_req.c +++ b/usr/iscsid_req.c @@ -55,6 +55,8 @@ static void iscsid_startup(void) if (system(startup_cmd) < 0) log_error("Could not execute '%s' (err %d)", startup_cmd, errno); + + free(startup_cmd); } #define MAXSLEEP 128 @@ -95,6 +97,8 @@ static int ipc_connect(int *fd, char *unix_sock_name, int start_iscsid) if (nsec <= MAXSLEEP/2) sleep(nsec); } + close(*fd); + *fd = -1; log_error("can not connect to iSCSI daemon (%d)!", errno); return ISCSI_ERR_ISCSID_NOTCONN; } diff --git a/usr/sysfs.c b/usr/sysfs.c index 48f3825..2488160 100644 --- a/usr/sysfs.c +++ b/usr/sysfs.c @@ -134,7 +134,7 @@ int sysfs_resolve_link(char *devpath, size_t size) strlcpy(link_path, sysfs_path, sizeof(link_path)); strlcat(link_path, devpath, sizeof(link_path)); - len = readlink(link_path, link_target, sizeof(link_target)); + len = readlink(link_path, link_target, sizeof(link_target) - 1); if (len <= 0) return -1; link_target[len] = '\0'; @@ -225,7 +225,7 @@ struct sysfs_device *sysfs_device_get(const char *devpath) strlcpy(link_path, sysfs_path, sizeof(link_path)); strlcat(link_path, dev->devpath, sizeof(link_path)); strlcat(link_path, "/subsystem", sizeof(link_path)); - len = readlink(link_path, link_target, sizeof(link_target)); + len = readlink(link_path, link_target, sizeof(link_target) - 1); if (len > 0) { /* get subsystem from "subsystem" link */ link_target[len] = '\0'; @@ -255,7 +255,7 @@ struct sysfs_device *sysfs_device_get(const char *devpath) strlcpy(link_path, sysfs_path, sizeof(link_path)); strlcat(link_path, dev->devpath, sizeof(link_path)); strlcat(link_path, "/driver", sizeof(link_path)); - len = readlink(link_path, link_target, sizeof(link_target)); + len = readlink(link_path, link_target, sizeof(link_target) - 1); if (len > 0) { link_target[len] = '\0'; dbg("driver link '%s' points to '%s'", link_path, link_target); @@ -363,7 +363,7 @@ char *sysfs_attr_get_value(const char *devpath, const char *attr_name) int len; const char *pos; - len = readlink(path_full, link_target, sizeof(link_target)); + len = readlink(path_full, link_target, sizeof(link_target) - 1); if (len > 0) { link_target[len] = '\0'; pos = strrchr(link_target, '/'); diff --git a/utils/fwparam_ibft/fwparam_ppc.c b/utils/fwparam_ibft/fwparam_ppc.c index 71fa98d..429d45c 100644 --- a/utils/fwparam_ibft/fwparam_ppc.c +++ b/utils/fwparam_ibft/fwparam_ppc.c @@ -132,6 +132,7 @@ static int locate_mac(const char *devtree, struct ofw_dev *ofwdev) error = errno; fprintf(stderr, "%s: open %s, %s\n", __func__, mac_file, strerror(errno)); + free(mac_file); goto lpm_bail; } @@ -140,12 +141,10 @@ static int locate_mac(const char *devtree, struct ofw_dev *ofwdev) error = EIO; fprintf(stderr, "%s: read %s, %s\n", __func__, mac_file, strerror(errno)); - goto lpm_bail; } free(mac_file); close(mac_fd); - lpm_bail: return error; } @@ -483,7 +482,6 @@ int fwparam_ppc_boot_info(struct boot_context *context) if (!error) error = locate_mac(devtree, ofwdevs[0]); if (!error) { - context = calloc(1, sizeof(*context)); if (!context) error = ISCSI_ERR_NOMEM; else diff --git a/utils/iscsi-iname.c b/utils/iscsi-iname.c index 6347edc..da850dc 100644 --- a/utils/iscsi-iname.c +++ b/utils/iscsi-iname.c @@ -36,10 +36,13 @@ #define RANDOM_NUM_GENERATOR "/dev/urandom" +/* iSCSI names have a maximum length of 223 characters, we reserve 13 to append + * a seperator and 12 characters (6 random bytes in hex representation) */ +#define PREFIX_MAX_LEN 210 + int main(int argc, char *argv[]) { - char iname[256]; struct timeval time; struct utsname system_info; long hostid; @@ -52,7 +55,6 @@ main(int argc, char *argv[]) char *prefix; /* initialize */ - memset(iname, 0, sizeof (iname)); memset(digest, 0, sizeof (digest)); memset(&context, 0, sizeof (context)); MD5Init(&context); @@ -67,13 +69,18 @@ main(int argc, char *argv[]) exit(0); } else if ( strcmp(prefix, "-p") == 0 ) { prefix = argv[2]; + if (strnlen(prefix, PREFIX_MAX_LEN + 1) > PREFIX_MAX_LEN) { + printf("Error: Prefix cannot exceed %d " + "characters.\n", PREFIX_MAX_LEN); + exit(1); + } } else { printf("\nUsage: iscsi-iname [-h | --help | " "-p <prefix>]\n"); exit(0); } } else { - prefix = "iqn.2005-03.org.open-iscsi"; + prefix = "iqn.2016-04.com.open-iscsi"; } /* try to feed some entropy from the pool to MD5 in order to get @@ -132,10 +139,7 @@ main(int argc, char *argv[]) } /* print the prefix followed by 6 bytes of the MD5 hash */ - sprintf(iname, "%s:%x%x%x%x%x%x", prefix, + printf("%s:%x%x%x%x%x%x\n", prefix, bytes[0], bytes[1], bytes[2], bytes[3], bytes[4], bytes[5]); - - iname[sizeof (iname) - 1] = '\0'; - printf("%s\n", iname); return 0; } |