From 1b94dd90f5a1c65df16ffe3b0619ce5dc0ca1f06 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 19:59:49 -0400
Subject: [PATCH 28/36] Fix errors found by coverity.

Signed-off-by: Peter Jones <pjones@redhat.com>
---
 src/actions.c        |  4 ++--
 src/cms_common.c     | 17 ++++++++++-------
 src/daemon.c         | 16 +++++++++++++++-
 src/password.c       |  1 +
 src/pesign_context.c |  4 +++-
 src/wincert.c        |  2 +-
 6 files changed, 32 insertions(+), 12 deletions(-)

diff --git a/src/actions.c b/src/actions.c
index 76a311c..9cf4f45 100644
--- a/src/actions.c
+++ b/src/actions.c
@@ -70,7 +70,7 @@ insert_signature(cms_context *cms, int signum)
 	if (signum != cms->num_signatures) {
 		memmove(cms->signatures[signum+1],
 			cms->signatures[signum],
-			sizeof(SECItem *) * (cms->num_signatures - signum));
+			sizeof(SECItem) * (cms->num_signatures - signum));
 	}
 	cms->signatures[signum] = sig;
 	cms->num_signatures++;
@@ -430,7 +430,7 @@ remove_signature(pesign_context *p_ctx)
 	if (p_ctx->signum != ctx->num_signatures - 1)
 		memmove(ctx->signatures[p_ctx->signum],
 			ctx->signatures[p_ctx->signum+1],
-			sizeof(SECItem *) *
+			sizeof(SECItem) *
 				(ctx->num_signatures - p_ctx->signum));
 
 	ctx->num_signatures--;
diff --git a/src/cms_common.c b/src/cms_common.c
index 6b3f5ec..898ddfb 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -598,16 +598,19 @@ generate_spc_string(cms_context *cms, SECItem *ssp, char *str, int len)
 	memset(&ss, '\0', sizeof (ss));
 
 	SECITEM_AllocItem(cms->arena, &ss.unicode, len);
-	if (!ss.unicode.data && len != 0) {
-		cms->log(cms, LOG_ERR, "could not allocate memory: %s",
-			PORT_ErrorToString(PORT_GetError()));
-		return -1;
+	if (len != 0) {
+		if (!ss.unicode.data) {
+			cms->log(cms, LOG_ERR, "could not allocate memory: %s",
+				PORT_ErrorToString(PORT_GetError()));
+			return -1;
+		}
+		
+		memcpy(ss.unicode.data, str, len);
 	}
-
-	memcpy(ss.unicode.data, str, len);
 	ss.unicode.type = siBMPString;
 
-	if (SEC_ASN1EncodeItem(cms->arena, ssp, &ss, SpcStringTemplate) == NULL) {
+	if (SEC_ASN1EncodeItem(cms->arena, ssp, &ss, SpcStringTemplate)
+			== NULL) {
 		cms->log(cms, LOG_ERR, "could not encode SpcString: %s",
 			PORT_ErrorToString(PORT_GetError()));
 		return -1;
diff --git a/src/daemon.c b/src/daemon.c
index df20763..7ad036c 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -134,7 +134,6 @@ handle_unlock_token(context *ctx, struct pollfd *pollfd, socklen_t size)
 	struct msghdr msg;
 	struct iovec iov;
 	ssize_t n;
-	char *buffer = malloc(size);
 
 	int rc = cms_context_alloc(&ctx->cms);
 	if (rc < 0) {
@@ -144,6 +143,7 @@ handle_unlock_token(context *ctx, struct pollfd *pollfd, socklen_t size)
 
 	steal_from_cms(ctx->backup_cms, ctx->cms);
 
+	char *buffer = malloc(size);
 	if (!buffer) {
 oom:
 		ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
@@ -792,6 +792,7 @@ check_socket(context *ctx)
 
 		rc = connect(sd, (struct sockaddr *)&addr_un, len);
 		if (rc < 0) {
+			close(sd);
 			unlink(SOCKPATH);
 			return;
 		}
@@ -800,6 +801,7 @@ check_socket(context *ctx)
 		socklen_t size = sizeof(remote);
 		rc = getpeername(sd, &remote, &size);
 		if (rc < 0) {
+			close(sd);
 			return;
 		} else {
 			fprintf(stderr, "already running");
@@ -913,6 +915,12 @@ daemonize(cms_context *cms_ctx, int do_fork)
 
 	if (do_fork) {
 		int fd = open("/dev/zero", O_RDONLY);
+		if (fd < 0) {
+			ctx.backup_cms->log(ctx.backup_cms,
+					ctx.priority|LOG_ERR,
+					"could not open /dev/zero: %m");
+			exit(1);
+		}
 		close(STDIN_FILENO);
 		rc = dup2(fd, STDIN_FILENO);
 		if (rc < 0) {
@@ -924,6 +932,12 @@ daemonize(cms_context *cms_ctx, int do_fork)
 		close(fd);
 
 		fd = open("/dev/null", O_WRONLY);
+		if (fd < 0) {
+			ctx.backup_cms->log(ctx.backup_cms,
+					ctx.priority|LOG_ERR,
+					"could not open /dev/null: %m");
+			exit(1);
+		}
 		close(STDOUT_FILENO);
 		rc = dup2(fd, STDOUT_FILENO);
 		if (rc < 0) {
diff --git a/src/password.c b/src/password.c
index 5ee15f8..100c584 100644
--- a/src/password.c
+++ b/src/password.c
@@ -114,6 +114,7 @@ SECU_GetPasswordString(void *arg, char *prompt)
 
     output = fopen(consoleName, "w");
     if (output == NULL) {
+	fclose(input);
 	fprintf(stderr, "Error opening output terminal for write\n");
 	return NULL;
     }
diff --git a/src/pesign_context.c b/src/pesign_context.c
index cbd929f..033e8de 100644
--- a/src/pesign_context.c
+++ b/src/pesign_context.c
@@ -38,8 +38,10 @@ pesign_context_new(pesign_context **ctx)
 		return -1;
 
 	rc = pesign_context_init(context);
-	if (rc < 0)
+	if (rc < 0) {
+		free(context);
 		return rc;
+	}
 	context->flags |= PESIGN_C_ALLOCATED;
 
 	*ctx = context;
diff --git a/src/wincert.c b/src/wincert.c
index b487dc5..4b5ba45 100644
--- a/src/wincert.c
+++ b/src/wincert.c
@@ -257,7 +257,7 @@ parse_signatures(cms_context *cms, Pe *pe)
 		if (rc <= 0)
 			break;
 
-		signatures[i] = calloc(1, sizeof (SECItem *));
+		signatures[i] = calloc(1, sizeof (SECItem));
 		if (!signatures[i])
 			goto err;
 
-- 
1.7.12.1