From 2d244c6b5aea8f1a8e70307540d9d95b8111a242 Mon Sep 17 00:00:00 2001
From: Vladis Dronov <vdronov@redhat.com>
Date: Mon, 14 Jun 2021 14:04:27 +0200
Subject: Small bug and warning fixes per covscan report

- Fix a strncpy() bug.

- Remove unused variables.

- A small formatting fix.

- Fix signedness warnings.

- Add parenthesis to definitions of CHUNK_SIZE.

- Adjust default_watermark() so wm is set to a default value in all cases.
  Also add logging the same way it was done in init_kernel_rng().

Signed-off-by: Vladis Dronov <vdronov@redhat.com>
---
 rngd_darn.c   |  4 ++--
 rngd_jitter.c |  3 +--
 rngd_linux.c  | 31 ++++++++++++++++++++++---------
 rngd_rdrand.c |  2 --
 rngd_rndr.c   |  2 +-
 rngd_rtlsdr.c |  6 +++---
 stats.c       |  2 +-
 7 files changed, 30 insertions(+), 20 deletions(-)

diff --git a/rngd_darn.c b/rngd_darn.c
index bc8edec..5254195 100644
--- a/rngd_darn.c
+++ b/rngd_darn.c
@@ -46,9 +46,9 @@ static uint64_t get_darn();
 static int refill_rand(struct rng *ent_src, bool allow_reinit);
 static size_t copy_avail_rand_to_buf(unsigned char *buf, size_t size, size_t copied);
 
-#define CHUNK_SIZE AES_BLOCK * 8
+#define CHUNK_SIZE		(AES_BLOCK*8)
 #define RDRAND_ROUNDS		512		/* 512:1 data reduction */
-#define THRESH_BITS 14
+#define THRESH_BITS		14
 
 /* ossl AES context */
 static struct ossl_aes_ctx *ossl_ctx;
diff --git a/rngd_jitter.c b/rngd_jitter.c
index b68c791..7403c02 100644
--- a/rngd_jitter.c
+++ b/rngd_jitter.c
@@ -128,7 +128,7 @@ int pipefds[2];
 
 unsigned char *aes_buf;
 
-static char key[AES_BLOCK];
+static unsigned char key[AES_BLOCK];
 static unsigned char iv_buf[CHUNK_SIZE] __attribute__((aligned(128)));
 static struct ossl_aes_ctx *ossl_ctx;
 
@@ -322,7 +322,6 @@ int validate_jitter_options(struct rng *ent_src)
 	int delay = ent_src->rng_options[JITTER_OPT_RETRY_DELAY].int_val;
 	int rcount = ent_src->rng_options[JITTER_OPT_RETRY_COUNT].int_val;
 	int soft_timer = ent_src->rng_options[JITTER_OPT_FORCE_INT_TIMER].int_val;
-	int num_threads = ent_src->rng_options[JITTER_OPT_THREADS].int_val;
 
 	/* Need at least one thread to do this work */
 	if (!threads) {
diff --git a/rngd_linux.c b/rngd_linux.c
index cf4fcdf..c52c62d 100644
--- a/rngd_linux.c
+++ b/rngd_linux.c
@@ -56,22 +56,35 @@ extern int kent_pool_size;
 /*
  * Get the default watermark
  */
+
+#define DEFAULT_WATERMARK_GUESS 4096
+
 int default_watermark(void)
 {
 	FILE *f;
-	unsigned int wm;	/* Default guess */
+	unsigned int wm;
 
 	f = fopen("/proc/sys/kernel/random/poolsize", "r");
-	if (!f)
+	if (!f) {
+		wm = DEFAULT_WATERMARK_GUESS;
+		message(LOG_DAEMON|LOG_ERR, "can't open /proc/sys/kernel/random/poolsize: %s",
+			strerror(errno));
 		goto err;
-	/*
-	 * Default to 4096 if fscanf fails
-	 */
-	if(fscanf(f,"%u", &wm) < 1)
-		wm = 4096;
+	}
+
+	/* Use DEFAULT_WATERMARK_GUESS if fscanf fails */
+	if(fscanf(f,"%u", &wm) < 1) {
+		wm = DEFAULT_WATERMARK_GUESS;
+		message(LOG_DAEMON|LOG_ERR, "can't read /proc/sys/kernel/random/poolsize: %s",
+			strerror(errno));
+	}
+
+err:
 	kent_pool_size = wm;
 	wm = wm*3/4;
-err:
+	message(LOG_DAEMON|LOG_ERR, "kernel entropy pool size: %d pool watermark: %d",
+		kent_pool_size, wm);
+
 	if (f)
 		fclose(f);
 	return wm;
@@ -153,7 +166,7 @@ int random_add_entropy(void *buf, size_t size)
 	} else
 		write(random_fd, buf, size);
 
-	return ent->ent_count; 
+	return ent->ent_count;
 
 }
 
diff --git a/rngd_rdrand.c b/rngd_rdrand.c
index cba27a9..caa9d05 100644
--- a/rngd_rdrand.c
+++ b/rngd_rdrand.c
@@ -243,8 +243,6 @@ int init_drng_entropy_source(struct rng *ent_src)
 	const uint32_t features_ebx7_rdseed = 1 << 18;
 	uint32_t max_cpuid_leaf;
 	unsigned char xkey[AES_BLOCK];	/* Material to XOR into the key */
-	int fd;
-	int i;
 
 	if (!x86_has_cpuid())
 		return 1;	/* No CPUID instruction */
diff --git a/rngd_rndr.c b/rngd_rndr.c
index 176ce90..79bf2ce 100644
--- a/rngd_rndr.c
+++ b/rngd_rndr.c
@@ -47,7 +47,7 @@ static struct ossl_aes_ctx *ossl_ctx;
 static unsigned char key[AES_BLOCK];
 static unsigned char iv_buf[AES_BLOCK];
 
-#define CHUNK_SIZE AES_BLOCK * 8
+#define CHUNK_SIZE (AES_BLOCK*8)
 static unsigned char aes_buf[CHUNK_SIZE];
 static size_t aes_buf_pos;
 #define REKEY_BITS 8
diff --git a/rngd_rtlsdr.c b/rngd_rtlsdr.c
index 949c8b0..5371905 100644
--- a/rngd_rtlsdr.c
+++ b/rngd_rtlsdr.c
@@ -21,12 +21,12 @@
 #include "rngd.h"
 #include "ossl_helpers.h"
 
-#define RAW_BUF_SZ	    4096
+#define RAW_BUF_SZ              4096
 
-#define CHUNK_SIZE	      (AES_BLOCK*8)   /* 8 parallel streams */
+#define CHUNK_SIZE              (AES_BLOCK*8)   /* 8 parallel streams */
 
 static rtlsdr_dev_t *radio = NULL;
-static char raw_buffera[RAW_BUF_SZ];
+static unsigned char raw_buffera[RAW_BUF_SZ];
 static int freq_min;
 static int freq_max;
 static int sample_min;
diff --git a/stats.c b/stats.c
index 5c4036a..a172a35 100644
--- a/stats.c
+++ b/stats.c
@@ -65,7 +65,7 @@ static void scale_mult_unit(char *unit, int unitsize,
 	if (mult)
 		snprintf(unit, unitsize, "%ci%s", multchar[mult-1], baseunit);
 	else
-		strncpy(unit, baseunit, unitsize);
+		strncpy(unit, baseunit, unitsize-1);
 }
 
 /* Computes elapsed time in microseconds */
-- 
2.26.3