From e4a94ad5d4ea8e5663f1e5d71669317b16105945 Mon Sep 17 00:00:00 2001 From: Vladis Dronov Date: Sat, 12 Jun 2021 13:11:19 +0200 Subject: Fix minor possibilities of using a NULL pointer Fix the following covscan warnings by performing a check for a NULL: 1) Add a check for NULL to message_entsrc macro: Error: GCC_ANALYZER_WARNING (CWE-688): rng-tools-6.12/rngd_rdrand.c: scope_hint: In function 'init_drng_entropy_source' rng-tools-6.12/rngd.h:186:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL '____buf' where non-null expected /usr/include/stdio.h:334:12: note: argument 1 of 'sprintf' must be non-null 184| size_t ____neededmsg = snprintf(NULL, 0, fmt, ##args) + 1; \ 185| char *____buf = malloc(____neededpfx + ____neededmsg); \ 186|-> sprintf(____buf, "[%-6s]: " fmt, src->rng_sname, ##args); \ 2) Move memset() in xread_tpm() to a proper place: Error: NULL_RETURNS (CWE-476): [#def3] rng-tools-6.12/rngd_entsource.c:96: returned_null: "malloc" returns "NULL" (checked 89 out of 95 times). rng-tools-6.12/rngd_entsource.c:96: var_assigned: Assigning: "temp_buf" = "NULL" return value from "malloc". rng-tools-6.12/rngd_entsource.c:97: dereference: Dereferencing a pointer that might be "NULL" "temp_buf" when calling "memset". 96| temp_buf = (unsigned char *) malloc(size + TPM_GET_RNG_OVERHEAD); 97|-> memset(temp_buf, 0, (size+TPM_GET_RNG_OVERHEAD)); 98| if (temp_buf == NULL) { Signed-off-by: Vladis Dronov --- rngd.h | 8 +++++--- rngd_entsource.c | 3 ++- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/rngd.h b/rngd.h index 6208b95..7d65f3c 100644 --- a/rngd.h +++ b/rngd.h @@ -184,9 +184,11 @@ extern bool quiet; size_t ____neededpfx = snprintf(NULL, 0, "[%-6s]: ", src->rng_sname); \ size_t ____neededmsg = snprintf(NULL, 0, fmt, ##args) + 1; \ char *____buf = malloc(____neededpfx + ____neededmsg); \ - sprintf(____buf, "[%-6s]: " fmt, src->rng_sname, ##args); \ - message(priority, "%s", ____buf); \ - free(____buf); \ + if (____buf) { \ + sprintf(____buf, "[%-6s]: " fmt, src->rng_sname, ##args); \ + message(priority, "%s", ____buf); \ + free(____buf); \ + } \ } while (0) extern bool do_reseed; diff --git a/rngd_entsource.c b/rngd_entsource.c index e5b7d43..b7ebd15 100644 --- a/rngd_entsource.c +++ b/rngd_entsource.c @@ -94,12 +94,13 @@ int xread_tpm(void *buf, size_t size, struct rng *ent_src) } temp_buf = (unsigned char *) malloc(size + TPM_GET_RNG_OVERHEAD); - memset(temp_buf, 0, (size+TPM_GET_RNG_OVERHEAD)); if (temp_buf == NULL) { message_entsrc(ent_src,LOG_ERR|LOG_INFO,"No memory for TPM buffer\n"); close(ent_src->rng_fd); return -1; } + memset(temp_buf, 0, (size+TPM_GET_RNG_OVERHEAD)); + /* 32 bits has been reserved for random byte size */ rng_cmd[13] = (unsigned char)(size & 0xFF); rng_cmd[12] = (unsigned char)((size >> 8) & 0xFF); -- 2.26.3