diff options
| author | Andrew Moss <1043609+amoss@users.noreply.github.com> | 2020-04-03 12:35:00 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-04-03 12:35:00 +0200 |
| commit | 844a2d4e03ffd7406665cc73c49b5a4f750616f3 (patch) | |
| tree | d7a3e84c109b16f93514df5820e055c759c5e57e /aclk | |
| parent | c7d8aecfe9675b04ae5acaa84539baec46dd3d2a (diff) | |
Fix Coverity defects (#8579)
Fix Coverity CID355287 and CID355289: technically it is a false-positive but it is easier to put a pattern in the code that they can recognise as a sanitizer. The compiler will remove it during optimization. Fix CID353973: the security condition is unlikely to occur but we can avoid it completely. Fix resource leak from CID 355286 and CID 355288. Fixing new resource leak introduced by a previous commit (CID355449)
Diffstat (limited to 'aclk')
| -rw-r--r-- | aclk/aclk_common.c | 2 | ||||
| -rw-r--r-- | aclk/aclk_lws_https_client.c | 1 | ||||
| -rw-r--r-- | aclk/agent_cloud_link.c | 25 |
3 files changed, 8 insertions, 20 deletions
diff --git a/aclk/aclk_common.c b/aclk/aclk_common.c index ccd527f101..9f64567b18 100644 --- a/aclk/aclk_common.c +++ b/aclk/aclk_common.c @@ -42,7 +42,7 @@ ACLK_PROXY_TYPE aclk_verify_proxy(const char *string) if (!string) return PROXY_TYPE_UNKNOWN; - while (*string == 0x20) + while (*string == 0x20 && *string!=0) // Help coverity (compiler will remove) string++; if (!*string) diff --git a/aclk/aclk_lws_https_client.c b/aclk/aclk_lws_https_client.c index 500292ac5d..cd17625232 100644 --- a/aclk/aclk_lws_https_client.c +++ b/aclk/aclk_lws_https_client.c @@ -176,6 +176,7 @@ int aclk_send_https_request(char *method, char *host, char *port, char *url, cha context = lws_create_context(&info); if (!context) { error("Error creating LWS context"); + freez(data); return 1; } diff --git a/aclk/agent_cloud_link.c b/aclk/agent_cloud_link.c index a4e2896e4f..1adaf6bcce 100644 --- a/aclk/agent_cloud_link.c +++ b/aclk/agent_cloud_link.c @@ -146,29 +146,16 @@ int cloud_to_agent_parse(JSON_ENTRY *e) static RSA *aclk_private_key = NULL; static int create_private_key() { - char filename[FILENAME_MAX + 1]; struct stat statbuf; + char filename[FILENAME_MAX + 1]; snprintfz(filename, FILENAME_MAX, "%s/claim.d/private.pem", netdata_configured_user_config_dir); - if (lstat(filename, &statbuf) != 0) { - error("Claimed agent cannot establish ACLK - private key not found '%s' failed.", filename); + long bytes_read; + char *private_key = read_by_filename(filename, &bytes_read); + if (!private_key) { + error("Claimed agent cannot establish ACLK - unable to load private key '%s' failed.", filename); return 1; } - if (unlikely(statbuf.st_size == 0)) { - info("Claimed agent cannot establish ACLK - private key '%s' is empty.", filename); - return 1; - } - - FILE *f = fopen(filename, "rt"); - if (unlikely(f == NULL)) { - error("Claimed agent cannot establish ACLK - unable to open private key '%s'.", filename); - return 1; - } - - char *private_key = callocz(1, statbuf.st_size + 1); - size_t bytes_read = fread(private_key, 1, statbuf.st_size, f); - private_key[bytes_read] = 0; - debug(D_ACLK, "Claimed agent loaded private key len=%zu bytes", bytes_read); - fclose(f); + debug(D_ACLK, "Claimed agent loaded private key len=%ld bytes", bytes_read); BIO *key_bio = BIO_new_mem_buf(private_key, -1); if (key_bio==NULL) { |