[Fix] Fix couple of issues

Found by: Coverity

diff --git a/src/controller.c b/src/controller.c
index 25eb54db8a20ac36c6d4faac0925ac90c18e8e84..48c89c4084976a964e88ac4f6253cbd436e89bf7 100644 (file)
--- a/src/controller.c
+++ b/src/controller.c
@@ -1276,7 +1276,7 @@ rspamd_controller_handle_graph (
        k = 0;
 
        /* Create window */
-       step = (rrd_result->rra_rows / desired_points + 0.5);
+       step = ceil (((gdouble)rrd_result->rra_rows) / desired_points);
        g_assert (step >= 1);
        acc = g_malloc0 (sizeof (double) * rrd_result->ds_count * step);
 
@@ -1996,15 +1996,22 @@ rspamd_controller_handle_saveactions (
        }
 
        parser = ucl_parser_new (0);
-       ucl_parser_add_chunk (parser, msg->body_buf.begin, msg->body_buf.len);
+       if (!ucl_parser_add_chunk (parser, msg->body_buf.begin, msg->body_buf.len)) {
+               if ((error = ucl_parser_get_error (parser)) != NULL) {
+                       msg_err_session ("cannot parse input: %s", error);
+                       rspamd_controller_send_error (conn_ent, 400, "Cannot parse input");
+                       ucl_parser_free (parser);
+                       return 0;
+               }
 
-       if ((error = ucl_parser_get_error (parser)) != NULL) {
-               msg_err_session ("cannot parse input: %s", error);
+               msg_err_session ("cannot parse input: unknown error");
                rspamd_controller_send_error (conn_ent, 400, "Cannot parse input");
                ucl_parser_free (parser);
                return 0;
        }
 
+
+
        obj = ucl_parser_get_object (parser);
        ucl_parser_free (parser);
 
@@ -2110,10 +2117,15 @@ rspamd_controller_handle_savesymbols (
        }
 
        parser = ucl_parser_new (0);
-       ucl_parser_add_chunk (parser, msg->body_buf.begin, msg->body_buf.len);
+       if (!ucl_parser_add_chunk (parser, msg->body_buf.begin, msg->body_buf.len)) {
+               if ((error = ucl_parser_get_error (parser)) != NULL) {
+                       msg_err_session ("cannot parse input: %s", error);
+                       rspamd_controller_send_error (conn_ent, 400, "Cannot parse input");
+                       ucl_parser_free (parser);
+                       return 0;
+               }
 
-       if ((error = ucl_parser_get_error (parser)) != NULL) {
-               msg_err_session ("cannot parse input: %s", error);
+               msg_err_session ("cannot parse input: unknown error");
                rspamd_controller_send_error (conn_ent, 400, "Cannot parse input");
                ucl_parser_free (parser);
                return 0;

diff --git a/src/fuzzy_storage.c b/src/fuzzy_storage.c
index 3e2c00f749479891d31e01f5c1b4eb314a767035..94dfa906c025ffa4de6302b2309da4f99b232459 100644 (file)
--- a/src/fuzzy_storage.c
+++ b/src/fuzzy_storage.c
@@ -1080,7 +1080,7 @@ rspamd_fuzzy_mirror_process_update (struct fuzzy_master_update_session *session,
         */
        p = rspamd_http_message_get_body (msg, &remain);
 
-       if (remain > sizeof (gint32) * 2) {
+       if (p && remain > sizeof (gint32) * 2) {
                memcpy (&revision, p, sizeof (gint32));
                revision = GINT32_TO_LE (revision);
 
@@ -1322,6 +1322,7 @@ rspamd_fuzzy_mirror_finish_handler (struct rspamd_http_connection *conn,
                if (!rspamd_http_message_get_body (msg, NULL) || !msg->url
                                || msg->url->len == 0) {
                        msg_err_fuzzy_update ("empty update message, not processing");
+                       err_str = "Empty update";
 
                        goto end;
                }
@@ -1883,18 +1884,15 @@ fuzzy_storage_parse_mirror (rspamd_mempool_t *pool,
        return TRUE;
 
 err:
+       g_free (up->name);
+       rspamd_upstreams_destroy (up->u);
 
-       if (up) {
-               g_free (up->name);
-               rspamd_upstreams_destroy (up->u);
-
-               if (up->key) {
-                       rspamd_pubkey_unref (up->key);
-               }
-
-               g_slice_free1 (sizeof (*up), up);
+       if (up->key) {
+               rspamd_pubkey_unref (up->key);
        }
 
+       g_slice_free1 (sizeof (*up), up);
+
        return FALSE;
 }
 

diff --git a/src/libmime/archives.c b/src/libmime/archives.c
index c78b8c97684095e06fad780d095ef745244ffbed..4187e86fa3394ba36e773e2294df850edff6c8b0 100644 (file)
--- a/src/libmime/archives.c
+++ b/src/libmime/archives.c
@@ -244,7 +244,7 @@ rspamd_archive_rar_read_vint (const guchar *start, gsize remain, guint64 *res)
                msg_debug_task ("rar archive is invalid (bad int32)"); \
                return; \
        } \
-       n = p[0] + (p[1] << 8) + (p[2] << 16) + (p[3] << 24); \
+       n = (guint)p[0] + ((guint)p[1] << 8) + ((guint)p[2] << 16) + ((guint)p[3] << 24); \
        p += sizeof (guint32); \
 } while (0)
 

diff --git a/src/libmime/content_type.c b/src/libmime/content_type.c
index 9f37a8782fcd00903cb062e7cf54f6de01538250..ba4807e0fb6902e6a53039799698c803ad9a7626 100644 (file)
--- a/src/libmime/content_type.c
+++ b/src/libmime/content_type.c
@@ -184,12 +184,13 @@ rspamd_content_disposition_add_param (rspamd_mempool_t *pool,
        nparam->name.len = name_end - name_start;
        decoded = rspamd_mime_header_decode (pool, value_start, value_end - value_start);
        RSPAMD_FTOK_FROM_STR (&nparam->value, decoded);
-       DL_APPEND (found, nparam);
 
        if (!found) {
                g_hash_table_insert (cd->attrs, &nparam->name, nparam);
        }
 
+       DL_APPEND (found, nparam);
+
        srch.begin = "filename";
        srch.len = 8;
 

diff --git a/src/libmime/message.c b/src/libmime/message.c
index eba213898512790379cc37b7ee7f70abceb27462..6692c76e224792360ac38c70ef10976aa522fa5e 100644 (file)
--- a/src/libmime/message.c
+++ b/src/libmime/message.c
@@ -692,7 +692,7 @@ rspamd_message_parse (struct rspamd_task *task)
        rspamd_images_process (task);
        rspamd_archives_process (task);
 
-       if (task->received && task->received->len > 0) {
+       if (task->received->len > 0) {
                gboolean need_recv_correction = FALSE;
                rspamd_inet_addr_t *raddr;
 

diff --git a/src/libserver/dns.c b/src/libserver/dns.c
index b6a38dab076a67bc991489c6b8f3252f46c11150..5d662d8353de43db4743727807499cc5e4e16be7 100644 (file)
--- a/src/libserver/dns.c
+++ b/src/libserver/dns.c
@@ -257,8 +257,8 @@ dns_resolver_init (rspamd_logger_t *logger,
        if (cfg == NULL || cfg->nameservers == NULL) {
                /* Parse resolv.conf */
                if (!rdns_resolver_parse_resolv_conf (dns_resolver->r, "/etc/resolv.conf")) {
-                       msg_err_config (
-                               "cannot parse resolv.conf and no nameservers defined, so no ways to resolve addresses");
+                       msg_err ("cannot parse resolv.conf and no nameservers defined, "
+                                       "so no ways to resolve addresses");
                        rdns_resolver_release (dns_resolver->r);
                        dns_resolver->r = NULL;
 

diff --git a/src/libstat/backends/redis_backend.c b/src/libstat/backends/redis_backend.c
index b747fd75f3a06435d485d1d69a080b99e158da5f..d5df2234e953de88fa1c1ed0f03955e541954344 100644 (file)
--- a/src/libstat/backends/redis_backend.c
+++ b/src/libstat/backends/redis_backend.c
@@ -126,9 +126,7 @@ rspamd_redis_expand_object (const gchar *pattern,
        g_assert (ctx != NULL);
        stcf = ctx->stcf;
 
-       if (task) {
-               L = task->cfg->lua_state;
-       }
+       L = task->cfg->lua_state;
 
        if (ctx->enable_users) {
                if (ctx->cbref_user == -1) {

diff --git a/src/libutil/addr.c b/src/libutil/addr.c
index 728189068824b48da8643619b91e0bbbcb048295..c72727c38886a60efe139a3ecc64de54a17e18f0 100644 (file)
--- a/src/libutil/addr.c
+++ b/src/libutil/addr.c
@@ -1341,7 +1341,7 @@ rspamd_inet_address_apply_mask (rspamd_inet_addr_t *addr, guint mask)
                        p += 3;
 
                        for (;;) {
-                               if (mask > 32) {
+                               if (mask >= 32) {
                                        mask -= 32;
                                        *p = 0;
                                }

diff --git a/src/libutil/map.c b/src/libutil/map.c
index 361abcee4ab2a90a20c6a92f0d434847c7e5ee3b..3794cfcfaf8b08fe7722f1b022ef04681438e7a7 100644 (file)
--- a/src/libutil/map.c
+++ b/src/libutil/map.c
@@ -1465,10 +1465,6 @@ err:
                g_slice_free1 (sizeof (*hdata), hdata);
        }
 
-       if (fdata) {
-               g_slice_free1 (sizeof (*fdata), fdata);
-       }
-
        return NULL;
 }
 

diff --git a/src/libutil/sqlite_utils.c b/src/libutil/sqlite_utils.c
index 9686d221a0f7603f2b1521bd147996aca9debf3c..7da003fa5738eedc930b6738ed24832cc86eef7d 100644 (file)
--- a/src/libutil/sqlite_utils.c
+++ b/src/libutil/sqlite_utils.c
@@ -220,7 +220,6 @@ rspamd_sqlite3_wait (rspamd_mempool_t *pool, const gchar *lock)
                        return FALSE;
                }
                if (nanosleep (&sleep_ts, NULL) == -1 && errno != EINTR) {
-                       close (fd);
                        msg_err_pool_check ("cannot sleep open lock file %s: %s", lock,
                                        strerror (errno));
 

diff --git a/src/lua/lua_cryptobox.c b/src/lua/lua_cryptobox.c
index 94dec34f5fbe73aa0023e1e1b62fd0e528d50d47..534ffc0e5621997e11c3b5a9f535b9d3b25f4154 100644 (file)
--- a/src/lua/lua_cryptobox.c
+++ b/src/lua/lua_cryptobox.c
@@ -1131,6 +1131,10 @@ lua_cryptobox_verify_file (lua_State *L)
                }
        }
        else {
+               if (map != NULL) {
+                       munmap (map, len);
+               }
+
                return luaL_error (L, "invalid arguments");
        }
 

diff --git a/src/lua/lua_fann.c b/src/lua/lua_fann.c
index ba57b414aac32f782b1ec875f0208eac7721b712..884a40293bf102d3cb1163ccaac1de660291f476 100644 (file)
--- a/src/lua/lua_fann.c
+++ b/src/lua/lua_fann.c
@@ -213,6 +213,8 @@ rspamd_fann_create_train (guint num_data, guint num_input, guint num_output)
        fann_type *inp, *outp;
        guint i;
 
+       g_assert (num_data > 0 && num_input > 0 && num_output > 0);
+
        t = calloc (1, sizeof (*t));
        g_assert (t != NULL);
 

diff --git a/src/lua/lua_html.c b/src/lua/lua_html.c
index 0fdd61929652d2e3df5156a9c65baeb559723a3a..0ec5613387dee1ec4b819c7a94cee215a43639bf 100644 (file)
--- a/src/lua/lua_html.c
+++ b/src/lua/lua_html.c
@@ -374,9 +374,9 @@ lua_html_get_blocks (lua_State *L)
        guint i;
 
        if (hc != NULL) {
-               lua_createtable (L, hc->blocks->len, 0);
-
                if (hc->blocks && hc->blocks->len > 0) {
+                       lua_createtable (L, hc->blocks->len, 0);
+
                        for (i = 0; i < hc->blocks->len; i ++) {
                                bl = g_ptr_array_index (hc->blocks, i);
                                lua_html_push_block (L, bl);

diff --git a/src/lua/lua_map.c b/src/lua/lua_map.c
index 1ed4aff7d02fdc458e96fefa9c31b887e58fc704..f4d3a6b88025d744783ad3969b7cdc675fb7d675 100644 (file)
--- a/src/lua/lua_map.c
+++ b/src/lua/lua_map.c
@@ -356,8 +356,9 @@ lua_map_fin (struct map_cb_data *data)
                        lua_pop (cbdata->L, 1);
                }
        }
-
-       cbdata->data = rspamd_fstring_assign (cbdata->data, "", 0);
+       else if (cbdata->data != NULL) {
+               cbdata->data = rspamd_fstring_assign (cbdata->data, "", 0);
+       }
 }
 
 gint

diff --git a/src/lua/lua_redis.c b/src/lua/lua_redis.c
index 2307db835f0b3802bd396f21fe557023bc6ad4c5..acb355faaf60e52c9dc3b188b1b43adfe88c1703 100644 (file)
--- a/src/lua/lua_redis.c
+++ b/src/lua/lua_redis.c
@@ -533,6 +533,7 @@ rspamd_lua_redis_prepare_connection (lua_State *L, gint *pcbref)
 
        if (lua_istable (L, 1)) {
                /* Table version */
+               lua_pushvalue (L, 1);
                lua_pushstring (L, "task");
                lua_gettable (L, -2);
                if (lua_type (L, -1) == LUA_TUSERDATA) {
@@ -621,6 +622,7 @@ rspamd_lua_redis_prepare_connection (lua_State *L, gint *pcbref)
                        dbname = lua_tostring (L, -1);
                }
                lua_pop (L, 1);
+               lua_pop (L, 1); /* table */
 
 
                if (ret && addr != NULL) {
@@ -817,6 +819,7 @@ lua_redis_make_request_sync (lua_State *L)
        redisReply *r;
 
        if (lua_istable (L, 1)) {
+               lua_pushvalue (L, 1);
 
                lua_pushstring (L, "cmd");
                lua_gettable (L, -2);
@@ -848,9 +851,13 @@ lua_redis_make_request_sync (lua_State *L)
                }
                lua_pop (L, 1);
 
-               lua_pushstring (L, "args");
-               lua_gettable (L, -2);
-               lua_redis_parse_args (L, -1, cmd, &args, &arglens, &nargs);
+               if (cmd) {
+                       lua_pushstring (L, "args");
+                       lua_gettable (L, -2);
+                       lua_redis_parse_args (L, -1, cmd, &args, &arglens, &nargs);
+                       lua_pop (L, 1);
+               }
+
                lua_pop (L, 1);
 
                if (addr && cmd) {
@@ -928,7 +935,6 @@ lua_redis_connect (lua_State *L)
        struct lua_redis_userdata *ud;
        struct lua_redis_ctx *ctx, **pctx;
        gdouble timeout = REDIS_DEFAULT_TIMEOUT;
-       gboolean ret = FALSE;
 
        ctx = rspamd_lua_redis_prepare_connection (L, NULL);
 
@@ -936,10 +942,11 @@ lua_redis_connect (lua_State *L)
                ud = &ctx->d.async;
 
                lua_pushstring (L, "timeout");
-               lua_gettable (L, -2);
+               lua_gettable (L, 1);
                if (lua_type (L, -1) == LUA_TNUMBER) {
                        timeout = lua_tonumber (L, -1);
                }
+
                lua_pop (L, 1);
                ud->timeout = timeout;
        }
@@ -950,14 +957,9 @@ lua_redis_connect (lua_State *L)
                return 2;
        }
 
-       if (ret) {
-               pctx = lua_newuserdata (L, sizeof (ctx));
-               *pctx = ctx;
-               rspamd_lua_setclass (L, "rspamd{redis}", -1);
-       }
-       else {
-               lua_pushnil (L);
-       }
+       pctx = lua_newuserdata (L, sizeof (ctx));
+       *pctx = ctx;
+       rspamd_lua_setclass (L, "rspamd{redis}", -1);
 
        return 1;
 }

diff --git a/src/lua/lua_trie.c b/src/lua/lua_trie.c
index 0531197a2132caf1477e98c95cf9a7b74e274e51..5911842b9fa6c85d1b51015951bf77a64a1b2bca 100644 (file)
--- a/src/lua/lua_trie.c
+++ b/src/lua/lua_trie.c
@@ -256,7 +256,7 @@ lua_trie_search_mime (lua_State *L)
        gsize len, i;
        gboolean found = FALSE;
 
-       if (trie) {
+       if (trie && task) {
                for (i = 0; i < task->text_parts->len; i ++) {
                        part = g_ptr_array_index (task->text_parts, i);
 
@@ -292,7 +292,7 @@ lua_trie_search_rawmsg (lua_State *L)
        gsize len;
        gboolean found = FALSE;
 
-       if (trie) {
+       if (trie && task) {
                text = task->msg.begin;
                len = task->msg.len;
 
@@ -322,7 +322,7 @@ lua_trie_search_rawbody (lua_State *L)
        gsize len;
        gboolean found = FALSE;
 
-       if (trie) {
+       if (trie && task) {
                if (task->raw_headers_content.len > 0) {
                        text = task->msg.begin + task->raw_headers_content.len;
                        len = task->msg.len - task->raw_headers_content.len;