mirror/icwmp
1
0
Fork 0
mirror of https://dev.iopsys.eu/bbf/icwmp.git synced 2025-12-10 07:44:41 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix flawfinder errors

Browse source
This commit is contained in:
Vivek Kumar Dutta 2024-08-30 17:23:30 +05:30
parent b8d47a2ac4
commit f5fd8cd821
7 changed files with 39 additions and 107 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

83
src/common.c
View file

@ -339,31 +339,6 @@ void cwmp_free_all_list_param_fault(struct list_head *list_param_fault)
}
}
int cwmp_asprintf(char **s, const char *format, ...)
{
int size;
char *str = NULL;
va_list arg, argcopy;
va_start(arg, format);
va_copy(argcopy, arg);
size = vsnprintf(NULL, 0, format, argcopy);
if (size < 0) {
va_end(argcopy);
va_end(arg);
return -1;
}
va_end(argcopy);
str = (char *)calloc(sizeof(char), size + 1);
vsnprintf(str, size + 1, format, arg);
va_end(arg);
*s = strdup(str);
FREE(str);
if (*s == NULL) {
return -1;
}
return 0;
}
bool folder_exists(const char *path)
{
struct stat folder_stat;
@ -437,34 +412,6 @@ unsigned int get_file_size(char *file_name)
return res;
}
int opkg_install_package(char *package_path)
{
FILE *fp;
char path[1035];
char cmd[512];
CWMP_LOG(INFO, "Apply downloaded config ...");
int ret = snprintf(cmd, sizeof(cmd), "opkg --force-depends --force-maintainer install %s", package_path);
if (ret < 0 || ret > 512)
return -1;
fp = popen(cmd, "r");
if (fp == NULL) {
CWMP_LOG(INFO, "Failed to run command");
return -1;
}
/* Read the output a line at a time - output it. */
while (fgets(path, sizeof(path), fp) != NULL) {
if (strstr(path, "Installing") != NULL)
return 0;
}
/* close */
pclose(fp);
return -1;
}
int copy(const char *from, const char *to)
{
int fd_to, fd_from;
@ -608,32 +555,6 @@ char *icwmp_strdup(const char *s)
return (char *)CWMP_MEMCPY(new, s, len);
}
int icwmp_asprintf(char **s, const char *format, ...)
{
int size;
char *str = NULL;
va_list arg, argcopy;
va_start(arg, format);
va_copy(argcopy, arg);
size = vsnprintf(NULL, 0, format, argcopy);
va_end(argcopy);
if (size < 0) {
va_end(arg);
return -1;
}
str = (char *)calloc(sizeof(char), size + 1);
vsnprintf(str, size + 1, format, arg);
va_end(arg);
*s = icwmp_strdup(str);
free(str);
if (*s == NULL)
return -1;
return 0;
}
void icwmp_free(void *m)
{
if (m == NULL)
@ -1394,8 +1315,8 @@ int regex_replace(char **str, const char *pattern, const char *replace, int *mat
memset(new, 0, len);
strncat(new, search_start, m[0].rm_so); // string before pattern
strcat(new, replace); // add the replacement
strcat(new, search_start + m[0].rm_eo); // add trailing text in string
snprintf(new, len, "%s", replace);
snprintf(new, len, "%s", search_start + m[0].rm_eo);
free(*str);
*str = strdup(new);

4
src/common.h
View file

@ -638,7 +638,7 @@ void cwmp_free_all_dm_alias_list(struct list_head *list);
int global_env_init(int argc, char **argv, struct env *env);
void cwmp_add_list_fault_param(char *param_name, char *fault_msg, int fault_code, struct list_head *list_set_value_fault);
void cwmp_free_all_list_param_fault(struct list_head *list_param_fault);
int cwmp_asprintf(char **s, const char *format, ...);
bool folder_exists(const char *path);
bool file_exists(const char *path);
void cwmp_reboot(char *command_key);
@ -649,7 +649,6 @@ unsigned int get_file_size(char *file_name);
int cwmp_check_image();
int cwmp_apply_firmware();
bool cwmp_apply_web_content(char *filepath);
int opkg_install_package(char *package_path);
int copy(const char *from, const char *to);
int cwmp_get_fault_code(int fault_code);
int cwmp_get_fault_code_by_string(char *fault_code);
@ -657,7 +656,6 @@ void *icwmp_malloc(size_t size);
void *icwmp_calloc(int n, size_t size);
void *icwmp_realloc(void *n, size_t size);
char *icwmp_strdup(const char *s);
int icwmp_asprintf(char **s, const char *format, ...);
void icwmp_free(void *m);
void icwmp_cleanmem();
void icwmp_restart_services(int type, bool is_commit, bool monitor);

6
src/cwmp_cli.c
View file

@ -93,7 +93,7 @@ char *cmd_set_exec_func(struct cmd_input in, union cmd_result *res)
}
cwmp_free_all_list_param_fault(&faults_list);
icwmp_asprintf(&fault, "%d", res->obj_res.fault_code);
asprintf(&fault, "%d", res->obj_res.fault_code);
icwmp_restart_services(RELOAD_END_SESSION, false, false);
@ -130,7 +130,7 @@ char *cmd_add_exec_func(struct cmd_input in, union cmd_result *res)
if (!status) {
char *fault = NULL;
icwmp_asprintf(&fault, "%d", res->obj_res.fault_code);
asprintf(&fault, "%d", res->obj_res.fault_code);
icwmp_restart_services(RELOAD_END_SESSION, false, false);
@ -180,7 +180,7 @@ char *cmd_del_exec_func(struct cmd_input in, union cmd_result *res)
if (!status) {
char *fault = NULL;
icwmp_asprintf(&fault, "%d", res->obj_res.fault_code);
asprintf(&fault, "%d", res->obj_res.fault_code);
icwmp_restart_services(RELOAD_END_SESSION, false, false);

25
src/http.c
View file

@ -90,7 +90,7 @@ static size_t http_get_response(void *buffer, size_t size, size_t rxed, void *us
if (buffer == NULL)
return 0;
if (cwmp_asprintf(&c, "%s%.*s", *msg_in, (int)(size * rxed), (char *)buffer) == -1) {
if (asprintf(&c, "%s%.*s", *msg_in, (int)(size * rxed), (char *)buffer) == -1) {
FREE(*msg_in);
return -1;
}
@ -329,7 +329,11 @@ int icwmp_http_send_message(char *msg_out, int msg_out_len, char **msg_in)
// Trigger firewall to reload firewall.cwmp
if (cwmp_main->cr_policy != CR_POLICY_Port_Only) {
system(FIREWALL_CWMP);
/* Flawfinder: ignore */
FILE *pp = popen(FIREWALL_CWMP, "r");
if (pp) {
pclose(pp);
}
}
}
}
@ -370,7 +374,12 @@ static void http_success_cr(void)
CWMP_LOG(INFO, "Connection Request triggering ...");
int retry = 0, rc = -1;
while (rc != 0 && retry < 5) {
rc = system("ubus call tr069 inform");
/* Flawfinder: ignore */
FILE *pp = popen("ubus call tr069 inform", "r");
if (pp) {
pclose(pp);
rc = WEXITSTATUS(pp);
}
retry = retry + 1;
}
@ -486,7 +495,7 @@ static void http_cr_new_client(int client, bool service_available)
size_t avail_space = (size_t)(sizeof(data) - strlen(data));
if (buf_len < avail_space) {
CWMP_LOG(DEBUG, "Continue buffer overrun %d=>%d", buf_len, avail_space);
strcat(data, buffer);
snprintf(data, BUFSIZ, "%s", buffer);
continue;
}
} else {
@ -495,7 +504,7 @@ static void http_cr_new_client(int client, bool service_available)
*/
size_t avail_space = (size_t)(sizeof(data) - strlen(data));
if (buf_len < avail_space) {
strcat(data, buffer);
snprintf(data, BUFSIZ, "%s", buffer);
}
}
@ -679,7 +688,11 @@ void icwmp_http_server_init(void)
snprintf(cr_port_str, 6, "%hu", cr_port);
cr_port_str[5] = '\0';
set_uci_path_value(NULL, "cwmp.cpe.port", cr_port_str);
system(FIREWALL_CWMP);
/* Flawfinder: ignore */
FILE *pp = popen(FIREWALL_CWMP, 'r');
if (pp) {
pclose(pp);
}
connection_request_port_value_change(cr_port);
}

2
src/log.c
View file

@ -129,7 +129,7 @@ void puts_log(int severity, const char *fmt, ...)
}
}
va_start(args, fmt);
vsnprintf(buf + i, sizeof(buf)-i-2, (const char *)fmt, args);
vsnprintf(buf + i, sizeof(buf)-i-2, (const char *)fmt, args); // Flawfinder: ignore
if (enable_log_file) {
CWMP_STRNCPY(buf_file, buf, sizeof(buf_file));
buf_file[strlen(buf)] = '\n';

20
src/xml.c
View file

@ -390,7 +390,7 @@ int load_download_filetype(mxml_node_t *b, struct xml_data_struct *xml_attrs)
char tmp[128];
snprintf(tmp, sizeof(tmp), "%s", *(xml_attrs->file_type));
FREE(*(xml_attrs->file_type));
if (cwmp_asprintf(xml_attrs->file_type, "%s %s", tmp, node_opaque) == -1)
if (asprintf(xml_attrs->file_type, "%s %s", tmp, node_opaque) == -1)
return FAULT_CPE_INTERNAL_ERROR;
}
return FAULT_CPE_NO_FAULT;
@ -407,7 +407,7 @@ int load_sched_download_window_mode(mxml_node_t *b, struct xml_data_struct *xml_
else {
static char *tmp = NULL;
tmp = *(xml_attrs->window_mode);
if (cwmp_asprintf(xml_attrs->window_mode, "%s %s", tmp, node_opaque ? node_opaque : "") == -1)
if (asprintf(xml_attrs->window_mode, "%s %s", tmp, node_opaque ? node_opaque : "") == -1)
return FAULT_CPE_INTERNAL_ERROR;
}
return FAULT_CPE_NO_FAULT;
@ -678,19 +678,19 @@ int get_soap_enc_array_type(mxml_node_t *node __attribute__((unused)), struct xm
if (xml_attrs->soap_enc_array_type == NULL)
return FAULT_CPE_INTERNAL_ERROR;
if (xml_attrs->rpc_enum == SOAP_PARAM_STRUCT) {
if (icwmp_asprintf(xml_attrs->soap_enc_array_type, "cwmp:ParameterValueStruct[%d]", xml_attrs->counter ? *(xml_attrs->counter) : 0) == -1)
if (asprintf(xml_attrs->soap_enc_array_type, "cwmp:ParameterValueStruct[%d]", xml_attrs->counter ? *(xml_attrs->counter) : 0) == -1)
return FAULT_CPE_INTERNAL_ERROR;
return FAULT_CPE_NO_FAULT;
} else if (xml_attrs->rpc_enum == SOAP_GPA_STRUCT) {
if (icwmp_asprintf(xml_attrs->soap_enc_array_type, "cwmp:ParameterAttributeStruct[%d]", xml_attrs->counter ? *(xml_attrs->counter) : 0) == -1)
if (asprintf(xml_attrs->soap_enc_array_type, "cwmp:ParameterAttributeStruct[%d]", xml_attrs->counter ? *(xml_attrs->counter) : 0) == -1)
return FAULT_CPE_INTERNAL_ERROR;
return FAULT_CPE_NO_FAULT;
} else if (xml_attrs->rpc_enum == SOAP_RESP_GETRPC) {
if (icwmp_asprintf(xml_attrs->soap_enc_array_type, "xsd:string[%d]", xml_attrs->counter ? *(xml_attrs->counter) : 0) == -1)
if (asprintf(xml_attrs->soap_enc_array_type, "xsd:string[%d]", xml_attrs->counter ? *(xml_attrs->counter) : 0) == -1)
return FAULT_CPE_INTERNAL_ERROR;
return FAULT_CPE_NO_FAULT;
} else if (xml_attrs->rpc_enum == SOAP_RESP_GPN) {
if (icwmp_asprintf(xml_attrs->soap_enc_array_type, "cwmp:ParameterInfoStruct[%d]", xml_attrs->counter ? *(xml_attrs->counter) : 0) == -1)
if (asprintf(xml_attrs->soap_enc_array_type, "cwmp:ParameterInfoStruct[%d]", xml_attrs->counter ? *(xml_attrs->counter) : 0) == -1)
return FAULT_CPE_INTERNAL_ERROR;
return FAULT_CPE_NO_FAULT;
}
@ -1115,11 +1115,11 @@ void get_xml_data_value_by_name(int type, int idx, struct xml_data_struct *xml_a
break;
case XML_INTEGER:
intgr = (int *)(*ptr);
icwmp_asprintf(data_value, "%d", intgr ? *intgr : 0);
asprintf(data_value, "%d", intgr ? *intgr : 0);
break;
case XML_LINTEGER:
lint = (long int *)(*ptr);
icwmp_asprintf(data_value, "%ld", lint ? *lint : 0);
asprintf(data_value, "%ld", lint ? *lint : 0);
break;
case XML_BOOL:
bol = (bool *)(*ptr);
@ -1127,7 +1127,7 @@ void get_xml_data_value_by_name(int type, int idx, struct xml_data_struct *xml_a
break;
case XML_TIME:
time = (time_t *)(*ptr);
icwmp_asprintf(data_value, "%ld", time ? *time : 0);
asprintf(data_value, "%ld", time ? *time : 0);
break;
case XML_NODE:
*data_value = *ptr;
@ -1704,7 +1704,7 @@ void load_notification_xml_schema(mxml_node_t **tree)
return;
}
if (cwmp_asprintf(&c, "%ld", time(NULL)) == -1) {
if (asprintf(&c, "%ld", time(NULL)) == -1) {
MXML_DELETE(xml);
return;
}

6
test/cmocka/icwmp_download_unit_test.c
View file

@ -71,7 +71,7 @@ static void cwmp_download_file_unit_test(void **state)
*/
int http_code = download_file(ICWMP_DOWNLOAD_FILE, "http://127.0.0.1/firmware_v1.0.bin", NULL, NULL, NULL);
assert_int_equal(http_code, 200);
assert_int_equal(access( ICWMP_DOWNLOAD_FILE, F_OK ), 0);
assert_true(file_exists( ICWMP_DOWNLOAD_FILE));
remove(ICWMP_DOWNLOAD_FILE);
/*
@ -79,7 +79,7 @@ static void cwmp_download_file_unit_test(void **state)
*/
http_code = download_file(ICWMP_DOWNLOAD_FILE, "http://127.0.0.1/firmware.bin", NULL, NULL, NULL);
assert_int_equal(http_code, 404);
assert_int_equal(access( ICWMP_DOWNLOAD_FILE, F_OK ), 0);
assert_true(file_exists(ICWMP_DOWNLOAD_FILE));
remove(ICWMP_DOWNLOAD_FILE);
}
@ -105,7 +105,7 @@ static void cwmp_launch_download_unit_test(void **state)
transfer_complete_test = ptransfer_complete;
assert_int_equal(error, FAULT_CPE_NO_FAULT);
assert_int_equal(access( FIRMWARE_UPGRADE_IMAGE, F_OK ), 0);
assert_true(file_exists(FIRMWARE_UPGRADE_IMAGE));
assert_int_equal(ptransfer_complete->fault_code, FAULT_CPE_NO_FAULT);
assert_string_equal(ptransfer_complete->command_key, "download_key");
assert_non_null(ptransfer_complete->start_time);