rtsold: Fix bugs reported by Coverity

- Avoid leaking a socket if llflags_get() fails. - Avoid leaking a file handle if rtsold_init_dumpfile() fails. - Tighten the check in if_nametosdl() which determines whether we failed to find the specified interface. - Fix errno handling in an error path in rtsock_open(). MFC after: 1 week
2020-12-02 16:46:45 +00:00 · 2020-12-02 16:46:45 +00:00 · ecce515d54
commit ecce515d54
parent e997614fd2
4 changed files with 21 additions and 15 deletions
--- a/usr.sbin/rtsold/cap_llflags.c
+++ b/usr.sbin/rtsold/cap_llflags.c
@ -72,9 +72,12 @@ llflags_get(const char *ifname, int *flagsp)
 	if (s < 0)
 		return (-1);

-	if (getifaddrs(&ifap) != 0)
-		return (-1);
-	error = -1;
+	ifap = NULL;
+	if (getifaddrs(&ifap) != 0) {
+		error = errno;
+		goto out;
+	}
+	error = ENOENT;
 	for (ifa = ifap; ifa != NULL; ifa = ifa->ifa_next) {
 		if (strcmp(ifa->ifa_name, ifname) != 0)
 			continue;
@ -88,27 +91,29 @@ llflags_get(const char *ifname, int *flagsp)
 		memset(&ifr6, 0, sizeof(ifr6));
 		if (strlcpy(ifr6.ifr_name, ifname, sizeof(ifr6.ifr_name)) >=
 		    sizeof(ifr6.ifr_name)) {
-			freeifaddrs(ifap);
-			errno = EINVAL;
-			return (-1);
+			error = errno;
+			goto out;
 		}
 		memcpy(&ifr6.ifr_ifru.ifru_addr, sin6, sin6->sin6_len);
 		if (ioctl(s, SIOCGIFAFLAG_IN6, &ifr6) < 0) {
 			error = errno;
-			freeifaddrs(ifap);
-			errno = error;
-			return (-1);
+			goto out;
 		}

 		*flagsp = ifr6.ifr_ifru.ifru_flags6;
 		error = 0;
 		break;
 	}
+out:
 	(void)close(s);
-	freeifaddrs(ifap);
-	if (error == -1)
-		errno = ENOENT;
-	return (error);
+	if (ifap != NULL)
+		freeifaddrs(ifap);
+	if (error != 0) {
+		errno = error;
+		return (-1);
+	} else {
+		return (0);
+	}
 }

 int
--- a/usr.sbin/rtsold/dump.c
+++ b/usr.sbin/rtsold/dump.c
@ -148,6 +148,7 @@ rtsold_init_dumpfile(const char *dumpfile)
 	if (caph_rights_limit(fileno(fp), &rights) != 0) {
 		warnmsg(LOG_WARNING, __func__, "caph_rights_limit(%s): %s",
 		    dumpfile, strerror(errno));
+		(void)fclose(fp);
 		return (NULL);
 	}
 	return (fp);
--- a/usr.sbin/rtsold/if.c
+++ b/usr.sbin/rtsold/if.c
@ -327,7 +327,7 @@ if_nametosdl(char *name)
 			}
 		}
 	}
-	if (next == lim) {
+	if (next >= lim) {
 		/* search failed */
 		free(buf);
 		return (NULL);
--- a/usr.sbin/rtsold/rtsock.c
+++ b/usr.sbin/rtsold/rtsock.c
@ -84,7 +84,7 @@ rtsock_open(void)
 	if (caph_rights_limit(s, &rights) != 0) {
 		error = errno;
 		(void)close(s);
-		errno = errno;
+		errno = error;
 		return (-1);
 	}
 	return (s);