Not returning if rtype == RPCBVERS_STAT will cause us to overrun the inf array, as
it's defined to be exactly RPCBVERS_STAT elements in rpcb_prot.x:
> include/rpc/rpcb_prot.x:typedef rpcb_stat rpcb_stat_byvers[RPCBVERS_STAT];
The proposed change also matches the rest of the rtype upper bound checks in the
file, so the original change was likely a typo.
MFC after: 2 weeks
Reported by: Coverity
CID: 1007567
Reviewed by: truckman
Sponsored by: EMC / Isilon Storage Division
If malloc() fails to allocate linep, then free olinep (if it exists)
before returning to avoid a memory leak.
Reported by: Coverity
CID: 1016716
Reviewed by: kib
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D6755
If the ai->ai_addrlen <= minsiz test fails, then freeaddrinfo()
does not get called to free the memory just allocated by getaddrinfo().
Fix by moving ai->ai_addrlen <= minsiz to a separate nested if
block, and keep freeaddrinfo() in the outer block so that freeaddrinfo()
will be called whenever getaddrinfo() succeeds.
Reported by: Coverity
CID: 1273652
Reviewed by: ume
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D6756
The fix in r300649 was not sufficient to convince Coverity that the
buffer was NUL terminated, even with the buffer pre-zeroed. Swap
the size and nmemb arguments to fread() so that a valid lenght is
returned, which we can use to terminate the string in the buffer
at the correct location. This should also quiet the complaint about
the return value of fread() not being checked.
Reported by: Coverity
CID: 1019054, 1009614
MFC after: 1 week
when the process credentials were not changed. This can happen if an
error occured trying to activate the setuid binary. And on error, if
new credentials were not yet assigned, they must be freed to not
create the leak.
Use oldcred == NULL as the predicate to detect credential
reassignment.
Reported and tested by: pho
Sponsored by: The FreeBSD Foundation
Rather than guarding close(fd) with an fd >= 0 test and setting fd
to -1 when it is closed to avoid a potential double-close, just
move the close() call after the conditional "goto make_token". This
moves the close() call totally outside the loop to avoid the
possibility of calling it twice. This should also prevent a Coverity
warning about checking fd for validity after it was previously passed
to read().
Reported by: Coverity
CID: 1355335
MFC after: 1 week
X-MFC with: r299484
CASPER_SERVICE_STDIO - Casper will not close the first three descriptors (stdin,
stdout and stderr) this can be helpful for debugging.
CASPER_SERVICE_FD - Capser will not close all other descriptors, this can
be useful for a filesystem service.
In the case where cam_iosched_init() fails, the ada and da softcs were leaked.
Instead, free them.
Reported by: Coverity
CID: 1356039
Sponsored by: EMC / Isilon Storage Division
If strlen(hostp) was zero, the stack array 'nam' would never be initialized
before being strdup()ed. Fix this by initializing it to the empty string.
It's possible some external condition makes this case impossible, in which
case, an assertion instead of this workaround is appropriate.
Introduced in r299848.
Reported by: Coverity
CID: 1355336
Sponsored by: EMC / Isilon Storage Division
Due to an accidental mismatch between allocation and release in the slow path
of iflib_if_transmit, if a caller passed 9-16 mbufs to the routine, the mbuf
array would be leaked.
Fix the mismatch by removing the magic numbers in favor of nitems() on the
stack array. According to mmacy, this leak is unlikely.
Reported by: Coverity
Discussed with: mmacy
CID: 1356040
Sponsored by: EMC / Isilon Storage Division
the exact CPU we are running on to set the cpu functions. Relax the check
to ignore the CPU revision. Even so this may still be too specific.
Reviewed by: mmel
Sponsored by: ABT Systems Ltd
Differential Revision: https://reviews.freebsd.org/D6504
Reviewed by: rpaulo
Approved by: rpaulo (earlier version of changes)
Relnotes: YES
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D5915
Support for compression has been available from July 2007 but it
was never imported due to concerns with patents once held by
STAC/HiFn. The issues have clearly been resolved so bring it
in now.
Special thanks to Brett Glass for preserving the code and
pointing documentation for the expiration case.
Obtained from: mav (through Brett Glass)
Relnotes: yes
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D6739