diff options
author | Quincey Koziol <koziol@hdfgroup.org> | 2013-02-02 02:42:36 (GMT) |
---|---|---|
committer | Quincey Koziol <koziol@hdfgroup.org> | 2013-02-02 02:42:36 (GMT) |
commit | 94747604008862cf1038b3964f5b99e3bfe2b8ad (patch) | |
tree | 0bf02189287d79af2ee6d7d8f486822c6c6b5650 /src/H5FDmulti.c | |
parent | 6774149c1724f2ed27acf5eb025b8f74fb4f5aba (diff) | |
download | hdf5-94747604008862cf1038b3964f5b99e3bfe2b8ad.zip hdf5-94747604008862cf1038b3964f5b99e3bfe2b8ad.tar.gz hdf5-94747604008862cf1038b3964f5b99e3bfe2b8ad.tar.bz2 |
[svn-r23220] Description:
Bring r23219 from trunk to 1.8 branch:
Bring reviewed changes from Coverity branch back to trunk (QK & JK):
r20457:
Coverity issue 691: return of H5duo could be negative. Fixed by using
STDOUT_FILENO and redesign parse_command_line and main to cleanup file
allocations. The output_file var is null when using stdout. In cleanup do not
close output_file if NULL.
r20510:
Initialize ufid = -1 and predicate HDclose call on ufid != -1
r20511:
Purpose: Fix coverity issue 1715
Description: Free "file" and nested data on failure in H5FD_core_open.
r20512:
Initialize ifid = -1 and predicate HDclose call on ifid != -1
r20514:
Initialize h5fid = -1 and predicate HDclose call on h5fid != -1
r20516:
Added else branch to the if (ret_value < 0) check.
r20522:
Addressed coverity issues 930-933, 850, 836, 835, 1307. All minor
potential buffer overwrite bugs, or coverity errors. Fixed by replacing
strcpy and sprintf with strncpy and snprintf.
r20523:
fixed coverity issues 68, 1120, 1116i
r20524:
Check H5Z_SZIP->encoder_present < 1 assuming 0 represents absence.
r20601:
Purpose: Fix coverity issues 1703-1705
Description: Modified the cleanup code in test_free in accum.c to reset
allocated buffers to NULL after they are freed, and modified the error cleanup
code to check if these buffers are NULL before freeing them. Also fixed some
unrelated warnings in accum.c.
r20602:
Use HDsnprintf and HDstrncat
r20603:
Purpose: Fix coverity issues 808-809
Description: Modified test_core in vfd.c to check the returns from malloc, and
keep track of whether points and check are allocated by setting them to NULL
when they are not. Added code to free points and check on error if they are
not NULL. Also fixed unrelated warnings in vfd.c.
r20604:
Use HDstrncpy.
r20605:
Use HDstrncpy and HDstrncat.
r20606:
Purpose: Fix coverity issue 807
Description: Modified long_compact in stab.c to keep track of whether objname is
allocated by setting it to NULL when it is not. Added code to free objname on
error if it is not NULL.
r20607:
Changed string function calls to use versions that specify the string length
to fix coverity issues 832 and 839.
Tested on:
Mac OSX/64 10.8.2 (amazon)
(Too minor to require h5committest)
Diffstat (limited to 'src/H5FDmulti.c')
-rw-r--r-- | src/H5FDmulti.c | 110 |
1 files changed, 63 insertions, 47 deletions
diff --git a/src/H5FDmulti.c b/src/H5FDmulti.c index e5eda70..f730211 100644 --- a/src/H5FDmulti.c +++ b/src/H5FDmulti.c @@ -77,6 +77,7 @@ #define H5FD_MULTI_DXPL_PROP_NAME "H5FD_MULTI_DXPL" #define H5FD_MULTI_DXPL_PROP_SIZE sizeof(H5FD_multi_dxpl_t) +#define H5FD_MULT_MAX_FILE_NAME_LEN 1024 /* The driver identification number, initialized at runtime */ static hid_t H5FD_MULTI_g = 0; @@ -205,12 +206,14 @@ static char * my_strdup(const char *s) { char *x; + size_t str_len; if(!s) return NULL; - if(NULL == (x = (char *)malloc(strlen(s) + 1))) + str_len = strlen(s) + 1; + if(NULL == (x = (char *)malloc(str_len))) return NULL; - strcpy(x, s); + memcpy(x, s, str_len); return x; } @@ -300,7 +303,7 @@ H5Pset_fapl_split(hid_t fapl, const char *meta_ext, hid_t meta_plist_id, H5FD_mem_t memb_map[H5FD_MEM_NTYPES]; hid_t memb_fapl[H5FD_MEM_NTYPES]; const char *memb_name[H5FD_MEM_NTYPES]; - char meta_name[1024], raw_name[1024]; + char meta_name[H5FD_MULT_MAX_FILE_NAME_LEN], raw_name[H5FD_MULT_MAX_FILE_NAME_LEN]; haddr_t memb_addr[H5FD_MEM_NTYPES]; /*NO TRACE*/ @@ -323,25 +326,39 @@ H5Pset_fapl_split(hid_t fapl, const char *meta_ext, hid_t meta_plist_id, /* The names */ /* process meta filename */ - if (meta_ext){ - if (strstr(meta_ext, "%s")) - strcpy(meta_name, meta_ext); + if(meta_ext) { + if(strstr(meta_ext, "%s")) { + /* Note: this doesn't accommodate for when the '%s' in the user's + * string is at a position >sizeof(meta_name) - QK & JK - 2013/01/17 + */ + strncpy(meta_name, meta_ext, sizeof(meta_name)); + meta_name[sizeof(meta_name) - 1] = '\0'; + } else - sprintf(meta_name, "%%s%s", meta_ext); + snprintf(meta_name, sizeof(meta_name), "%%s%s", meta_ext); + } + else { + strncpy(meta_name, "%s.meta", sizeof(meta_name)); + meta_name[sizeof(meta_name) - 1] = '\0'; } - else - strcpy(meta_name, "%s.meta"); memb_name[H5FD_MEM_SUPER] = meta_name; /* process raw filename */ - if (raw_ext){ - if (strstr(raw_ext, "%s")) - strcpy(raw_name, raw_ext); + if(raw_ext) { + if(strstr(raw_ext, "%s")) { + /* Note: this doesn't accommodate for when the '%s' in the user's + * string is at a position >sizeof(raw_name) - QK & JK - 2013/01/17 + */ + strncpy(raw_name, raw_ext, sizeof(raw_name)); + raw_name[sizeof(raw_name) - 1] = '\0'; + } else - sprintf(raw_name, "%%s%s", raw_ext); + snprintf(raw_name, sizeof(raw_name), "%%s%s", raw_ext); + } + else { + strncpy(raw_name, "%s.raw", sizeof(raw_name)); + raw_name[sizeof(raw_name) - 1] = '\0'; } - else - strcpy(raw_name, "%s.raw"); memb_name[H5FD_MEM_DRAW] = raw_name; /* The sizes */ @@ -470,7 +487,7 @@ H5Pset_fapl_multi(hid_t fapl_id, const H5FD_mem_t *memb_map, if (!memb_name) { assert(strlen(letters)==H5FD_MEM_NTYPES); for (mt=H5FD_MEM_DEFAULT; mt<H5FD_MEM_NTYPES; mt=(H5FD_mem_t)(mt+1)) { - sprintf(_memb_name[mt], "%%s-%c.h5", letters[mt]); + snprintf(_memb_name[mt], sizeof(_memb_name[mt]), "%%s-%c.h5", letters[mt]); _memb_name_ptrs[mt] = _memb_name[mt]; } memb_name = _memb_name_ptrs; @@ -572,12 +589,11 @@ H5Pget_fapl_multi(hid_t fapl_id, H5FD_mem_t *memb_map/*out*/, memb_fapl[mt] = fa->memb_fapl[mt]; /*default or bad ID*/ } } - if (memb_name) { - for (mt=H5FD_MEM_DEFAULT; mt<H5FD_MEM_NTYPES; mt=(H5FD_mem_t)(mt+1)) { - if (fa->memb_name[mt]) { - memb_name[mt] = (char *)malloc(strlen(fa->memb_name[mt])+1); - strcpy(memb_name[mt], fa->memb_name[mt]); - } else + if(memb_name) { + for(mt = H5FD_MEM_DEFAULT; mt < H5FD_MEM_NTYPES; mt = (H5FD_mem_t)(mt + 1)) { + if(fa->memb_name[mt]) + memb_name[mt] = my_strdup(fa->memb_name[mt]); + else memb_name[mt] = NULL; } } @@ -968,17 +984,17 @@ H5FD_multi_sb_encode(H5FD_t *_file, char *name/*out*/, p += sizeof(haddr_t); nseen++; } END_MEMBERS; - if (H5Tconvert(H5T_NATIVE_HADDR, H5T_STD_U64LE, nseen*2, buf+8, NULL, - H5P_DEFAULT)<0) + if (H5Tconvert(H5T_NATIVE_HADDR, H5T_STD_U64LE, nseen*2, buf+8, NULL, H5P_DEFAULT)<0) H5Epush_ret(func, H5E_ERR_CLS, H5E_DATATYPE, H5E_CANTCONVERT, "can't convert superblock info", -1) /* Encode all name templates */ p = buf + 8 + nseen*2*8; UNIQUE_MEMBERS(file->fa.memb_map, mt) { size_t n = strlen(file->fa.memb_name[mt]) + 1; - strcpy((char *)p, file->fa.memb_name[mt]); + strncpy((char *)p, file->fa.memb_name[mt], n); p += n; - for (i=n; i%8; i++) *p++ = '\0'; + for (i=n; i%8; i++) + *p++ = '\0'; } END_MEMBERS; return 0; @@ -1208,19 +1224,21 @@ H5FD_multi_fapl_copy(const void *_old_fa) ALL_MEMBERS(mt) { if (old_fa->memb_fapl[mt]>=0) { new_fa->memb_fapl[mt] = H5Pcopy(old_fa->memb_fapl[mt]); - if (new_fa->memb_fapl[mt]<0) nerrors++; + if(new_fa->memb_fapl[mt]<0) + nerrors++; } if (old_fa->memb_name[mt]) { - new_fa->memb_name[mt] = (char *)malloc(strlen(old_fa->memb_name[mt])+1); + new_fa->memb_name[mt] = my_strdup(old_fa->memb_name[mt]); assert(new_fa->memb_name[mt]); - strcpy(new_fa->memb_name[mt], old_fa->memb_name[mt]); } } END_MEMBERS; if (nerrors) { ALL_MEMBERS(mt) { - if (new_fa->memb_fapl[mt]>=0) (void)H5Pclose(new_fa->memb_fapl[mt]); - if (new_fa->memb_name[mt]) free(new_fa->memb_name[mt]); + if (new_fa->memb_fapl[mt]>=0) + (void)H5Pclose(new_fa->memb_fapl[mt]); + if (new_fa->memb_name[mt]) + free(new_fa->memb_name[mt]); } END_MEMBERS; free(new_fa); H5Epush_ret(func, H5E_ERR_CLS, H5E_INTERNAL, H5E_BADVALUE, "invalid freespace objects", NULL) @@ -2190,7 +2208,7 @@ compute_next(H5FD_multi_t *file) static int open_members(H5FD_multi_t *file) { - char tmp[1024]; + char tmp[H5FD_MULT_MAX_FILE_NAME_LEN]; int nerrors=0; static const char *func="(H5FD_multi)open_members"; /* Function Name for error reporting */ @@ -2198,30 +2216,28 @@ open_members(H5FD_multi_t *file) H5Eclear2(H5E_DEFAULT); UNIQUE_MEMBERS(file->fa.memb_map, mt) { - if (file->memb[mt]) continue; /*already open*/ + if(file->memb[mt]) + continue; /*already open*/ assert(file->fa.memb_name[mt]); - sprintf(tmp, file->fa.memb_name[mt], file->name); + /* Note: This truncates the user's filename down to only sizeof(tmp) + * characters. -QK & JK, 2013/01/17 + */ + snprintf(tmp, sizeof(tmp), file->fa.memb_name[mt], file->name); #ifdef H5FD_MULTI_DEBUG - if (file->flags & H5F_ACC_DEBUG) { - fprintf(stderr, "H5FD_MULTI: open member %d \"%s\"\n", - (int)mt, tmp); - } + if(file->flags & H5F_ACC_DEBUG) + fprintf(stderr, "H5FD_MULTI: open member %d \"%s\"\n", (int)mt, tmp); #endif H5E_BEGIN_TRY { - file->memb[mt] = H5FDopen(tmp, file->flags, file->fa.memb_fapl[mt], - HADDR_UNDEF); + file->memb[mt] = H5FDopen(tmp, file->flags, file->fa.memb_fapl[mt], HADDR_UNDEF); } H5E_END_TRY; - if (!file->memb[mt]) { + if(!file->memb[mt]) { #ifdef H5FD_MULTI_DEBUG - if (file->flags & H5F_ACC_DEBUG) { - fprintf(stderr, "H5FD_MULTI: open failed for member %d\n", - (int)mt); - } + if(file->flags & H5F_ACC_DEBUG) + fprintf(stderr, "H5FD_MULTI: open failed for member %d\n", (int)mt); #endif - if (!file->fa.relax || (file->flags & H5F_ACC_RDWR)) { + if(!file->fa.relax || (file->flags & H5F_ACC_RDWR)) nerrors++; - } } } END_MEMBERS; if (nerrors) |