[svn-r20065] Description:

    Bring changes from Coverity branch to trunk:

r19975:
Fixed potential mem leak at H5O_attr_open_by_name

r19980:
Fix coverity issue 792.
Free tmp_env_prefix in H5Lexternal.c line 365 if it is not NULL but its contents are 0 when it goes out of scope.

r20039:
Eliminate warnings about nested extern and implicit declarations of parallel_print and address Coverity defects 712-781 by #including h5tools_utils.h in h5diff_array.c, h5diff_attr.c, h5diff_dset.c and h5diff_util.c.

r20046:
Purpose: Address TOCTOU warnings in h5jam and h5unjam

Description: Coverity is afraid that the state of the input file could change
between the call to stat() and the call to open().  This is called a time-of-
check time-of-use (TOCTOU) vulnerability.  Modified stat calls to fstat which
uses an open file pointer so it (hopefully) won't complain any more.

r20047:
Addressed coverity issues 135-137, 462-464.  Local pointers that needed to be freed in case of error were moved out of a switch statement in src/H5Tnative.c, set to NULL, and checked before freeing.

Tested on:
    Mac OS X/32 10.6.6 (amazon) w/debug & production
    (h5committested on Coverity branch)

2 files changed, 22 insertions, 40 deletions

diff --git a/tools/h5jam/h5jam.c b/tools/h5jam/h5jam.c
index 17b1384..d6d3d8f 100644
--- a/tools/h5jam/h5jam.c
+++ b/tools/h5jam/h5jam.c
@@ -238,41 +238,33 @@ main (int argc, const char *argv[])
       exit (EXIT_FAILURE);
     }
 
-  H5Pclose (plist);
-  H5Fclose (ifile);
+  H5Pclose(plist);
+  H5Fclose(ifile);
 
-  ufid = HDopen (ub_file, O_RDONLY, 0);
-
-  if (ufid < 0)
-    {
+  ufid = HDopen(ub_file, O_RDONLY, 0);
+  if(ufid < 0) {
       error_msg("unable to open user block file \"%s\"\n",
 		 ub_file);
       exit (EXIT_FAILURE);
     }
 
-  res = stat (ub_file, &sbuf);
-
-  if (res < 0)
-    {
+  res = HDfstat(ufid, &sbuf);
+  if(res < 0) {
       error_msg("Can't stat file \"%s\"\n", ub_file);
       exit (EXIT_FAILURE);
     }
 
   fsize = sbuf.st_size;
 
-  h5fid = HDopen (input_file, O_RDONLY, 0);
-
-  if (h5fid < 0)
-    {
+  h5fid = HDopen(input_file, O_RDONLY, 0);
+  if(h5fid < 0) {
       error_msg("unable to open HDF5 file for read \"%s\"\n",
 		 input_file);
       exit (EXIT_FAILURE);
     }
 
-  res = stat (input_file, &sbuf2);
-
-  if (res < 0)
-    {
+  res = HDfstat(h5fid, &sbuf2);
+  if(res < 0) {
       error_msg("Can't stat file \"%s\"\n", input_file);
       exit (EXIT_FAILURE);
     }
@@ -396,19 +388,15 @@ copy_some_to_file (int infid, int outfid, hsize_t startin, hsize_t startout,
   ssize_t toend;
   ssize_t fromend;
 
-  if (startin > startout)
-    {
+  if(startin > startout) {
       /* this case is prohibited */
       error_msg("copy_some_to_file: panic: startin > startout?\n");
       exit (EXIT_FAILURE);
     }
 
-  if (limit < 0)
-    {
-      res = fstat (infid, &sbuf);
-
-      if (res < 0)
-	{
+  if(limit < 0) {
+      res = HDfstat(infid, &sbuf);
+      if(res < 0) {
 	  error_msg("Can't stat file \n");
 	  exit (EXIT_FAILURE);
 	}
@@ -416,14 +404,10 @@ copy_some_to_file (int infid, int outfid, hsize_t startin, hsize_t startout,
       howmuch = sbuf.st_size;
     }
   else
-    {
       howmuch = limit;
-    }
 
-  if (howmuch == 0)
-    {
+  if(howmuch == 0)
       return 0;
-    }
 
   /* assert (howmuch > 0) */
 
diff --git a/tools/h5jam/h5unjam.c b/tools/h5jam/h5unjam.c
index 8e31ce1..fd79e1a 100644
--- a/tools/h5jam/h5unjam.c
+++ b/tools/h5jam/h5unjam.c
@@ -221,22 +221,20 @@ main(int argc, const char *argv[])
 
     }
 
-    res = stat(input_file, &sbuf);
+    ifid = HDopen(input_file,O_RDONLY,0);
+    if(ifid < 0) {
+        error_msg("unable to open input HDF5 file \"%s\"\n", input_file);
+        exit(EXIT_FAILURE);
+    }
 
-    if (res < 0) {
+    res = HDfstat(ifid, &sbuf);
+    if(res < 0) {
         error_msg("Can't stat file \"%s\"\n", input_file);
         exit(EXIT_FAILURE);
     }
 
     fsize = sbuf.st_size;
 
-    ifid = HDopen(input_file,O_RDONLY,0);
-
-    if (ifid < 0) {
-        error_msg("unable to open input HDF5 file \"%s\"\n", input_file);
-        exit(EXIT_FAILURE);
-    }
-
     if (do_delete && (ub_file != NULL)) {
             error_msg("??\"%s\"\n", ub_file);
             exit(EXIT_FAILURE);