diff options
author | Dan McGee <dan@archlinux.org> | 2012-04-09 07:42:04 +0200 |
---|---|---|
committer | Dan McGee <dan@archlinux.org> | 2012-04-09 07:46:54 +0200 |
commit | ded66fbb62cdad37d577dc048e37f7cea7f7a4da (patch) | |
tree | b80edeb140fccccbbd9abc6bd8d58c5bec331d57 /lib | |
parent | ca090e10d264e4999e321b0a0b43736a34aa11d9 (diff) | |
download | pacman-ded66fbb62cdad37d577dc048e37f7cea7f7a4da.tar.gz pacman-ded66fbb62cdad37d577dc048e37f7cea7f7a4da.tar.xz |
Fix issues with unintialized variable value usage
Detected by clang scan-build static code analyzer.
* Don't attempt to free an uninitialized gpgme key variable
* Initialize answer variable before asking frontend a question
* Pass by reference instead of value if uninitialized fields are
possible in download signal handler code
* Ensure we never call strlen() on NULL payload->remote_name value
Signed-off-by: Dan McGee <dan@archlinux.org>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/libalpm/dload.c | 11 | ||||
-rw-r--r-- | lib/libalpm/signing.c | 4 |
2 files changed, 8 insertions, 7 deletions
diff --git a/lib/libalpm/dload.c b/lib/libalpm/dload.c index 9d982183..c1f54f02 100644 --- a/lib/libalpm/dload.c +++ b/lib/libalpm/dload.c @@ -337,9 +337,9 @@ static void mask_signal(int signal, void (*handler)(int), sigaction(signal, &newaction, NULL); } -static void unmask_signal(int signal, struct sigaction sa) +static void unmask_signal(int signal, struct sigaction *sa) { - sigaction(signal, &sa, NULL); + sigaction(signal, sa, NULL); } static FILE *create_tempfile(struct dload_payload *payload, const char *localpath) @@ -409,7 +409,8 @@ static int curl_download_internal(struct dload_payload *payload, RET_ERR(handle, ALPM_ERR_SERVER_BAD_URL, -1); } - if(strlen(payload->remote_name) > 0 && strcmp(payload->remote_name, ".sig") != 0) { + if(payload->remote_name && strlen(payload->remote_name) > 0 && + strcmp(payload->remote_name, ".sig") != 0) { payload->destfile_name = get_fullpath(localpath, payload->remote_name, ""); payload->tempfile_name = get_fullpath(localpath, payload->remote_name, ".part"); if(!payload->destfile_name || !payload->tempfile_name) { @@ -582,8 +583,8 @@ cleanup: } /* restore the old signal handlers */ - unmask_signal(SIGINT, orig_sig_int); - unmask_signal(SIGPIPE, orig_sig_pipe); + unmask_signal(SIGINT, &orig_sig_int); + unmask_signal(SIGPIPE, &orig_sig_pipe); /* if we were interrupted, trip the old handler */ if(dload_interrupted) { raise(SIGINT); diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index fc8dd5bb..7177d655 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -210,9 +210,9 @@ static int key_in_keychain(alpm_handle_t *handle, const char *fpr) } else { _alpm_log(handle, ALPM_LOG_DEBUG, "gpg error: %s\n", gpgme_strerror(err)); } + gpgme_key_unref(key); error: - gpgme_key_unref(key); gpgme_release(ctx); return ret; } @@ -797,7 +797,7 @@ int _alpm_process_siglist(alpm_handle_t *handle, const char *identifier, _("%s: key \"%s\" is unknown\n"), identifier, name); #ifdef HAVE_LIBGPGME { - int answer; + int answer = 0; alpm_pgpkey_t fetch_key; memset(&fetch_key, 0, sizeof(fetch_key)); |