vishalmishra434 / rpms / openssh

Forked from rpms/openssh a month ago
Clone
Blob Blame History Raw
diff -up openssh-6.8p1/auth-pam.c.coverity openssh-6.8p1/auth-pam.c
--- openssh-6.8p1/auth-pam.c.coverity	2015-03-18 17:21:51.792265051 +0100
+++ openssh-6.8p1/auth-pam.c	2015-03-18 17:21:51.895264835 +0100
@@ -216,7 +216,12 @@ pthread_join(sp_pthread_t thread, void *
 	if (sshpam_thread_status != -1)
 		return (sshpam_thread_status);
 	signal(SIGCHLD, sshpam_oldsig);
-	waitpid(thread, &status, 0);
+	while (waitpid(thread, &status, 0) < 0) {
+		if (errno == EINTR)
+			continue;
+		fatal("%s: waitpid: %s", __func__,
+				strerror(errno));
+	}
 	return (status);
 }
 #endif
diff -up openssh-6.8p1/channels.c.coverity openssh-6.8p1/channels.c
--- openssh-6.8p1/channels.c.coverity	2015-03-18 17:21:51.815265002 +0100
+++ openssh-6.8p1/channels.c	2015-03-18 17:21:51.896264833 +0100
@@ -243,11 +243,11 @@ channel_register_fds(Channel *c, int rfd
 	channel_max_fd = MAX(channel_max_fd, wfd);
 	channel_max_fd = MAX(channel_max_fd, efd);
 
-	if (rfd != -1)
+	if (rfd >= 0)
 		fcntl(rfd, F_SETFD, FD_CLOEXEC);
-	if (wfd != -1 && wfd != rfd)
+	if (wfd >= 0 && wfd != rfd)
 		fcntl(wfd, F_SETFD, FD_CLOEXEC);
-	if (efd != -1 && efd != rfd && efd != wfd)
+	if (efd >= 0 && efd != rfd && efd != wfd)
 		fcntl(efd, F_SETFD, FD_CLOEXEC);
 
 	c->rfd = rfd;
@@ -265,11 +265,11 @@ channel_register_fds(Channel *c, int rfd
 
 	/* enable nonblocking mode */
 	if (nonblock) {
-		if (rfd != -1)
+		if (rfd >= 0)
 			set_nonblock(rfd);
-		if (wfd != -1)
+		if (wfd >= 0)
 			set_nonblock(wfd);
-		if (efd != -1)
+		if (efd >= 0)
 			set_nonblock(efd);
 	}
 }
@@ -3972,13 +3972,13 @@ connect_local_xsocket_path(const char *p
 	int sock;
 	struct sockaddr_un addr;
 
+	if (len <= 0)
+		return -1;
 	sock = socket(AF_UNIX, SOCK_STREAM, 0);
 	if (sock < 0)
 		error("socket: %.100s", strerror(errno));
 	memset(&addr, 0, sizeof(addr));
 	addr.sun_family = AF_UNIX;
-	if (len <= 0)
-		return -1;
 	if (len > sizeof addr.sun_path)
 		len = sizeof addr.sun_path;
 	memcpy(addr.sun_path, pathname, len);
diff -up openssh-6.8p1/entropy.c.coverity openssh-6.8p1/entropy.c
--- openssh-6.8p1/entropy.c.coverity	2015-03-18 17:21:51.891264843 +0100
+++ openssh-6.8p1/entropy.c	2015-03-18 17:21:51.897264831 +0100
@@ -46,6 +46,7 @@
 #include <openssl/err.h>
 
 #include "openbsd-compat/openssl-compat.h"
+#include "openbsd-compat/port-linux.h"
 
 #include "ssh.h"
 #include "misc.h"
diff -up openssh-6.8p1/monitor.c.coverity openssh-6.8p1/monitor.c
--- openssh-6.8p1/monitor.c.coverity	2015-03-18 17:21:51.887264852 +0100
+++ openssh-6.8p1/monitor.c	2015-03-18 17:21:51.897264831 +0100
@@ -444,7 +444,7 @@ monitor_child_preauth(Authctxt *_authctx
 	mm_get_keystate(pmonitor);
 
 	/* Drain any buffered messages from the child */
-	while (pmonitor->m_log_recvfd != -1 && monitor_read_log(pmonitor) == 0)
+	while (pmonitor->m_log_recvfd >= 0 && monitor_read_log(pmonitor) == 0)
 		;
 
 	close(pmonitor->m_sendfd);
@@ -1303,6 +1303,10 @@ mm_answer_keyallowed(int sock, Buffer *m
 			break;
 		}
 	}
+
+	debug3("%s: key %p is %s",
+	    __func__, key, allowed ? "allowed" : "not allowed");
+
 	if (key != NULL)
 		key_free(key);
 
@@ -1324,9 +1328,6 @@ mm_answer_keyallowed(int sock, Buffer *m
 		free(chost);
 	}
 
-	debug3("%s: key %p is %s",
-	    __func__, key, allowed ? "allowed" : "not allowed");
-
 	buffer_clear(m);
 	buffer_put_int(m, allowed);
 	buffer_put_int(m, forced_command != NULL);
diff -up openssh-6.8p1/monitor_wrap.c.coverity openssh-6.8p1/monitor_wrap.c
--- openssh-6.8p1/monitor_wrap.c.coverity	2015-03-18 17:21:51.888264849 +0100
+++ openssh-6.8p1/monitor_wrap.c	2015-03-18 17:21:51.897264831 +0100
@@ -533,10 +533,10 @@ mm_pty_allocate(int *ptyfd, int *ttyfd,
 	if ((tmp1 = dup(pmonitor->m_recvfd)) == -1 ||
 	    (tmp2 = dup(pmonitor->m_recvfd)) == -1) {
 		error("%s: cannot allocate fds for pty", __func__);
-		if (tmp1 > 0)
+		if (tmp1 >= 0)
 			close(tmp1);
-		if (tmp2 > 0)
-			close(tmp2);
+		/*DEAD CODE if (tmp2 >= 0)
+			close(tmp2);*/
 		return 0;
 	}
 	close(tmp1);
diff -up openssh-6.8p1/openbsd-compat/bindresvport.c.coverity openssh-6.8p1/openbsd-compat/bindresvport.c
--- openssh-6.8p1/openbsd-compat/bindresvport.c.coverity	2015-03-17 06:49:20.000000000 +0100
+++ openssh-6.8p1/openbsd-compat/bindresvport.c	2015-03-18 17:21:51.897264831 +0100
@@ -58,7 +58,7 @@ bindresvport_sa(int sd, struct sockaddr
 	struct sockaddr_in6 *in6;
 	u_int16_t *portp;
 	u_int16_t port;
-	socklen_t salen;
+	socklen_t salen = sizeof(struct sockaddr_storage);
 	int i;
 
 	if (sa == NULL) {
diff -up openssh-6.8p1/openbsd-compat/port-linux.h.coverity openssh-6.8p1/openbsd-compat/port-linux.h
--- openssh-6.8p1/openbsd-compat/port-linux.h.coverity	2015-03-18 17:21:51.861264906 +0100
+++ openssh-6.8p1/openbsd-compat/port-linux.h	2015-03-18 17:21:51.897264831 +0100
@@ -37,4 +37,6 @@ void oom_adjust_restore(void);
 void oom_adjust_setup(void);
 #endif
 
+void linux_seed(void);
+
 #endif /* ! _PORT_LINUX_H */
diff -up openssh-6.8p1/pam_ssh_agent_auth-0.9.3/pam_user_key_allowed2.c.coverity openssh-6.8p1/pam_ssh_agent_auth-0.9.3/pam_user_key_allowed2.c
--- openssh-6.8p1/pam_ssh_agent_auth-0.9.3/pam_user_key_allowed2.c.coverity	2015-03-18 17:21:51.788265059 +0100
+++ openssh-6.8p1/pam_ssh_agent_auth-0.9.3/pam_user_key_allowed2.c	2015-03-18 17:21:51.898264829 +0100
@@ -87,7 +87,7 @@ pam_user_key_allowed2(struct passwd *pw,
 	found = key_new(key->type);
 
 	while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {
-		char *cp, *key_options = NULL;
+		char *cp = NULL;
 
 		/* Skip leading whitespace, empty and comment lines. */
 		for (cp = line; *cp == ' ' || *cp == '\t'; cp++)
@@ -99,7 +99,6 @@ pam_user_key_allowed2(struct passwd *pw,
 			/* no key?  check if there are options for this key */
 			int quoted = 0;
 			verbose("user_key_allowed: check options: '%s'", cp);
-			key_options = cp;
 			for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) {
 				if (*cp == '\\' && cp[1] == '"')
 					cp++;	/* Skip both */
diff -up openssh-6.8p1/pam_ssh_agent_auth-0.9.3/userauth_pubkey_from_id.c.coverity openssh-6.8p1/pam_ssh_agent_auth-0.9.3/userauth_pubkey_from_id.c
--- openssh-6.8p1/pam_ssh_agent_auth-0.9.3/userauth_pubkey_from_id.c.coverity	2015-03-18 17:21:51.786265063 +0100
+++ openssh-6.8p1/pam_ssh_agent_auth-0.9.3/userauth_pubkey_from_id.c	2015-03-18 17:21:51.898264829 +0100
@@ -89,8 +89,7 @@ userauth_pubkey_from_id(Identity * id)
         authenticated = 1;
 
   user_auth_clean_exit:
-    if(&b != NULL)
-        buffer_free(&b);
+    buffer_free(&b);
     if(sig != NULL)
         free(sig);
     if(pkblob != NULL)
diff -up openssh-6.8p1/scp.c.coverity openssh-6.8p1/scp.c
--- openssh-6.8p1/scp.c.coverity	2015-03-18 17:21:51.868264891 +0100
+++ openssh-6.8p1/scp.c	2015-03-18 17:21:58.281251460 +0100
@@ -156,7 +156,7 @@ killchild(int signo)
 {
 	if (do_cmd_pid > 1) {
 		kill(do_cmd_pid, signo ? signo : SIGTERM);
-		waitpid(do_cmd_pid, NULL, 0);
+		(void) waitpid(do_cmd_pid, NULL, 0);
 	}
 
 	if (signo)
diff -up openssh-6.8p1/servconf.c.coverity openssh-6.8p1/servconf.c
--- openssh-6.8p1/servconf.c.coverity	2015-03-18 17:21:51.893264839 +0100
+++ openssh-6.8p1/servconf.c	2015-03-18 17:21:58.281251460 +0100
@@ -1475,7 +1475,7 @@ process_server_config_line(ServerOptions
 			fatal("%s line %d: Missing subsystem name.",
 			    filename, linenum);
 		if (!*activep) {
-			arg = strdelim(&cp);
+			/*arg =*/ (void) strdelim(&cp);
 			break;
 		}
 		for (i = 0; i < options->num_subsystems; i++)
@@ -1566,8 +1566,9 @@ process_server_config_line(ServerOptions
 		if (*activep && *charptr == NULL) {
 			*charptr = tilde_expand_filename(arg, getuid());
 			/* increase optional counter */
-			if (intptr != NULL)
-				*intptr = *intptr + 1;
+			/* DEAD CODE intptr is still NULL ;)
+  			 if (intptr != NULL)
+				*intptr = *intptr + 1; */
 		}
 		break;
 
diff -up openssh-6.8p1/serverloop.c.coverity openssh-6.8p1/serverloop.c
--- openssh-6.8p1/serverloop.c.coverity	2015-03-17 06:49:20.000000000 +0100
+++ openssh-6.8p1/serverloop.c	2015-03-18 17:28:45.616436080 +0100
@@ -147,13 +147,13 @@ notify_setup(void)
 static void
 notify_parent(void)
 {
-	if (notify_pipe[1] != -1)
+	if (notify_pipe[1] >= 0)
 		(void)write(notify_pipe[1], "", 1);
 }
 static void
 notify_prepare(fd_set *readset)
 {
-	if (notify_pipe[0] != -1)
+	if (notify_pipe[0] >= 0)
 		FD_SET(notify_pipe[0], readset);
 }
 static void
@@ -161,8 +161,8 @@ notify_done(fd_set *readset)
 {
 	char c;
 
-	if (notify_pipe[0] != -1 && FD_ISSET(notify_pipe[0], readset))
-		while (read(notify_pipe[0], &c, 1) != -1)
+	if (notify_pipe[0] >= 0 && FD_ISSET(notify_pipe[0], readset))
+		while (read(notify_pipe[0], &c, 1) >= 0)
 			debug2("notify_done: reading");
 }
 
@@ -337,7 +337,7 @@ wait_until_can_do_something(fd_set **rea
 		 * If we have buffered data, try to write some of that data
 		 * to the program.
 		 */
-		if (fdin != -1 && buffer_len(&stdin_buffer) > 0)
+		if (fdin >= 0 && buffer_len(&stdin_buffer) > 0)
 			FD_SET(fdin, *writesetp);
 	}
 	notify_prepare(*readsetp);
@@ -477,7 +477,7 @@ process_output(fd_set *writeset)
 	int len;
 
 	/* Write buffered data to program stdin. */
-	if (!compat20 && fdin != -1 && FD_ISSET(fdin, writeset)) {
+	if (!compat20 && fdin >= 0 && FD_ISSET(fdin, writeset)) {
 		data = buffer_ptr(&stdin_buffer);
 		dlen = buffer_len(&stdin_buffer);
 		len = write(fdin, data, dlen);
@@ -590,7 +590,7 @@ server_loop(pid_t pid, int fdin_arg, int
 	set_nonblock(fdin);
 	set_nonblock(fdout);
 	/* we don't have stderr for interactive terminal sessions, see below */
-	if (fderr != -1)
+	if (fderr >= 0)
 		set_nonblock(fderr);
 
 	if (!(datafellows & SSH_BUG_IGNOREMSG) && isatty(fdin))
@@ -614,7 +614,7 @@ server_loop(pid_t pid, int fdin_arg, int
 	max_fd = MAX(connection_in, connection_out);
 	max_fd = MAX(max_fd, fdin);
 	max_fd = MAX(max_fd, fdout);
-	if (fderr != -1)
+	if (fderr >= 0)
 		max_fd = MAX(max_fd, fderr);
 #endif
 
@@ -644,7 +644,7 @@ server_loop(pid_t pid, int fdin_arg, int
 		 * If we have received eof, and there is no more pending
 		 * input data, cause a real eof by closing fdin.
 		 */
-		if (stdin_eof && fdin != -1 && buffer_len(&stdin_buffer) == 0) {
+		if (stdin_eof && fdin >= 0 && buffer_len(&stdin_buffer) == 0) {
 			if (fdin != fdout)
 				close(fdin);
 			else
@@ -740,15 +740,15 @@ server_loop(pid_t pid, int fdin_arg, int
 	buffer_free(&stderr_buffer);
 
 	/* Close the file descriptors. */
-	if (fdout != -1)
+	if (fdout >= 0)
 		close(fdout);
 	fdout = -1;
 	fdout_eof = 1;
-	if (fderr != -1)
+	if (fderr >= 0)
 		close(fderr);
 	fderr = -1;
 	fderr_eof = 1;
-	if (fdin != -1)
+	if (fdin >= 0)
 		close(fdin);
 	fdin = -1;
 
@@ -950,7 +950,7 @@ server_input_window_size(int type, u_int
 
 	debug("Window change received.");
 	packet_check_eom();
-	if (fdin != -1)
+	if (fdin >= 0)
 		pty_change_window_size(fdin, row, col, xpixel, ypixel);
 	return 0;
 }
@@ -1043,7 +1043,7 @@ server_request_tun(void)
 	}
 
 	tun = packet_get_int();
-	if (forced_tun_device != -1) {
+	if (forced_tun_device >= 0) {
 		if (tun != SSH_TUNID_ANY && forced_tun_device != tun)
 			goto done;
 		tun = forced_tun_device;
diff -up openssh-6.8p1/sftp.c.coverity openssh-6.8p1/sftp.c
--- openssh-6.8p1/sftp.c.coverity	2015-03-17 06:49:20.000000000 +0100
+++ openssh-6.8p1/sftp.c	2015-03-18 17:21:58.283251456 +0100
@@ -223,7 +223,7 @@ killchild(int signo)
 {
 	if (sshpid > 1) {
 		kill(sshpid, SIGTERM);
-		waitpid(sshpid, NULL, 0);
+		(void) waitpid(sshpid, NULL, 0);
 	}
 
 	_exit(1);
@@ -335,7 +335,7 @@ local_do_ls(const char *args)
 
 /* Strip one path (usually the pwd) from the start of another */
 static char *
-path_strip(char *path, char *strip)
+path_strip(const char *path, const char *strip)
 {
 	size_t len;
 
@@ -353,7 +353,7 @@ path_strip(char *path, char *strip)
 }
 
 static char *
-make_absolute(char *p, char *pwd)
+make_absolute(char *p, const char *pwd)
 {
 	char *abs_str;
 
@@ -551,7 +551,7 @@ parse_no_flags(const char *cmd, char **a
 }
 
 static int
-is_dir(char *path)
+is_dir(const char *path)
 {
 	struct stat sb;
 
@@ -563,7 +563,7 @@ is_dir(char *path)
 }
 
 static int
-remote_is_dir(struct sftp_conn *conn, char *path)
+remote_is_dir(struct sftp_conn *conn, const char *path)
 {
 	Attrib *a;
 
@@ -577,7 +577,7 @@ remote_is_dir(struct sftp_conn *conn, ch
 
 /* Check whether path returned from glob(..., GLOB_MARK, ...) is a directory */
 static int
-pathname_is_dir(char *pathname)
+pathname_is_dir(const char *pathname)
 {
 	size_t l = strlen(pathname);
 
@@ -585,7 +585,7 @@ pathname_is_dir(char *pathname)
 }
 
 static int
-process_get(struct sftp_conn *conn, char *src, char *dst, char *pwd,
+process_get(struct sftp_conn *conn, const char *src, const char *dst, const char *pwd,
     int pflag, int rflag, int resume, int fflag)
 {
 	char *abs_src = NULL;
@@ -669,7 +669,7 @@ out:
 }
 
 static int
-process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd,
+process_put(struct sftp_conn *conn, const char *src, const char *dst, const char *pwd,
     int pflag, int rflag, int resume, int fflag)
 {
 	char *tmp_dst = NULL;
@@ -779,7 +779,7 @@ sdirent_comp(const void *aa, const void
 
 /* sftp ls.1 replacement for directories */
 static int
-do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag)
+do_ls_dir(struct sftp_conn *conn, const char *path, const char *strip_path, int lflag)
 {
 	int n;
 	u_int c = 1, colspace = 0, columns = 1;
@@ -864,7 +864,7 @@ do_ls_dir(struct sftp_conn *conn, char *
 
 /* sftp ls.1 replacement which handles path globs */
 static int
-do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path,
+do_globbed_ls(struct sftp_conn *conn, const char *path, const char *strip_path,
     int lflag)
 {
 	char *fname, *lname;
@@ -949,7 +949,7 @@ do_globbed_ls(struct sftp_conn *conn, ch
 }
 
 static int
-do_df(struct sftp_conn *conn, char *path, int hflag, int iflag)
+do_df(struct sftp_conn *conn, const char *path, int hflag, int iflag)
 {
 	struct sftp_statvfs st;
 	char s_used[FMT_SCALED_STRSIZE];
diff -up openssh-6.8p1/ssh-agent.c.coverity openssh-6.8p1/ssh-agent.c
--- openssh-6.8p1/ssh-agent.c.coverity	2015-03-17 06:49:20.000000000 +0100
+++ openssh-6.8p1/ssh-agent.c	2015-03-18 17:21:58.284251454 +0100
@@ -1166,8 +1166,8 @@ main(int ac, char **av)
 	sanitise_stdfd();
 
 	/* drop */
-	setegid(getgid());
-	setgid(getgid());
+	(void) setegid(getgid());
+	(void) setgid(getgid());
 
 #if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE)
 	/* Disable ptrace on Linux without sgid bit */
diff -up openssh-6.8p1/sshd.c.coverity openssh-6.8p1/sshd.c
--- openssh-6.8p1/sshd.c.coverity	2015-03-18 17:21:51.893264839 +0100
+++ openssh-6.8p1/sshd.c	2015-03-18 17:21:58.284251454 +0100
@@ -778,8 +778,10 @@ privsep_preauth(Authctxt *authctxt)
 		if (getuid() == 0 || geteuid() == 0)
 			privsep_preauth_child();
 		setproctitle("%s", "[net]");
-		if (box != NULL)
+		if (box != NULL) {
 			ssh_sandbox_child(box);
+			free(box);
+		}
 
 		return 0;
 	}
@@ -1518,6 +1520,9 @@ server_accept_loop(int *sock_in, int *so
 		if (num_listen_socks < 0)
 			break;
 	}
+
+	if (fdset != NULL)
+		free(fdset);
 }
 
 
diff -up openssh-6.8p1/sshkey.c.coverity openssh-6.8p1/sshkey.c
--- openssh-6.8p1/sshkey.c.coverity	2015-03-18 17:21:58.285251452 +0100
+++ openssh-6.8p1/sshkey.c	2015-03-18 17:45:32.232705363 +0100
@@ -58,6 +58,7 @@
 #include "digest.h"
 #define SSHKEY_INTERNAL
 #include "sshkey.h"
+#include "log.h"
 #include "match.h"
 
 /* openssh private key file format */
diff --git a/sshd.c b/sshd.c
index 6ff8f6f..2f2fcf8 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1548,6 +1548,7 @@ main(int ac, char **av)
 	int keytype;
 	Authctxt *authctxt;
 	struct connection_info *connection_info = get_connection_info(0, 0);
+	char *addr = NULL;
 
 #ifdef HAVE_SECUREWARE
 	(void)set_auth_parameters(ac, av);
@@ -2261,7 +2262,8 @@ main(int ac, char **av)
 	/* Log the connection. */
 	verbose("Connection from %s port %d on %s port %d",
 	    remote_ip, remote_port,
-	    get_local_ipaddr(sock_in), get_local_port());
+	    (addr = get_local_ipaddr(sock_in)), get_local_port());
+	free(addr);
 
 	/*
 	 * We don't want to listen forever unless the other side