From 09afe49c73cb495f32b96dce32728352c46ba865 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20Stan=C4=9Bk?= <jstanek@redhat.com>
Date: Thu, 29 Apr 2021 16:03:05 +0200
Subject: [PATCH] Address issues found by coverity scan
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Jan Staněk <jstanek@redhat.com>
---
 anacron/main.c   | 8 ++++++--
 anacron/runjob.c | 2 ++
 src/crontab.c    | 1 +
 src/database.c   | 3 ++-
 src/pw_dup.c     | 1 +
 5 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/anacron/main.c b/anacron/main.c
index d092970..65f8fed 100644
--- a/anacron/main.c
+++ b/anacron/main.c
@@ -44,8 +44,8 @@ int day_now;
 int year, month, day_of_month;                 /* date anacron started */
 
 char *program_name;
-char *anacrontab;
-char *spooldir;
+char *anacrontab = NULL;
+char *spooldir = NULL;
 int serialize, force, update_only, now,
     no_daemon, quiet, testing_only;            /* command-line options */
 char **job_args;                       	       /* vector of "job" command-line arguments */
@@ -128,12 +128,14 @@ parse_opts(int argc, char *argv[])
 	    quiet = 1;
 	    break;
 	case 't':
+	    free(anacrontab);
 	    anacrontab = strdup(optarg);
 	    break;
 	case 'T':
 	    testing_only = 1;
 	    break;
 	case 'S':
+	    free(spooldir);
 	    spooldir = strdup(optarg);
 	    break;
 	case 'V':
@@ -208,9 +210,11 @@ go_background(void)
     /* stdin is already closed */
 
     if (fclose(stdout)) die_e("Can't close stdout");
+    /* coverity[leaked_handle] – fd 1 closed automatically */
     xopen(1, "/dev/null", O_WRONLY);
 
     if (fclose(stderr)) die_e("Can't close stderr");
+    /* coverity[leaked_handle] – fd 2 closed automatically */
     xopen(2, "/dev/null", O_WRONLY);
 
     pid = xfork();
diff --git a/anacron/runjob.c b/anacron/runjob.c
index 341351f..04d6904 100644
--- a/anacron/runjob.c
+++ b/anacron/runjob.c
@@ -237,7 +237,9 @@ launch_mailer(job_rec *jr)
 	xcloselog();
 
 	/* Ensure stdout/stderr are sane before exec-ing sendmail */
+	/* coverity[leaked_handle] – STDOUT closed automatically */
 	xclose(STDOUT_FILENO); xopen(STDOUT_FILENO, "/dev/null", O_WRONLY);
+	/* coverity[leaked_handle] – STDERR closed automatically */
 	xclose(STDERR_FILENO); xopen(STDERR_FILENO, "/dev/null", O_WRONLY);
 	xclose(jr->output_fd);
 
diff --git a/src/crontab.c b/src/crontab.c
index 240c112..41c8984 100644
--- a/src/crontab.c
+++ b/src/crontab.c
@@ -872,6 +872,7 @@ static int replace_cmd(void) {
 
 	if ((error = check_syntax(tmp)) < 0) {
 		fprintf(stderr, "Invalid crontab file, can't install.\n");
+		fclose(tmp);
 		goto done;
 	}
 
diff --git a/src/database.c b/src/database.c
index c1e4593..bff0256 100644
--- a/src/database.c
+++ b/src/database.c
@@ -559,7 +559,8 @@ int load_database(cron_db * old_db) {
 			if (not_a_crontab(dp))
 				continue;
 
-			strncpy(fname, dp->d_name, NAME_MAX + 1);
+			strncpy(fname, dp->d_name, NAME_MAX);
+			fname[NAME_MAX] = '\0';
 
 			if (!glue_strings(tabname, sizeof tabname, SPOOL_DIR, fname, '/'))
 				continue;	/* XXX log? */
diff --git a/src/pw_dup.c b/src/pw_dup.c
index ea787cd..c6f7b00 100644
--- a/src/pw_dup.c
+++ b/src/pw_dup.c
@@ -121,6 +121,7 @@ pw_dup(const struct passwd *pw) {
 		cp += ssize;
 	}
 
+	/* cppcheck-suppress[memleak symbolName=cp] memory originally pointed to by cp returned via newpw */
 	return (newpw);
 }
 
-- 
2.31.1