|
 |
731a53 |
From 047bd00ee53a722eaf46e58e330888cf628d5a7c Mon Sep 17 00:00:00 2001
|
|
|
731a53 |
From: Kamil Dudka <kdudka@redhat.com>
|
|
|
731a53 |
Date: Mon, 14 Jan 2019 16:54:19 +0100
|
|
|
731a53 |
Subject: [PATCH 1/2] do_curl_setopt_httppost: do not use uninitialized stack
|
|
|
731a53 |
variable
|
|
|
731a53 |
|
|
|
731a53 |
Detected by Coverity Analysis and Clang:
|
|
|
731a53 |
|
|
|
731a53 |
Error: UNINIT (CWE-457):
|
|
|
731a53 |
pycurl-7.43.0.2/src/easyopt.c:493: var_decl: Declaring variable "res" without initializer.
|
|
|
731a53 |
pycurl-7.43.0.2/src/easyopt.c:524: uninit_use_in_call: Using uninitialized value "(int)res" when calling "create_and_set_error_object".
|
|
|
731a53 |
522| if (PyText_AsStringAndSize(httppost_option, &cstr, &clen, &cencoded_obj)) {
|
|
|
731a53 |
523| PyText_EncodedDecref(nencoded_obj);
|
|
|
731a53 |
524|-> CURLERROR_SET_RETVAL();
|
|
|
731a53 |
525| goto error;
|
|
|
731a53 |
526| }
|
|
|
731a53 |
|
|
|
731a53 |
Error: CLANG_WARNING:
|
|
|
731a53 |
pycurl-7.43.0.2/src/easyopt.c:524:17: warning: 2nd function call argument is an uninitialized value
|
|
|
731a53 |
pycurl-7.43.0.2/src/pycurl.h:286:5: note: expanded from macro 'CURLERROR_SET_RETVAL'
|
|
|
731a53 |
pycurl-7.43.0.2/src/easyopt.c:493:5: note: 'res' declared without an initial value
|
|
|
731a53 |
pycurl-7.43.0.2/src/easyopt.c:496:9: note: Assuming 'len' is not equal to 0
|
|
|
731a53 |
pycurl-7.43.0.2/src/easyopt.c:496:5: note: Taking false branch
|
|
|
731a53 |
pycurl-7.43.0.2/src/easyopt.c:499:17: note: Assuming 'i' is < 'len'
|
|
|
731a53 |
pycurl-7.43.0.2/src/easyopt.c:499:5: note: Loop condition is true. Entering loop body
|
|
|
731a53 |
pycurl-7.43.0.2/src/easyopt.c:505:13: note: Assuming 'which_httppost_item' is not equal to 0
|
|
|
731a53 |
pycurl-7.43.0.2/src/easyopt.c:505:9: note: Taking false branch
|
|
|
731a53 |
pycurl-7.43.0.2/src/easyopt.c:509:13: note: Assuming the condition is false
|
|
|
731a53 |
pycurl-7.43.0.2/src/easyopt.c:509:9: note: Taking false branch
|
|
|
731a53 |
pycurl-7.43.0.2/src/easyopt.c:513:13: note: Assuming the condition is false
|
|
|
731a53 |
pycurl-7.43.0.2/src/easyopt.c:513:9: note: Taking false branch
|
|
|
731a53 |
pycurl-7.43.0.2/src/easyopt.c:519:13: note: Assuming the condition is true
|
|
|
731a53 |
pycurl-7.43.0.2/src/easyopt.c:519:9: note: Taking true branch
|
|
|
731a53 |
pycurl-7.43.0.2/src/easyopt.c:522:17: note: Assuming the condition is true
|
|
|
731a53 |
pycurl-7.43.0.2/src/easyopt.c:522:13: note: Taking true branch
|
|
|
731a53 |
pycurl-7.43.0.2/src/easyopt.c:524:17: note: 2nd function call argument is an uninitialized value
|
|
|
731a53 |
pycurl-7.43.0.2/src/pycurl.h:286:5: note: expanded from macro 'CURLERROR_SET_RETVAL'
|
|
|
731a53 |
---
|
|
|
731a53 |
src/easyopt.c | 2 +-
|
|
|
731a53 |
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
731a53 |
|
|
|
731a53 |
diff --git a/src/easyopt.c b/src/easyopt.c
|
|
|
731a53 |
index 015fa93..471400c 100644
|
|
|
731a53 |
--- a/src/easyopt.c
|
|
|
731a53 |
+++ b/src/easyopt.c
|
|
|
731a53 |
@@ -521,7 +521,7 @@ do_curl_setopt_httppost(CurlObject *self, int option, int which, PyObject *obj)
|
|
|
731a53 |
|
|
|
731a53 |
if (PyText_AsStringAndSize(httppost_option, &cstr, &clen, &cencoded_obj)) {
|
|
|
731a53 |
PyText_EncodedDecref(nencoded_obj);
|
|
|
731a53 |
- CURLERROR_SET_RETVAL();
|
|
|
731a53 |
+ create_and_set_error_object(self, CURLE_BAD_FUNCTION_ARGUMENT);
|
|
|
731a53 |
goto error;
|
|
|
731a53 |
}
|
|
|
731a53 |
/* INFO: curl_formadd() internally does memdup() the data, so
|
|
|
731a53 |
--
|
|
|
731a53 |
2.17.2
|
|
|
731a53 |
|
|
|
731a53 |
|
|
|
731a53 |
From 6f0f7896412c107c390f4967dcdf94fd14d52047 Mon Sep 17 00:00:00 2001
|
|
|
731a53 |
From: Kamil Dudka <kdudka@redhat.com>
|
|
|
731a53 |
Date: Mon, 14 Jan 2019 16:57:14 +0100
|
|
|
731a53 |
Subject: [PATCH 2/2] do_multi_add_handle: execute clean-up code before return
|
|
|
731a53 |
|
|
|
731a53 |
Detected by Coverity Analysis:
|
|
|
731a53 |
|
|
|
731a53 |
Error: UNREACHABLE (CWE-561):
|
|
|
731a53 |
pycurl-7.43.0.2/src/multi.c:631: unreachable: This code cannot be reached: "PyDict_DelItem(self->easy_o...".
|
|
|
731a53 |
629| if (res != CURLM_OK) {
|
|
|
731a53 |
630| CURLERROR_MSG("curl_multi_add_handle() failed due to internal errors");
|
|
|
731a53 |
631|-> PyDict_DelItem(self->easy_object_dict, (PyObject *) obj);
|
|
|
731a53 |
632| }
|
|
|
731a53 |
633| obj->multi_stack = self;
|
|
|
731a53 |
---
|
|
|
731a53 |
src/multi.c | 2 +-
|
|
|
731a53 |
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
731a53 |
|
|
|
731a53 |
diff --git a/src/multi.c b/src/multi.c
|
|
|
731a53 |
index 7ecedbf..3407423 100644
|
|
|
731a53 |
--- a/src/multi.c
|
|
|
731a53 |
+++ b/src/multi.c
|
|
|
731a53 |
@@ -627,8 +627,8 @@ do_multi_add_handle(CurlMultiObject *self, PyObject *args)
|
|
|
731a53 |
assert(obj->multi_stack == NULL);
|
|
|
731a53 |
res = curl_multi_add_handle(self->multi_handle, obj->handle);
|
|
|
731a53 |
if (res != CURLM_OK) {
|
|
|
731a53 |
- CURLERROR_MSG("curl_multi_add_handle() failed due to internal errors");
|
|
|
731a53 |
PyDict_DelItem(self->easy_object_dict, (PyObject *) obj);
|
|
|
731a53 |
+ CURLERROR_MSG("curl_multi_add_handle() failed due to internal errors");
|
|
|
731a53 |
}
|
|
|
731a53 |
obj->multi_stack = self;
|
|
|
731a53 |
Py_INCREF(self);
|
|
|
731a53 |
--
|
|
|
731a53 |
2.17.2
|
|
|
731a53 |
|