From d0101690d9ae347d8a8ee9e340c5db72480046a3 Mon Sep 17 00:00:00 2001 From: Jiri Popelka Date: Fri, 10 Jun 2011 15:26:00 +0200 Subject: iptables: Coverity: VARARGS xtables.c:931: va_init: Initializing va_list "args". xtables.c:938: missing_va_end: va_end was not called for "args". xtables.c:947: missing_va_end: va_end was not called for "args". xtables.c:961: missing_va_end: va_end was not called for "args". Signed-off-by: Jan Engelhardt --- iptables/xtables.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) (limited to 'iptables/xtables.c') diff --git a/iptables/xtables.c b/iptables/xtables.c index acfcf8bd..db6d079f 100644 --- a/iptables/xtables.c +++ b/iptables/xtables.c @@ -1042,8 +1042,10 @@ void xtables_param_act(unsigned int status, const char *p1, ...) case XTF_ONLY_ONCE: p2 = va_arg(args, const char *); b = va_arg(args, unsigned int); - if (!b) + if (!b) { + va_end(args); return; + } xt_params->exit_err(PARAMETER_PROBLEM, "%s: \"%s\" option may only be specified once", p1, p2); @@ -1051,8 +1053,10 @@ void xtables_param_act(unsigned int status, const char *p1, ...) case XTF_NO_INVERT: p2 = va_arg(args, const char *); b = va_arg(args, unsigned int); - if (!b) + if (!b) { + va_end(args); return; + } xt_params->exit_err(PARAMETER_PROBLEM, "%s: \"%s\" option cannot be inverted", p1, p2); break; @@ -1065,8 +1069,10 @@ void xtables_param_act(unsigned int status, const char *p1, ...) break; case XTF_ONE_ACTION: b = va_arg(args, unsigned int); - if (!b) + if (!b) { + va_end(args); return; + } xt_params->exit_err(PARAMETER_PROBLEM, "%s: At most one action is possible", p1); break; -- cgit v1.2.3 From f53710b16c2bae1843c3f5fee390f496dfa82526 Mon Sep 17 00:00:00 2001 From: Jiri Popelka Date: Fri, 10 Jun 2011 15:26:02 +0200 Subject: iptables: Coverity: RESOURCE_LEAK xtables.c:320: alloc_fn: Calling allocation function "get_modprobe". xtables.c:294: alloc_fn: Storage is returned from allocation function "malloc". xtables.c:294: var_assign: Assigning: "ret" = "malloc(1024UL)". xtables.c:304: return_alloc: Returning allocated memory "ret". xtables.c:320: var_assign: Assigning: "buf" = storage returned from "get_modprobe()". xtables.c:323: var_assign: Assigning: "modprobe" = "buf". xtables.c:348: leaked_storage: Variable "buf" going out of scope leaks the storage it points to. xtables.c:348: leaked_storage: Returning without freeing "modprobe" leaks the storage that it points to. Signed-off-by: Jan Engelhardt --- iptables/xtables.c | 1 + 1 file changed, 1 insertion(+) (limited to 'iptables/xtables.c') diff --git a/iptables/xtables.c b/iptables/xtables.c index db6d079f..00c7c066 100644 --- a/iptables/xtables.c +++ b/iptables/xtables.c @@ -362,6 +362,7 @@ int xtables_insmod(const char *modname, const char *modprobe, bool quiet) /* not usually reached */ exit(1); case -1: + free(buf); return -1; default: /* parent */ -- cgit v1.2.3 From 3c871010888e1479ef8fca2048485b979ec2661a Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Fri, 24 Jun 2011 20:16:48 +0200 Subject: build: attempt to fix building under Linux 2.4 iptables no longer compiles for Linux 2.4 because it uses linux/magic.h. This header and the PROC_SUPER_MAGIC macro are only for Linux 2.6. xtables.c:35:52: error: linux/magic.h: No such file or directory xtables.c: In function 'proc_file_exists': xtables.c:389: error: 'PROC_SUPER_MAGIC' undeclared (first use in this function) xtables.c:389: error: (Each undeclared identifier is reported only once for each function it appears in.) References: http://bugzilla.netfilter.org/show_bug.cgi?id=720 Signed-off-by: Jan Engelhardt --- iptables/xtables.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'iptables/xtables.c') diff --git a/iptables/xtables.c b/iptables/xtables.c index 00c7c066..c4b1c2a8 100644 --- a/iptables/xtables.c +++ b/iptables/xtables.c @@ -15,6 +15,7 @@ * along with this program; if not, write to the Free Software * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ +#include "config.h" #include #include #include @@ -32,7 +33,11 @@ #include #include #include -#include /* for PROC_SUPER_MAGIC */ +#if defined(HAVE_LINUX_MAGIC_H) +# include /* for PROC_SUPER_MAGIC */ +#elif defined(HAVE_LINUX_PROC_FS_H) +# include /* Linux 2.4 */ +#endif #include #include /* INT_MAX in ip_tables.h/ip6_tables.h */ -- cgit v1.2.3