Fixed some errors found by valgrind and pvs-studio (#11)

* Fix errors found by valgrind

==12312== Syscall param sendmsg(msg.msg_iov[0]) points to uninitialised byte(s)
==12312==    at 0x486CCF0: sendmsg (in /lib/libpthread-2.22.so)
==12312==    by 0x12F57F: rtnl_talk (libnetlink.c:316)
==12312==    by 0x132DA3: genl_resolve_mcg (genl.c:52)
==12312==    by 0x484E1CB: init (vlan_mon.c:528)
==12312==    by 0x484CDC0: vlan_mon_register_proto (vlan_mon.c:48)
==12312==    by 0x510B763: load_vlan_mon (pppoe.c:1914)
==12312==    by 0x510BFF2: load_config (pppoe.c:2064)
==12312==    by 0x510C22A: pppoe_init (pppoe.c:2108)
==12312==    by 0x483E9EB: triton_load_modules (triton.c:704)
==12312==    by 0x1384B2: main (main.c:339)
==12312==  Address 0xbedacdd8 is on thread 1's stack
==12312==  in frame #2, created by genl_resolve_mcg (genl.c:23)

==12312== 15 bytes in 1 blocks are definitely lost in loss record 352 of 836
==12312==    at 0x482A9A9: malloc (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==12312==    by 0x4B97524: strdup (in /lib/libc-2.22.so)
==12312==    by 0x12C30C: init (telnet.c:769)
==12312==    by 0x483E9EB: triton_load_modules (triton.c:704)
==12312==    by 0x1384B2: main (main.c:339)
==12312==
==12312== 15 bytes in 1 blocks are definitely lost in loss record 353 of 836
==12312==    at 0x482A9A9: malloc (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==12312==    by 0x4B97524: strdup (in /lib/libc-2.22.so)
==12312==    by 0x12D60A: init (tcp.c:392)
==12312==    by 0x483E9EB: triton_load_modules (triton.c:704)
==12312==    by 0x1384B2: main (main.c:339)

* Fix another warnings by cppcheck

[accel-pppd/ctrl/ipoe/arp.c:256]: (error) Uninitialized variable: n
[accel-pppd/ctrl/pppoe/mac_filter.c:90]: (warning) %x in format string (no. 1) requires 'unsigned int *' but the argument type is 'signed int *'.
[accel-pppd/ctrl/pppoe/mac_filter.c:90]: (warning) %x in format string (no. 2) requires 'unsigned int *' but the argument type is 'signed int *'.
[accel-pppd/ctrl/pppoe/mac_filter.c:90]: (warning) %x in format string (no. 3) requires 'unsigned int *' but the argument type is 'signed int *'.
[accel-pppd/ctrl/pppoe/mac_filter.c:90]: (warning) %x in format string (no. 4) requires 'unsigned int *' but the argument type is 'signed int *'.
[accel-pppd/ctrl/pppoe/mac_filter.c:90]: (warning) %x in format string (no. 5) requires 'unsigned int *' but the argument type is 'signed int *'.
[accel-pppd/ctrl/pppoe/mac_filter.c:90]: (warning) %x in format string (no. 6) requires 'unsigned int *' but the argument type is 'signed int *'.
[accel-pppd/ctrl/pppoe/mac_filter.c:129]: (warning) %x in format string (no. 1) requires 'unsigned int *' but the argument type is 'signed int *'.
[accel-pppd/ctrl/pppoe/mac_filter.c:129]: (warning) %x in format string (no. 2) requires 'unsigned int *' but the argument type is 'signed int *'.
[accel-pppd/ctrl/pppoe/mac_filter.c:129]: (warning) %x in format string (no. 3) requires 'unsigned int *' but the argument type is 'signed int *'.
[accel-pppd/ctrl/pppoe/mac_filter.c:129]: (warning) %x in format string (no. 4) requires 'unsigned int *' but the argument type is 'signed int *'.
[accel-pppd/ctrl/pppoe/mac_filter.c:129]: (warning) %x in format string (no. 5) requires 'unsigned int *' but the argument type is 'signed int *'.
[accel-pppd/ctrl/pppoe/mac_filter.c:129]: (warning) %x in format string (no. 6) requires 'unsigned int *' but the argument type is 'signed int *'.
[accel-pppd/ctrl/pppoe/mac_filter.c:158]: (warning) %x in format string (no. 1) requires 'unsigned int *' but the argument type is 'signed int *'.
[accel-pppd/ctrl/pppoe/mac_filter.c:158]: (warning) %x in format string (no. 2) requires 'unsigned int *' but the argument type is 'signed int *'.
[accel-pppd/ctrl/pppoe/mac_filter.c:158]: (warning) %x in format string (no. 3) requires 'unsigned int *' but the argument type is 'signed int *'.
[accel-pppd/ctrl/pppoe/mac_filter.c:158]: (warning) %x in format string (no. 4) requires 'unsigned int *' but the argument type is 'signed int *'.
[accel-pppd/ctrl/pppoe/mac_filter.c:158]: (warning) %x in format string (no. 5) requires 'unsigned int *' but the argument type is 'signed int *'.
[accel-pppd/ctrl/pppoe/mac_filter.c:158]: (warning) %x in format string (no. 6) requires 'unsigned int *' but the argument type is 'signed int *'.
[accel-pppd/ctrl/pppoe/pppoe.c:738]: (warning) Possible null pointer dereference
[accel-pppd/ipv6/dhcpv6.c:911]: (warning) %x in format string (no. 1) requires 'unsigned int *' but the argument type is 'int *'.
[accel-pppd/ipv6/dhcpv6.c:911]: (warning) %x in format string (no. 2) requires 'unsigned int *' but the argument type is 'signed int *'.
[accel-pppd/ipv6/dhcpv6.c:911]: (warning) %x in format string (no. 3) requires 'unsigned int *' but the argument type is 'signed int *'.
[accel-pppd/ipv6/dhcpv6.c:911]: (warning) %x in format string (no. 4) requires 'unsigned int *' but the argument type is 'signed int *'.
[accel-pppd/libnetlink/libnetlink.c:515]: (warning) Possible null pointer dereference
[accel-pppd/ppp/ipv6cp_opt_intfid.c:185]: (warning) %x in format string (no. 1) requires 'unsigned int *' but the argument type is 'signed int *'.
[accel-pppd/ppp/ipv6cp_opt_intfid.c:298]: (warning) %x in format string (no. 1) requires 'unsigned int *' but the argument type is 'int *'.
[accel-pppd/ppp/ipv6cp_opt_intfid.c:298]: (warning) %x in format string (no. 2) requires 'unsigned int *' but the argument type is 'signed int *'.
[accel-pppd/ppp/ipv6cp_opt_intfid.c:298]: (warning) %x in format string (no. 3) requires 'unsigned int *' but the argument type is 'signed int *'.
[accel-pppd/ppp/ipv6cp_opt_intfid.c:298]: (warning) %x in format string (no. 4) requires 'unsigned int *' but the argument type is 'signed int *'.

* Suppress compiler warnings

* Fix locking errors

/opt/pvs/accel-ppp/accel-pppd/extra/pppd_compat.c       279     warn    V1020 The function exited without calling the 'sigchld_unlock' function. Check lines: 279, 249.
/opt/pvs/accel-ppp/accel-pppd/extra/pppd_compat.c       333     warn    V1020 The function exited without calling the 'sigchld_unlock' function. Check lines: 333, 315.
/opt/pvs/accel-ppp/accel-pppd/extra/pppd_compat.c       422     warn    V1020 The function exited without calling the 'sigchld_unlock' function. Check lines: 422, 372.
/opt/pvs/accel-ppp/accel-pppd/extra/pppd_compat.c       488     warn    V1020 The function exited without calling the 'sigchld_unlock' function. Check lines: 488, 468.
/opt/pvs/accel-ppp/accel-pppd/triton/mempool.c  119     warn    V1020 The function exited without calling the 'pthread_spin_unlock' function. Check lines: 119, 116.

* Fix array len errors

/opt/pvs/accel-ppp/accel-pppd/triton/conf_file.c        75      warn    V557 Array underrun is possible. The value of 'len - 1' index could reach -1.
/opt/pvs/accel-ppp/accel-pppd/triton/conf_file.c        76      warn    V557 Array underrun is possible. The value of '-- len' index could reach -1.

* Fix possible memory leaks

/opt/pvs/accel-ppp/accel-pppd/radius/radius.c   936     err     V773 The function was exited without releasing the 'str' pointer. A memory leak is possible.
/opt/pvs/accel-ppp/accel-pppd/radius/serv.c     622     err     V773 The function was exited without releasing the 'str' pointer. A memory leak is possible.
/opt/pvs/accel-ppp/accel-pppd/triton/conf_file.c        144     err     V773 The function was exited without releasing the 'raw' pointer. A memory leak is possible.

* Fix unsafe code

/opt/pvs/accel-ppp/accel-pppd/cli/tcp.c 364     warn    V1004 The 'host' pointer was used unsafely after it was verified against nullptr. Check lines: 338, 364.
/opt/pvs/accel-ppp/accel-pppd/cli/telnet.c      701     warn    V1004 The 'host' pointer was used unsafely after it was verified against nullptr. Check lines: 675, 701.
/opt/pvs/accel-ppp/accel-pppd/extra/ippool.c    241     err     V614 Potentially uninitialized pointer 'pos' used.
/opt/pvs/accel-ppp/accel-pppd/radius/dict.c     165     err     V614 Uninitialized pointer 'parent_items' used.

* Remove duplicate code

/opt/pvs/accel-ppp/accel-pppd/radius/serv.c     202     warn    V547 Expression 'ts.tv_sec < req->serv->fail_time' is always false.

* Fix treating signed bool variables as unsigned

* Add nullptr checking

/opt/pvs/accel-ppp/accel-pppd/ipv6/dhcpv6.c     886     err     V595 The 'opt->val' pointer was utilized before it was verified against nullptr. Check lines: 886, 890.
/opt/pvs/accel-ppp/accel-pppd/ipv6/nd.c 479     err     V595 The 'opt->val' pointer was utilized before it was verified against nullptr. Check lines: 479, 483.
/opt/pvs/accel-ppp/accel-pppd/radius/auth.c     152     err     V595 The 'rpd->auth_ctx' pointer was utilized before it was verified against nullptr. Check lines: 152, 154.
/opt/pvs/accel-ppp/accel-pppd/triton/conf_file.c        114     err     V595 The 'cur_sect' pointer was utilized before it was verified against nullptr. Check lines: 114, 117.

* Add logging of exit conditions

* Clarify calculation

[accel-pppd/ppp/ccp_mppe.c:281]: (style) Clarify calculation precedence for '&' and '?'.
[accel-pppd/ppp/ccp_mppe.c:282]: (style) Clarify calculation precedence for '&' and '?'.
[accel-pppd/ppp/ccp_mppe.c:283]: (style) Clarify calculation precedence for '&' and '?'.
[accel-pppd/ppp/ccp_mppe.c:284]: (style) Clarify calculation precedence for '&' and '?'.
[accel-pppd/ppp/ccp_mppe.c:285]: (style) Clarify calculation precedence for '&' and '?'.
[accel-pppd/ppp/ccp_mppe.c:286]: (style) Clarify calculation precedence for '&' and '?'.
[drivers/ipoe/ipoe.c:307]: (style) Clarify calculation precedence for '&' and '?'.

* Fix void calculations

[accel-pppd/ctrl/pppoe/disc.c:211]: (portability) 'pkt' is of type 'void *'. When using void pointers in calculations, the behaviour is undefined.
[accel-pppd/ctrl/pptp/pptp.c:150]: (portability) 'buf' is of type 'void *'. When using void pointers in calculations, the behaviour is undefined.
[accel-pppd/radius/acct.c:37]: (portability) 'req.pack.buf' is of type 'void *'. When using void pointers in calculations, the behaviour is undefined.
[accel-pppd/radius/auth.c:35]: (portability) 'req.pack.buf' is of type 'void *'. When using void pointers in calculations, the behaviour is undefined.
[accel-pppd/radius/auth.c:79]: (portability) 'req.pack.buf' is of type 'void *'. When using void pointers in calculations, the behaviour is undefined.
[accel-pppd/radius/dm_coa.c:43]: (portability) 'pack.buf' is of type 'void *'. When using void pointers in calculations, the behaviour is undefined.
[accel-pppd/radius/dm_coa.c:47]: (portability) 'pack.buf' is of type 'void *'. When using void pointers in calculations, the behaviour is undefined.
[accel-pppd/radius/dm_coa.c:57]: (portability) 'pack.buf' is of type 'void *'. When using void pointers in calculations, the behaviour is undefined.
[accel-pppd/radius/dm_coa.c:65]: (portability) 'req.buf' is of type 'void *'. When using void pointers in calculations, the behaviour is undefined.
[accel-pppd/radius/dm_coa.c:97]: (portability) 'req.buf' is of type 'void *'. When using void pointers in calculations, the behaviour is undefined.
[accel-pppd/radius/serv.c:364]: (portability) 'req.pack.buf' is of type 'void *'. When using void pointers in calculations, the behaviour is undefined.
[accel-pppd/triton/mempool.c:115]: (portability) 'mmap_ptr' is of type 'void *'. When using void pointers in calculations, the behaviour is undefined.
[accel-pppd/triton/mempool.c:122]: (portability) 'mmap_ptr' is of type 'void *'. When using void pointers in calculations, the behaviour is undefined.
[accel-pppd/triton/mempool.c:276]: (portability) 'ptr' is of type 'void *'. When using void pointers in calculations, the behaviour is undefined.

* Fix void part 2

[accel-pppd/ipv6/dhcpv6.c:844]: (portability) 'conf_dnssl' is of type 'void *'. When using void pointers in calculations, the behaviour is undefined.
[accel-pppd/ipv6/nd.c:199]: (portability) '(void*)dnsslinfo' is of type 'void *'. When using void pointers in calculations, the behaviour is undefined.
[accel-pppd/ipv6/nd.c:432]: (portability) 'conf_dnssl' is of type 'void *'. When using void pointers in calculations, the behaviour is undefined.

* Fix null pointer dereference

[accel-pppd/ctrl/ipoe/ipoe.c:2048]: (warning) Possible null pointer dereference: eth
[accel-pppd/ctrl/ipoe/ipoe.c:2049]: (warning) Possible null pointer dereference: iph

* Remove redundant check

/opt/pvs/accel-ppp/accel-pppd/ctrl/l2tp/packet.c        656     warn    V547 Expression 'attr->length <= 16' is always false.

* PR fixes

* PR fixes 2

10 files changed, 37 insertions, 34 deletions

diff --git a/accel-pppd/ctrl/ipoe/arp.c b/accel-pppd/ctrl/ipoe/arp.c
index 1979c762..4f9669b2 100644
--- a/accel-pppd/ctrl/ipoe/arp.c
+++ b/accel-pppd/ctrl/ipoe/arp.c
@@ -231,7 +231,7 @@ static int arp_read(struct triton_md_handler_t *h)
 void *arpd_start(struct ipoe_serv *ipoe)
 {
 	struct rb_node **p, *parent = NULL;
-	struct arp_node *n;
+	struct arp_node *n = NULL;
 	struct arp_tree *t;
 	int fd, ifindex = ipoe->ifindex, i;
 	char fname[1024];
diff --git a/accel-pppd/ctrl/ipoe/ipoe.h b/accel-pppd/ctrl/ipoe/ipoe.h
index 7c585a21..933a2c99 100644
--- a/accel-pppd/ctrl/ipoe/ipoe.h
+++ b/accel-pppd/ctrl/ipoe/ipoe.h
@@ -59,17 +59,17 @@ struct ipoe_serv {
 	char *opt_lua_username_func;
 #endif
 	int opt_weight;
-	int opt_shared:1;
-	int opt_dhcpv4:1;
-	int opt_up:1;
-	int opt_auto:1;
-	int opt_ifcfg:1;
-	int opt_nat:1;
-	int opt_ipv6:1;
-	int opt_ip_unnumbered:1;
-	int need_close:1;
-	int active:1;
-	int vlan_mon:1;
+	unsigned int opt_shared:1;
+	unsigned int opt_dhcpv4:1;
+	unsigned int opt_up:1;
+	unsigned int opt_auto:1;
+	unsigned int opt_ifcfg:1;
+	unsigned int opt_nat:1;
+	unsigned int opt_ipv6:1;
+	unsigned int opt_ip_unnumbered:1;
+	unsigned int need_close:1;
+	unsigned int active:1;
+	unsigned int vlan_mon:1;
 };
 
 struct ipoe_session {
@@ -110,15 +110,15 @@ struct ipoe_session {
 #ifdef RADIUS
 	struct rad_plugin_t radius;
 #endif
-	int started:1;
-	int terminating:1;
-	int dhcp_addr:1;
-	int relay_addr:1;
-	int l4_redirect:1;
-	int l4_redirect_set:1;
-	int terminate:1;
-	int UP:1;
-	int wait_start:1;
+	unsigned int started:1;
+	unsigned int terminating:1;
+	unsigned int dhcp_addr:1;
+	unsigned int relay_addr:1;
+	unsigned int l4_redirect:1;
+	unsigned int l4_redirect_set:1;
+	unsigned int terminate:1;
+	unsigned int UP:1;
+	unsigned int wait_start:1;
 };
 
 struct ipoe_session_info {
diff --git a/accel-pppd/ctrl/l2tp/dict.c b/accel-pppd/ctrl/l2tp/dict.c
index b636c871..4e4378df 100644
--- a/accel-pppd/ctrl/l2tp/dict.c
+++ b/accel-pppd/ctrl/l2tp/dict.c
@@ -266,8 +266,10 @@ static void dict_init(void)
 	if (!opt)
 		opt = DICTIONARY;
 
-	if (l2tp_dict_load(opt))
+	if (l2tp_dict_load(opt)) {
+		log_emerg("l2tp:dict_init:l2tp_dict_load: failed\n");
 		_exit(EXIT_FAILURE);
+	}
 }
 
 DEFINE_INIT(20, dict_init);
diff --git a/accel-pppd/ctrl/l2tp/l2tp.h b/accel-pppd/ctrl/l2tp/l2tp.h
index 12a2dbf1..76de867f 100644
--- a/accel-pppd/ctrl/l2tp/l2tp.h
+++ b/accel-pppd/ctrl/l2tp/l2tp.h
@@ -55,8 +55,8 @@ struct l2tp_attr_t
 {
 	struct list_head entry;
 	struct l2tp_dict_attr_t *attr;
-	int M:1;
-	int H:1;
+	unsigned int M:1;
+	unsigned int H:1;
 	int length;
 	l2tp_value_t val;
 };
diff --git a/accel-pppd/ctrl/pppoe/disc.c b/accel-pppd/ctrl/pppoe/disc.c
index b1119eb1..8a82e1d2 100644
--- a/accel-pppd/ctrl/pppoe/disc.c
+++ b/accel-pppd/ctrl/pppoe/disc.c
@@ -202,7 +202,7 @@ void pppoe_disc_stop(struct pppoe_serv_t *serv)
 		free_net(n);
 }
 
-static int forward(struct disc_net *net, int ifindex, void *pkt, int len)
+static int forward(struct disc_net *net, int ifindex, uint8_t *pkt, int len)
 {
 	struct pppoe_serv_t *n;
 	struct tree *t = &net->tree[ifindex & HASH_BITS];
diff --git a/accel-pppd/ctrl/pppoe/mac_filter.c b/accel-pppd/ctrl/pppoe/mac_filter.c
index d1e104e6..ba78df6b 100644
--- a/accel-pppd/ctrl/pppoe/mac_filter.c
+++ b/accel-pppd/ctrl/pppoe/mac_filter.c
@@ -52,7 +52,7 @@ static int mac_filter_load(const char *opt)
 	char *c;
 	char *name = _strdup(opt);
 	char *buf = _malloc(1024);
-	int n[ETH_ALEN];
+	unsigned int n[ETH_ALEN];
 	int i, line = 0;
 
 	c = strstr(name, ",");
@@ -122,7 +122,7 @@ err:
 
 static void mac_filter_add(const char *addr, void *client)
 {
-	int n[ETH_ALEN];
+	unsigned int n[ETH_ALEN];
 	struct mac_t *mac;
 	int i;
 
@@ -149,7 +149,7 @@ static void mac_filter_add(const char *addr, void *client)
 
 static void mac_filter_del(const char *addr, void *client)
 {
-	int n[ETH_ALEN];
+	unsigned int n[ETH_ALEN];
 	uint8_t a[ETH_ALEN];
 	struct mac_t *mac;
 	int i;
diff --git a/accel-pppd/ctrl/pppoe/pppoe.c b/accel-pppd/ctrl/pppoe/pppoe.c
index 6d876495..18aac8bd 100644
--- a/accel-pppd/ctrl/pppoe/pppoe.c
+++ b/accel-pppd/ctrl/pppoe/pppoe.c
@@ -46,7 +46,7 @@ struct pppoe_conn_t {
 	struct pppoe_serv_t *serv;
 	uint16_t sid;
 	uint8_t addr[ETH_ALEN];
-	int ppp_started:1;
+	unsigned int ppp_started:1;
 
 	struct pppoe_tag *relay_sid;
 	struct pppoe_tag *host_uniq;
@@ -735,7 +735,8 @@ static int add_tag(uint8_t *pack, size_t pack_size, int type, const void *data,
 
 	tag->tag_type = htons(type);
 	tag->tag_len = htons(len);
-	memcpy(tag->tag_data, data, len);
+	if (data && len)
+		memcpy(tag->tag_data, data, len);
 
 	hdr->length = htons(ntohs(hdr->length) + sizeof(*tag) + len);
 	return 0;
diff --git a/accel-pppd/ctrl/pppoe/pppoe.h b/accel-pppd/ctrl/pppoe/pppoe.h
index 1ea7b07d..7ba4ac63 100644
--- a/accel-pppd/ctrl/pppoe/pppoe.h
+++ b/accel-pppd/ctrl/pppoe/pppoe.h
@@ -97,8 +97,8 @@ struct pppoe_serv_t
 	int padi_limit;
 	time_t last_padi_limit_warn;
 
-	int stopping:1;
-	int vlan_mon:1;
+	unsigned int stopping:1;
+	unsigned int vlan_mon:1;
 };
 
 extern int conf_verbose;
diff --git a/accel-pppd/ctrl/pptp/pptp.c b/accel-pppd/ctrl/pptp/pptp.c
index 881fa9a4..a5bcaca8 100644
--- a/accel-pppd/ctrl/pptp/pptp.c
+++ b/accel-pppd/ctrl/pptp/pptp.c
@@ -147,7 +147,7 @@ again:
 	}
 
 	if ( n<size ) {
-		memcpy(conn->out_buf, buf + n, size - n);
+		memcpy(conn->out_buf, (uint8_t *)buf + n, size - n);
 		triton_md_enable_handler(&conn->hnd, MD_MODE_WRITE);
 	}
 
diff --git a/accel-pppd/ctrl/sstp/sstp.c b/accel-pppd/ctrl/sstp/sstp.c
index 8c4e55d9..4b154005 100644
--- a/accel-pppd/ctrl/sstp/sstp.c
+++ b/accel-pppd/ctrl/sstp/sstp.c
@@ -128,7 +128,7 @@ struct sstp_conn_t {
 	int hello_sent;
 	int hello_interval;
 
-//	int bypass_auth:1;
+//	unsigned int bypass_auth:1;
 //	char *http_cookie;
 	uint8_t *nonce;
 	uint8_t *hlak_key;