From c914000971063a4500cfb34f4141dfc3c943368d Mon Sep 17 00:00:00 2001 From: "[anp/hsw]" Date: Sat, 13 Mar 2021 18:43:15 +0700 Subject: Fix some errors and warnings found by cppcheck [accel-pppd/ctrl/ipoe/ipoe.c:4054]: (style) A pointer can not be negative so it is either pointless or an error to check if it is not. [accel-pppd/logs/log_syslog.c:148]: (error) Array 'facility_name[9]' accessed at index 35, which is out of bounds. [accel-pppd/lua/session.c:274]: (error) Common realloc mistake: 'mods' nulled but not freed upon failure [accel-pppd/extra/ippool.c:114]: (warning) %u in format string (no. 1) requires 'unsigned int *' but the argument type is 'int *'. [accel-pppd/extra/ippool.c:114]: (warning) %u in format string (no. 2) requires 'unsigned int *' but the argument type is 'int *'. [accel-pppd/extra/ippool.c:114]: (warning) %u in format string (no. 3) requires 'unsigned int *' but the argument type is 'int *'. [accel-pppd/extra/ippool.c:114]: (warning) %u in format string (no. 4) requires 'unsigned int *' but the argument type is 'int *'. [accel-pppd/extra/ippool.c:114]: (warning) %u in format string (no. 5) requires 'unsigned int *' but the argument type is 'int *'. [accel-pppd/extra/ippool.c:141]: (warning) %u in format string (no. 1) requires 'unsigned int *' but the argument type is 'int *'. [accel-pppd/extra/ippool.c:141]: (warning) %u in format string (no. 2) requires 'unsigned int *' but the argument type is 'int *'. [accel-pppd/extra/ippool.c:141]: (warning) %u in format string (no. 3) requires 'unsigned int *' but the argument type is 'int *'. [accel-pppd/extra/ippool.c:141]: (warning) %u in format string (no. 4) requires 'unsigned int *' but the argument type is 'int *'. [accel-pppd/extra/ippool.c:141]: (warning) %u in format string (no. 5) requires 'unsigned int *' but the argument type is 'int *'. [accel-pppd/main.c:97]: (warning) %d in format string (no. 1) requires 'int *' but the argument type is 'unsigned int *'. [accel-pppd/radius/radius.c:687] -> [accel-pppd/radius/radius.c:690]: (warning) Possible null pointer dereference: rpd - otherwise it is redundant to check it against null. [accel-pppd/radius/serv.c:805] -> [accel-pppd/radius/serv.c:829]: (warning) Possible null pointer dereference: ptr2 - otherwise it is redundant to check it against null. [accel-pppd/radius/serv.c:813] -> [accel-pppd/radius/serv.c:829]: (warning) Possible null pointer dereference: ptr2 - otherwise it is redundant to check it against null. [accel-pppd/radius/serv.c:823] -> [accel-pppd/radius/serv.c:829]: (warning) Possible null pointer dereference: ptr2 - otherwise it is redundant to check it against null. --- accel-pppd/radius/radius.c | 3 ++- accel-pppd/radius/serv.c | 5 +++-- 2 files changed, 5 insertions(+), 3 deletions(-) (limited to 'accel-pppd/radius') diff --git a/accel-pppd/radius/radius.c b/accel-pppd/radius/radius.c index fd64091..5563c94 100644 --- a/accel-pppd/radius/radius.c +++ b/accel-pppd/radius/radius.c @@ -684,7 +684,6 @@ static void ses_finished(struct ap_session *ses) { struct radius_pd_t *rpd = find_pd(ses); struct ipv6db_addr_t *a; - struct framed_route *fr = rpd->fr; struct framed_ip6_route *fr6; if (!rpd) { @@ -692,6 +691,8 @@ static void ses_finished(struct ap_session *ses) abort(); } + struct framed_route *fr = rpd->fr; + pthread_rwlock_wrlock(&sessions_lock); pthread_mutex_lock(&rpd->lock); list_del(&rpd->entry); diff --git a/accel-pppd/radius/serv.c b/accel-pppd/radius/serv.c index d27d04f..65af74d 100644 --- a/accel-pppd/radius/serv.c +++ b/accel-pppd/radius/serv.c @@ -758,6 +758,8 @@ static int parse_server2(const char *_opt, struct rad_server_t *s) goto out; ptr2 = strchr(ptr1 + 1, ','); + if (!ptr2) + goto out; *ptr1 = 0; @@ -826,8 +828,7 @@ static int parse_server2(const char *_opt, struct rad_server_t *s) else s->backup = 0; - if (ptr2) - *ptr2 = 0; + *ptr2 = 0; s->secret = _strdup(ptr1 + 1); -- cgit v1.2.3 From 39981480b61f4712cbd5ec415e851f1d52fb04bf Mon Sep 17 00:00:00 2001 From: "[anp/hsw]" Date: Sat, 13 Mar 2021 21:06:58 +0700 Subject: Fix segmentation fault when radius section is missing --- accel-pppd/radius/radius.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'accel-pppd/radius') diff --git a/accel-pppd/radius/radius.c b/accel-pppd/radius/radius.c index 5563c94..139b8b8 100644 --- a/accel-pppd/radius/radius.c +++ b/accel-pppd/radius/radius.c @@ -1041,6 +1041,10 @@ static void radius_init(void) { const char *dict = NULL; struct conf_sect_t *s = conf_get_section("radius"); + + if (!s) + _exit(EXIT_FAILURE); + struct conf_option_t *opt1; rpd_pool = mempool_create(sizeof(struct radius_pd_t)); -- cgit v1.2.3