Compare commits

..

1 Commits

Author SHA1 Message Date
43aeaf6e3b fix: null pointer dereference guards (CWE-476)
Some checks failed
CI Code / Code Coverage (pull_request) Failing after 10m45s
CI Code / Check spelling (pull_request) Failing after 11m2s
CI Code / Check coding style (pull_request) Failing after 11m21s
CI Code / Linux (ubuntu) (pull_request) Failing after 11m36s
CI Code / Linux (debian) (pull_request) Failing after 11m56s
CI Code / Linux (arch) (pull_request) Failing after 12m22s
- cmd_funcs.c: check strtok() return before use in cmd_process_input
- cmd_funcs.c: check fdopen() return before use in cmd_sendfile
- omemo.c: init fingerprint_len=0 and check _omemo_fingerprint_decode()
  return in omemo_is_trusted_identity (CWE-457/CWE-690)
- omemo.c: early NULL return in _omemo_fingerprint_decode() for NULL input

Found via GCC -fanalyzer. Not covered by upstream.
2026-04-17 16:22:56 +03:00
7 changed files with 18 additions and 27 deletions

View File

@@ -210,6 +210,9 @@ cmd_process_input(ProfWin* window, char* inp)
if (inp[0] == '/') {
auto_char char* inp_cpy = strdup(inp);
char* command = strtok(inp_cpy, " ");
if (!command) {
return TRUE;
}
char* question_mark = strchr(command, '?');
if (question_mark) {
*question_mark = '\0';
@@ -4963,6 +4966,10 @@ cmd_sendfile(ProfWin* window, const char* const command, gchar** args)
}
FILE* fh = fdopen(fd, "rb");
if (!fh) {
cons_show_error("Failed to open file for reading.");
goto out;
}
if (omemo_enabled) {
#ifdef HAVE_OMEMO
@@ -4972,7 +4979,6 @@ cmd_sendfile(ProfWin* window, const char* const command, gchar** args)
if (err != NULL) {
cons_show_error("%s", err);
win_println(window, THEME_ERROR, "-", "%s", err);
fclose(fh);
goto out;
}
#endif

View File

@@ -178,14 +178,12 @@ account_eval_password(ProfAccount* account)
if (!account->password) {
log_error("Failed to allocate enough memory to read `eval_password` "
"output.");
pclose(stream);
return FALSE;
}
account->password = fgets(account->password, READ_BUF_SIZE, stream);
if (!account->password) {
log_error("Failed to read password from stream.");
pclose(stream);
return FALSE;
}

View File

@@ -359,6 +359,7 @@ log_stderr_init(log_level_t level)
if (rc != 0)
goto err;
close(STDERR_FILENO);
rc = dup2(stderr_pipe[1], STDERR_FILENO);
if (rc < 0)
goto err_close;

View File

@@ -537,10 +537,8 @@ omemo_set_device_list(const char* const from, GList* device_list)
g_hash_table_iter_init(&iter, known_identities);
while (g_hash_table_iter_next(&iter, &key, &value)) {
if (device_id->data == value) {
char* formatted = omemo_format_fingerprint(key);
cons_show("OMEMO: Adding firstusage trust for %s device %d - Fingerprint %s", jid->barejid, GPOINTER_TO_INT(device_id->data), formatted);
omemo_trust(jid->barejid, formatted);
free(formatted);
cons_show("OMEMO: Adding firstusage trust for %s device %d - Fingerprint %s", jid->barejid, GPOINTER_TO_INT(device_id->data), omemo_format_fingerprint(key));
omemo_trust(jid->barejid, omemo_format_fingerprint(key));
}
}
}
@@ -1091,8 +1089,11 @@ omemo_is_trusted_identity(const char* const jid, const char* const fingerprint)
.device_id = GPOINTER_TO_INT(device_id),
};
size_t fingerprint_len;
size_t fingerprint_len = 0;
unsigned char* fingerprint_raw = _omemo_fingerprint_decode(fingerprint, &fingerprint_len);
if (!fingerprint_raw) {
return FALSE;
}
unsigned char djb_type[] = { '\x05' };
signal_buffer* buffer = signal_buffer_create(djb_type, 1);
buffer = signal_buffer_append(buffer, fingerprint_raw, fingerprint_len);
@@ -1151,6 +1152,9 @@ _omemo_fingerprint(ec_public_key* identity, gboolean formatted)
static unsigned char*
_omemo_fingerprint_decode(const char* const fingerprint, size_t* len)
{
if (!fingerprint) {
return NULL;
}
unsigned char* output = malloc(strlen(fingerprint) / 2 + 1);
int i;

View File

@@ -117,7 +117,7 @@ prof_run(gchar* log_level, gchar* account_name, gchar* config_file, gchar* log_f
char* line = NULL;
GTimer* waittimer = g_timer_new();
g_timer_stop(waittimer);
int waittime = 0;
int waittime;
while (cont && !force_quit) {
log_stderr_handler();
session_check_autoaway();

View File

@@ -178,7 +178,6 @@ http_file_get(void* userdata)
}
if (ftell(outfh) == 0) {
free(err);
err = strdup("Output file is empty.");
}
@@ -186,7 +185,6 @@ http_file_get(void* userdata)
curl_global_cleanup();
if (fclose(outfh) == EOF) {
free(err);
err = strdup(g_strerror(errno));
}

View File

@@ -355,9 +355,6 @@ _iq_id_handler_free(ProfIqHandler* handler)
free(handler);
}
/* Analyzer cannot track ownership transfer through callback registration */
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wanalyzer-malloc-leak"
void
iq_id_handler_add(const char* const id, ProfIqCallback func, ProfIqFreeCallback free_func, void* userdata)
{
@@ -370,7 +367,6 @@ iq_id_handler_add(const char* const id, ProfIqCallback func, ProfIqFreeCallback
g_hash_table_insert(id_handlers, strdup(id), handler);
}
}
#pragma GCC diagnostic pop
void
iq_autoping_timer_cancel(void)
@@ -542,9 +538,6 @@ iq_last_activity_request(const char* jid)
xmpp_stanza_release(iq);
}
/* Ownership transferred via iq_id_handler_add callback */
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wanalyzer-malloc-leak"
void
iq_room_info_request(const char* const room, gboolean display_result)
{
@@ -563,7 +556,6 @@ iq_room_info_request(const char* const room, gboolean display_result)
xmpp_stanza_release(iq);
}
}
#pragma GCC diagnostic pop
void
iq_send_caps_request_for_jid(const char* const to, const char* const id,
@@ -729,9 +721,6 @@ iq_room_config_cancel(ProfConfWin* confwin)
xmpp_stanza_release(iq);
}
/* Ownership transferred via iq_id_handler_add callback */
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wanalyzer-malloc-leak"
void
iq_room_affiliation_list(const char* const room, char* affiliation, bool show_ui_message)
{
@@ -806,7 +795,6 @@ iq_room_role_set(const char* const room, const char* const nick, char* role,
xmpp_stanza_release(iq);
}
}
#pragma GCC diagnostic pop
void
iq_room_role_list(const char* const room, char* role)
@@ -1241,9 +1229,6 @@ _command_list_result_handler(xmpp_stanza_t* const stanza, void* const userdata)
return 0;
}
/* Ownership of 'data' transferred to wins_new_config callbacks */
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wanalyzer-malloc-leak"
static int
_command_exec_response_handler(xmpp_stanza_t* const stanza, void* const userdata)
{
@@ -1366,7 +1351,6 @@ _command_exec_response_handler(xmpp_stanza_t* const stanza, void* const userdata
return 0;
}
#pragma GCC diagnostic pop
static int
_enable_carbons_id_handler(xmpp_stanza_t* const stanza, void* const userdata)