After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 669479 - various small fixes from static analysis
various small fixes from static analysis
Status: RESOLVED FIXED
Product: libsoup
Classification: Core
Component: Misc
unspecified
Other Linux
: Normal normal
: ---
Assigned To: libsoup-maint@gnome.bugs
libsoup-maint@gnome.bugs
Depends on:
Blocks:
 
 
Reported: 2012-02-06 14:09 UTC by Simon McVittie
Modified: 2012-02-13 13:44 UTC
See Also:
GNOME target: ---
GNOME version: ---


Attachments
[1/4] form: Check file pointer before dereferencing (1.09 KB, patch)
2012-02-06 14:13 UTC, Simon McVittie
committed Details | Review
[2/4] Safeguard against NULL in strcmp (1.65 KB, patch)
2012-02-06 14:14 UTC, Simon McVittie
committed Details | Review
[3/4] tests: simple-httpd: Don't leak index_path string (846 bytes, patch)
2012-02-06 14:14 UTC, Simon McVittie
committed Details | Review
[4/4] tests: sniffing: Avoid loop with uninitialised length (1.03 KB, patch)
2012-02-06 14:15 UTC, Simon McVittie
committed Details | Review
soup_form_decode_multipart: document all (out) parameters as nullable (1.97 KB, patch)
2012-02-08 10:09 UTC, Simon McVittie
committed Details | Review
soup_form_decode_multipart: allow file_control_name to be NULL as documented (1.59 KB, patch)
2012-02-08 10:11 UTC, Simon McVittie
accepted-commit_now Details | Review
soup_form_decode_multipart: check that msg really is a non-NULL message (972 bytes, patch)
2012-02-08 10:12 UTC, Simon McVittie
accepted-commit_now Details | Review

Description Simon McVittie 2012-02-06 14:09:50 UTC
My colleagues have fixed some problems in libsoup spotted by a static analysis tool (it was run on an older version, but I've verified that these patches are still applicable to master).
Comment 1 Simon McVittie 2012-02-06 14:13:36 UTC
Created attachment 206890 [details] [review]
[1/4] form: Check file pointer before dereferencing

Author: Robert Swain <robert.swain@collabora.co.uk>

[It's not documented as being allowed to be NULL, but later in the
function there's a check, and GLib convention is generally that all
'out' parameters are allowed to be NULL whether it makes sense or not. -smcv]

Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Bug: https://bugzilla.gnome.org/show_bug.cgi?id=669479
Bug-NB: NB#297634

---

The actual patches are correctly-attributed git-format-patch output; I've mentioned the author here because it's not immediately visible otherwise. The long commit messages with [... -smcv] are from me, not the patch's author.
Comment 2 Simon McVittie 2012-02-06 14:14:06 UTC
Created attachment 206891 [details] [review]
[2/4] Safeguard against NULL in strcmp

Author: Mark Nauwelaerts <mark.nauwelaerts@collabora.co.uk>

[In both of these cases, the situation being guarded against is:
check_password() is called, but soup_message_headers_get_one() does not find
an "Authorization" header. -smcv]

Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Bug: https://bugzilla.gnome.org/show_bug.cgi?id=669479
Bug-NB: NB#297634
Comment 3 Simon McVittie 2012-02-06 14:14:39 UTC
Created attachment 206892 [details] [review]
[3/4] tests: simple-httpd: Don't leak index_path string

From: Robert Swain <robert.swain@collabora.co.uk>

Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk> 
Bug: https://bugzilla.gnome.org/show_bug.cgi?id=669479
Bug-NB: NB#297634
Comment 4 Simon McVittie 2012-02-06 14:15:10 UTC
Created attachment 206893 [details] [review]
[4/4] tests: sniffing: Avoid loop with uninitialised length

From: Robert Swain <robert.swain@collabora.co.uk>

[This would only happen if a request was made to an unhandled path,
which this test doesn't do, but it seems reasonable to return an empty
response rather than crashing. -smcv]

Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Bug: https://bugzilla.gnome.org/show_bug.cgi?id=669479
Bug-NB: NB#297634
Comment 5 Dan Winship 2012-02-07 18:21:04 UTC
Comment on attachment 206890 [details] [review]
[1/4] form: Check file pointer before dereferencing

I'd say change the docs too; they already note that the function might be useful 'when you don't have any file upload controls, but are still using "multipart/form-data" anyway', and it's silly to require the caller to pass @file then, so we might as well make @file be officially optional.
Comment 6 Dan Winship 2012-02-07 18:24:21 UTC
(In reply to comment #5)
> I'd say change the docs too

and go ahead and commit it with that change
Comment 7 Simon McVittie 2012-02-08 10:09:08 UTC
Created attachment 207074 [details] [review]
soup_form_decode_multipart: document all (out) parameters as  nullable

Thanks, here's the additional patch I committed.
Comment 8 Simon McVittie 2012-02-08 10:11:55 UTC
Created attachment 207075 [details] [review]
soup_form_decode_multipart: allow file_control_name to  be NULL as documented

This was documented as allowed, but would have crashed.

Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
https://bugzilla.gnome.org/show_bug.cgi?id=669479

---

I happened to spot this while fixing the documentation.
Comment 9 Simon McVittie 2012-02-08 10:12:16 UTC
Created attachment 207076 [details] [review]
soup_form_decode_multipart: check that msg really is a  non-NULL message

If it wasn't, the next line would segfault anyway.

Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Bug: https://bugzilla.gnome.org/show_bug.cgi?id=669479
Comment 10 Simon McVittie 2012-02-13 13:44:49 UTC
Thanks, fixed in git for 2.37.6