Merge pull request #275 from PavolSloboda/static-analysis-result

Static analysis result bug fixes

Author: 9EOR9

libmariadb/ma_client_plugin.c.in

@@ -248,6 +248,12 @@ static void load_env_plugins(MYSQL *mysql)
   free_env= strdup(s);
   plugs= s= free_env;
 
+  if (!free_env)
+  {
+    SET_CLIENT_ERROR(mysql, CR_OUT_OF_MEMORY, SQLSTATE_UNKNOWN, 0);
+    return;
+  }
+
   do {
     if ((s= strchr(plugs, ';')))
       *s= '\0';

libmariadb/ma_pvio.c

@@ -557,6 +557,8 @@ int ma_pvio_register_callback(my_bool register_callback,
   if (register_callback)
   {
     list= (LIST *)malloc(sizeof(LIST));
+    if (!list)
+      return 1;
 
     list->data= (void *)callback_function;
     pvio_callback= list_add(pvio_callback, list);

libmariadb/mariadb_async.c

@@ -94,7 +94,10 @@ my_connect_async(MARIADB_PVIO *pvio,
 #else
     int err= errno;
     if (err != EINPROGRESS && err != EALREADY && err != EAGAIN)
-      return res;
+      {
+        close(sock);
+        return res;
+      }
 #endif
     b->events_to_wait_for|= MYSQL_WAIT_WRITE;
     if (vio_timeout >= 0)

libmariadb/mariadb_lib.c

@@ -878,6 +878,11 @@ static int parse_connection_string(MYSQL *mysql, const char *unused __attribute_
 
   /* don't modify original dsn */
   conn_save= (char *)malloc(len + 1);
+  if (!conn_save)
+  {
+    SET_CLIENT_ERROR(mysql, CR_OUT_OF_MEMORY, SQLSTATE_UNKNOWN, 0);
+    return 1;
+  }
   memcpy(conn_save, conn_str, len);
   conn_save[len]= 0;
 
@@ -4595,6 +4600,7 @@ my_bool mariadb_get_infov(MYSQL *mysql, enum mariadb_value value, void *arg, ...
       size= va_arg(ap, unsigned int);
       if (!ma_pvio_tls_get_peer_cert_info(mysql->net.pvio->ctls, size))
         *((MARIADB_X509_INFO **)arg)= (MARIADB_X509_INFO *)&mysql->net.pvio->ctls->cert_info;
+      va_end(ap);
       return 0;
     }
     *((MARIADB_X509_INFO **)arg)= NULL;

libmariadb/mariadb_rpl.c

@@ -1884,9 +1884,9 @@ MARIADB_RPL_EVENT * STDCALL mariadb_rpl_fetch(MARIADB_RPL *rpl, MARIADB_RPL_EVEN
       /* We need to report an error if this event can't be ignored */
       if (!(rpl_event->flags & LOG_EVENT_IGNORABLE_F))
       {
-        mariadb_free_rpl_event(rpl_event);
         rpl_set_error(rpl, CR_UNKNOWN_BINLOG_EVENT, 0, RPL_ERR_POS(rpl),
                       rpl_event->event_type);
+        mariadb_free_rpl_event(rpl_event);
         return 0;
       }
       return rpl_event;
@@ -1976,6 +1976,12 @@ int STDCALL mariadb_rpl_optionsv(MARIADB_RPL *rpl,
     else if (arg1)
     {
       rpl->filename= strdup((const char *)arg1);
+      if (!rpl->filename)
+      {
+        va_end(ap);
+        rpl_set_error(rpl, CR_OUT_OF_MEMORY, 0);
+        return 1;
+      }
       rpl->filename_length= (uint32_t)strlen(rpl->filename);
     }
     break;

unittest/libmariadb/connection.c

@@ -1522,6 +1522,7 @@ static int test_conc327(MYSQL *unused __attribute__((unused)))
   const char *env= getenv("MYSQL_TMP_DIR");
   char cnf_file1[FN_REFLEN + 1];
   char cnf_file2[FN_REFLEN + 1];
+  my_bool failed_opening_files;
 
   SKIP_SKYSQL;
 
@@ -1540,7 +1541,19 @@ static int test_conc327(MYSQL *unused __attribute__((unused)))
 
   fp1= fopen(cnf_file1, "w");
   fp2= fopen(cnf_file2, "w");
-  FAIL_IF(!fp1 || !fp2, "fopen failed");
+  if((failed_opening_files = !fp1 || !fp2))
+  {
+    if(fp1)
+    {
+      fclose(fp1);
+    }
+    if(fp2)
+    {
+      fclose(fp2);
+    }
+  }
+  
+  FAIL_IF(failed_opening_files, "fopen failed");
 
   fprintf(fp1, "!include %s\n", cnf_file2);
 
@@ -1565,7 +1578,18 @@ static int test_conc327(MYSQL *unused __attribute__((unused)))
   snprintf(cnf_file1, FN_REFLEN, "%s%cmy.cnf", env, FN_LIBCHAR);
   fp1= fopen(cnf_file1, "w");
   fp2= fopen(cnf_file2, "w");
-  FAIL_IF(!fp1 || !fp2, "fopen failed");
+  if((failed_opening_files = !fp1 || !fp2))
+  {
+    if(fp1)
+    {
+      fclose(fp1);
+    }
+    if(fp2)
+    {
+      fclose(fp2);
+    }
+  }
+  FAIL_IF(failed_opening_files, "fopen failed");
 
   fprintf(fp2, "!includedir %s\n", env);
 

unittest/libmariadb/misc.c

@@ -287,21 +287,31 @@ static int test_frm_bug(MYSQL *mysql)
   }
 
   rc= mysql_query(mysql, "SHOW TABLE STATUS like 'test_frm_bug'");
+  if (rc)
+    fclose(test_file);
   check_mysql_rc(rc, mysql);
 
   result= mysql_store_result(mysql);
+  if(!result)
+    fclose(test_file);
   FAIL_IF(!result, "Invalid result set");/* It can't be NULL */
 
   rc= 0;
   while (mysql_fetch_row(result))
     rc++;
+  if(rc != 1)
+    fclose(test_file);
   FAIL_UNLESS(rc == 1, "rowcount != 1");
 
   mysql_data_seek(result, 0);
 
   row= mysql_fetch_row(result);
+  if(!row)
+    fclose(test_file);
   FAIL_IF(!row, "couldn't fetch row");
 
+  if(row[17] != 0)
+    fclose(test_file);
   FAIL_UNLESS(row[17] != 0, "row[17] != 0");
 
   mysql_free_result(result);

unittest/libmariadb/ps_bugs.c

@@ -2677,11 +2677,19 @@ static int test_bug5194(MYSQL *mysql)
   check_mysql_rc(rc, mysql);
 
   my_bind= (MYSQL_BIND*) malloc(MAX_PARAM_COUNT * sizeof(MYSQL_BIND));
+  FAIL_UNLESS(my_bind, "Not enough memory");
   query= (char*) malloc(strlen(query_template) +
                         MAX_PARAM_COUNT * CHARS_PER_PARAM + 1);
+  if(!query)
+    free(my_bind);
+  FAIL_UNLESS(query, "Not enough memory");
   param_str= (char*) malloc(COLUMN_COUNT * CHARS_PER_PARAM);
-
-  FAIL_IF(my_bind == 0 || query == 0 || param_str == 0, "Not enough memory");
+  if(!param_str)
+  {
+    free(my_bind);
+    free(query);
+  }
+  FAIL_UNLESS(param_str, "Not enough memory");
 
   stmt= mysql_stmt_init(mysql);
 
@@ -5164,18 +5172,28 @@ static int test_maxparam(MYSQL *mysql)
   MYSQL_BIND* bind;
 
   bind = calloc(65535, sizeof *bind);
+  FAIL_UNLESS(bind, "Not enough memory");
 
   rc= mysql_query(mysql, "DROP TABLE IF EXISTS t1");
+  if (rc)
+    free(bind);
   check_mysql_rc(rc, mysql);
 
   rc= mysql_query(mysql, "CREATE TABLE t1 (a int)");
+  if (rc)
+    free(bind);
   check_mysql_rc(rc, mysql);
 
   buffer= calloc(1, mem);
+  if(!buffer)
+    free(bind);
+  FAIL_UNLESS(bind, "Not enough memory");
   strcpy(buffer, query);
   for (i=0; i < 65534.; i++)
     strcat(buffer, ",(?)");
   rc= mysql_stmt_prepare(stmt, SL(buffer));
+  if (rc)
+    free(bind);
   check_stmt_rc(rc, stmt);
 
   for (i=0; i < 65534; i++)
@@ -5185,9 +5203,13 @@ static int test_maxparam(MYSQL *mysql)
   }
 
   rc= mysql_stmt_bind_param(stmt, bind);
+  if (rc)
+    free(bind);
   check_stmt_rc(rc, stmt);
 
   rc= mysql_stmt_execute(stmt);
+  if (rc)
+    free(bind);
   check_stmt_rc(rc, stmt);
 
   FAIL_IF(mysql_stmt_affected_rows(stmt) != 65535, "Expected affected_rows=65535");