[Devel] [PATCH 1/3] zdtm: Silence coverity warnings in userns-leaked-sock test

Wed Jun 21 13:34:16 MSK 2017

Close the sk, if coverity wants this:

--------------------------------------------------------------------
*** CID 181221:  Resource leaks  (RESOURCE_LEAK)
/test/zdtm/static/userns-leaked-sock.c: 91 in child_fn()
85      /* This must complete w/o errors, as orig_sk is from another
net namespace */
86      if (bind(sk, (struct sockaddr *)&addr, len) < 0) {
87              pr_perror("bind");
88              goto err;
89      }
90
>>>     CID 181221:  Resource leaks  (RESOURCE_LEAK)
>>>     Handle variable "sk" going out of scope leaks the handle.
91      return 0;
92     err:
93      futex_set_and_wake(futex, EMERGENCY_ABORT);
94      return 1;
95     }
--------------------------------------------------------------------

And obfuscate stack address in this one:

--------------------------------------------------------------------
*** CID 181215:  Memory - corruptions  (ARRAY_VS_SINGLETON)
/test/zdtm/static/userns-leaked-sock.c: 130 in main()
124                     fail("bind");
125                     return 1;
126             }
127
128             {
129                     char stack;
>>>     CID 181215:  Memory - corruptions  (ARRAY_VS_SINGLETON)
>>>     Using "&stack" as an array.  This might corrupt or misinterpret adjacent memory locations.
130                     pid = clone(child_fn, &stack - 256,
CLONE_NEWUSER|CLONE_NEWNET|CLONE_NEWPID, (void *)(long)sk);
131                     if (pid == -1) {
132                             fail("clone");
133                             return 1;
134                     }
135             }
--------------------------------------------------------------------

Signed-off-by: Kirill Tkhai <ktkhai at virtuozzo.com>
---
 test/zdtm/static/userns-leaked-sock.c |   28 ++++++++++++++++------------
 1 file changed, 16 insertions(+), 12 deletions(-)

diff --git a/test/zdtm/static/userns-leaked-sock.c b/test/zdtm/static/userns-leaked-sock.c
index 8a84efe6a..5f4e9145f 100644
--- a/test/zdtm/static/userns-leaked-sock.c
+++ b/test/zdtm/static/userns-leaked-sock.c
@@ -52,25 +52,25 @@ int write_map(pid_t pid, char *file, char *map)
 
 int child_fn(void *arg)
 {
-	int sk, orig_sk = (int)(long)arg;
+	int ret = 1, sk = -1, orig_sk = (int)(long)arg;
 	struct sockaddr_un addr;
 	socklen_t len = sizeof(addr);
 
 	if (getsockname(orig_sk, &addr, &len) < 0) {
 		pr_perror("getsockname()");
-		goto err;
+		goto out;
 	}
 	futex_wait_while_lt(futex, MAPS_SET);
 	if (futex_get(futex) == EMERGENCY_ABORT)
-		return 1;
+		goto out;
 
 	if (setuid(0)) {
 		pr_perror("Can't set uid");
-		goto err;
+		goto out;
 	}
 	if (setgid(0)) {
 		pr_perror("Can't set gid");
-		goto err;
+		goto out;
 	}
 
 	futex_set_and_wake(futex, CHILD_PREPARED);
@@ -79,19 +79,22 @@ int child_fn(void *arg)
 	sk = socket(PF_UNIX, SOCK_DGRAM, 0);
 	if (sk < 0) {
 		pr_perror("socket");
-		goto err;
+		goto out;
 	}
 
 	/* This must complete w/o errors, as orig_sk is from another net namespace */
 	if (bind(sk, (struct sockaddr *)&addr, len) < 0) {
 		pr_perror("bind");
-		goto err;
+		goto out;
 	}
 
-	return 0;
-err:
-	futex_set_and_wake(futex, EMERGENCY_ABORT);
-	return 1;
+	ret = 0;
+out:
+	if (sk >= 0)
+		close(sk);
+	if (ret)
+		futex_set_and_wake(futex, EMERGENCY_ABORT);
+	return ret;
 }
 
 int main(int argc, char **argv)
@@ -127,7 +130,8 @@ int main(int argc, char **argv)
 
 	{
 		char stack;
-		pid = clone(child_fn, &stack - 256, CLONE_NEWUSER|CLONE_NEWNET|CLONE_NEWPID, (void *)(long)sk);
+		pid = clone(child_fn, (void *)(((unsigned long)&stack) - 256),
+			    CLONE_NEWUSER|CLONE_NEWNET|CLONE_NEWPID, (void *)(long)sk);
 		if (pid == -1) {
 			fail("clone");
 			return 1;

