commit: b7a9406bec657d4929b85c322d50440b48220fcf Author: Fabian Groffen <grobian <AT> gentoo <DOT> org> AuthorDate: Mon Jan 6 07:35:38 2020 +0000 Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org> CommitDate: Mon Jan 6 07:35:38 2020 +0000 URL: https://gitweb.gentoo.org/proj/portage-utils.git/commit/?id=b7a9406b
qcheck/quse: address Coverity concerns - it considers tmpfile() unsafe (?) - help it to see a variable was checked for NULL before Signed-off-by: Fabian Groffen <grobian <AT> gentoo.org> qcheck.c | 9 +++++++-- quse.c | 7 +++---- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/qcheck.c b/qcheck.c index 65cc2d1..1d8521a 100644 --- a/qcheck.c +++ b/qcheck.c @@ -104,11 +104,16 @@ qcheck_cb(tree_pkg_ctx *pkg_ctx, void *priv) /* Open contents_update, if needed */ if (state->qc_update) { - fp_contents_update = tmpfile(); - if (fp_contents_update == NULL) { + char tempfile[] = "qcheck-tmp-XXXXXX"; + int fd = mkstemp(tempfile); + if (fd == -1 || (fp_contents_update = fdopen(fd, "w+")) == NULL) { + if (fd >= 0) + close(fd); warnp("unable to temp file"); return EXIT_FAILURE; } + /* like tmpfile() does, but Coverity thinks it is unsafe */ + unlink(tempfile); } if (!state->chk_config_protect) { diff --git a/quse.c b/quse.c index 358d9e0..dca2f1c 100644 --- a/quse.c +++ b/quse.c @@ -432,7 +432,7 @@ quse_results_cb(tree_pkg_ctx *pkg_ctx, void *priv) } if (!state->do_licence) { - if (tree_pkg_meta_get(pkg_ctx, IUSE) == NULL) + if ((q = tree_pkg_meta_get(pkg_ctx, IUSE)) == NULL) return 0; if (state->do_describe) { @@ -454,15 +454,14 @@ quse_results_cb(tree_pkg_ctx *pkg_ctx, void *priv) use = add_set(p, use); } } else { - if (tree_pkg_meta_get(pkg_ctx, LICENSE) == NULL) + if ((q = tree_pkg_meta_get(pkg_ctx, LICENSE)) == NULL) return 0; } maxlen = 0; cnt = 0; match = false; - q = p = state->do_licence ? - tree_pkg_meta_get(pkg_ctx, LICENSE) : tree_pkg_meta_get(pkg_ctx, IUSE); + p = q; /* set to IUSE or LICENSE above */ buf[0] = '\0'; v = buf; w = buf + sizeof(buf);