From a575bd7e8b571408e66ef8c78b389aa72db50943 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Hrdli=C4=8Dka?= Date: Wed, 15 Jan 2020 18:48:22 +0100 Subject: [PATCH] fix more issues reported by coverity --- src/chipset/scat.c | 4 ++-- src/config.c | 2 +- src/disk/hdd_image.c | 6 ++++-- src/disk/zip.c | 2 +- src/machine/m_at_t3100e.c | 7 +++++-- src/pc.c | 2 +- src/printer/prt_escp.c | 9 +++++++-- src/win/win_dialog.c | 2 +- src/win/win_settings.c | 2 +- 9 files changed, 23 insertions(+), 13 deletions(-) diff --git a/src/chipset/scat.c b/src/chipset/scat.c index 24b701c75..d5712a98c 100644 --- a/src/chipset/scat.c +++ b/src/chipset/scat.c @@ -1380,7 +1380,7 @@ mem_write_scatw(uint32_t addr, uint16_t val, void *priv) } if (chkaddr >= 0xc0000 && chkaddr < 0x100000) { - if (dev->regs[SCAT_RAM_WRITE_PROTECT] & (1 << ((chkaddr - 0xc0000) >> 15))) + if (dev != NULL && (dev->regs[SCAT_RAM_WRITE_PROTECT] & (1 << ((chkaddr - 0xc0000) >> 15)))) return; } @@ -1409,7 +1409,7 @@ mem_write_scatl(uint32_t addr, uint32_t val, void *priv) } if (chkaddr >= 0xc0000 && chkaddr < 0x100000) { - if (dev->regs[SCAT_RAM_WRITE_PROTECT] & (1 << ((chkaddr - 0xc0000) >> 15))) + if (dev != NULL && (dev->regs[SCAT_RAM_WRITE_PROTECT] & (1 << ((chkaddr - 0xc0000) >> 15)))) return; } diff --git a/src/config.c b/src/config.c index 98b0774ef..a174c2c89 100644 --- a/src/config.c +++ b/src/config.c @@ -309,7 +309,7 @@ config_read(wchar_t *fn) /* Create a new section and insert it. */ ns = malloc(sizeof(section_t)); memset(ns, 0x00, sizeof(section_t)); - strncpy(ns->name, sname, sizeof(ns->name)); + strncpy(ns->name, sname, sizeof(ns->name) - 1); list_add(&ns->list, &config_head); /* New section is now the current one. */ diff --git a/src/disk/hdd_image.c b/src/disk/hdd_image.c index dbffb16d3..6a6e4ee02 100644 --- a/src/disk/hdd_image.c +++ b/src/disk/hdd_image.c @@ -125,9 +125,11 @@ image_is_hdx(const wchar_t *s, int check_signature) f = plat_fopen((wchar_t *)s, L"rb"); if (!f) return 0; - fseeko64(f, 0, SEEK_END); + if (fseeko64(f, 0, SEEK_END)) + fatal("image_is_hdx(): Error while seeking"); filelen = ftello64(f); - fseeko64(f, 0, SEEK_SET); + if (fseeko64(f, 0, SEEK_SET)) + fatal("image_is_hdx(): Error while seeking"); if (filelen < 44) { if (f != NULL) fclose(f); diff --git a/src/disk/zip.c b/src/disk/zip.c index d265fbc8b..1bbec776b 100644 --- a/src/disk/zip.c +++ b/src/disk/zip.c @@ -530,7 +530,7 @@ zip_load(zip_t *dev, wchar_t *fn) if (fseek(dev->drv->f, dev->drv->base, SEEK_SET) == -1) fatal("zip_load(): Error seeking to the beginning of the file\n"); - memcpy(dev->drv->image_path, fn, sizeof(dev->drv->image_path)); + wcsncpy(dev->drv->image_path, fn, sizeof_w(dev->drv->image_path)); return 1; } diff --git a/src/machine/m_at_t3100e.c b/src/machine/m_at_t3100e.c index 2288b1051..9455aebb8 100644 --- a/src/machine/m_at_t3100e.c +++ b/src/machine/m_at_t3100e.c @@ -571,8 +571,11 @@ uint8_t t3100e_ems_in(uint16_t addr, void *p) { struct t3100e_ems_regs *regs = (struct t3100e_ems_regs *)p; - return regs->page[port_to_page(addr)]; - + int page = port_to_page(addr); + if(page >= 0) + return regs->page[page]; + else + fatal("t3100e_ems_in(): invalid address"); } /* Write EMS page register */ diff --git a/src/pc.c b/src/pc.c index 8e9160b78..e2bb17f1a 100644 --- a/src/pc.c +++ b/src/pc.c @@ -323,7 +323,7 @@ pc_init(int argc, wchar_t *argv[]) uint32_t *uid, *shwnd; /* Grab the executable's full path. */ - plat_get_exe_name(exe_path, sizeof(exe_path)-1); + plat_get_exe_name(exe_path, sizeof_w(exe_path)-1); p = plat_get_filename(exe_path); *p = L'\0'; diff --git a/src/printer/prt_escp.c b/src/printer/prt_escp.c index f89cbc621..c74449ba6 100644 --- a/src/printer/prt_escp.c +++ b/src/printer/prt_escp.c @@ -10,12 +10,12 @@ * * Version: @(#)prt_escp.c 1.0.7 2019/09/23 * - * Authors: Michael Drüing, + * Authors: Michael Dr�ing, * Fred N. van Kempen, * * Based on code by Frederic Weymann (originally for DosBox.) * - * Copyright 2018,2019 Michael Drüing. + * Copyright 2018,2019 Michael Dr�ing. * Copyright 2019,2019 Fred N. van Kempen. * * Redistribution and use in source and binary forms, with @@ -2058,6 +2058,11 @@ escp_init(void *lpt) dev->lpt = lpt; /* Create a full pathname for the font files. */ + if(wcslen(exe_path) >= sizeof_w(dev->fontpath)) { + free(dev); + return(NULL); + } + wcscpy(dev->fontpath, exe_path); plat_path_slash(dev->fontpath); wcscat(dev->fontpath, L"roms/printer/fonts/"); diff --git a/src/win/win_dialog.c b/src/win/win_dialog.c index bd870ca15..bf93b474c 100644 --- a/src/win/win_dialog.c +++ b/src/win/win_dialog.c @@ -139,7 +139,7 @@ file_dlg_w(HWND hwnd, WCHAR *f, WCHAR *fn, int save) * not use the contents of szFile to initialize itself. */ memcpy(ofn.lpstrFile, fn, (wcslen(fn) << 1) + 2); - ofn.nMaxFile = 259; + ofn.nMaxFile = sizeof_w(wopenfilestring); ofn.lpstrFilter = f; ofn.nFilterIndex = 1; ofn.lpstrFileTitle = NULL; diff --git a/src/win/win_settings.c b/src/win/win_settings.c index 17dbe27c0..f72ee200d 100644 --- a/src/win/win_settings.c +++ b/src/win/win_settings.c @@ -2846,6 +2846,7 @@ win_settings_hard_disks_add_proc(HWND hdlg, UINT message, WPARAM wParam, LPARAM f = _wfopen(wopenfilestring, (existing & 1) ? L"rb" : L"wb"); if (f == NULL) { hdd_add_file_open_error: + fclose(f); settings_msgbox(MBX_ERROR, (existing & 1) ? (wchar_t *)IDS_4107 : (wchar_t *)IDS_4108); return TRUE; } @@ -2876,7 +2877,6 @@ hdd_add_file_open_error: } else { fseeko64(f, 0, SEEK_END); size = ftello64(f); - fclose(f); if (((size % 17) == 0) && (size <= 142606336)) { spt = 17; if (size <= 26738688)