Andy Green
ad6dfd3df6
coverity: 21071: no need to init accept_fd
2020-08-18 14:00:54 +01:00
Andy Green
7ded454d2d
coverity: 62570: back up assert with unconditional NULL check
2020-08-18 14:00:54 +01:00
Andy Green
84a8ada0fd
coverity: 62181: remove needless wsi check
2020-08-18 14:00:54 +01:00
Andy Green
d5497d5f55
coverity: 62535: another simple_ptr NULL check after confirmed by other means
2020-08-18 14:00:54 +01:00
Andy Green
520befb554
coverity: 61708: privkey required for mbedtls
2020-08-18 14:00:54 +01:00
Andy Green
7b847f8315
coverity: 62212: coverity says its dead code
2020-08-18 14:00:54 +01:00
Andy Green
264c98c2c9
coverity: 62494: check system blob supposed to be used in h1 at runtime
2020-08-18 14:00:54 +01:00
Andy Green
80ea883796
coverity: 62550: back up assert with runtime NULL check
2020-08-18 14:00:54 +01:00
Andy Green
acf42bec9d
coverity: 62211: use lws_protocol_init retcode in context init
2020-08-18 14:00:54 +01:00
Andy Green
6b09e5f8f7
coverity: 62313: static blob cant be null but coverity needs convincing
2020-08-18 14:00:54 +01:00
Andy Green
398a9e1bad
coverity: 62134: protect debug-only statement with preprocessor conditional
...
Compiler has no problem with it but coverity complains nobody uses p in release build
2020-08-18 14:00:54 +01:00
Andy Green
598a82ca1d
coverity: 62512: remove unused assignment
2020-08-18 14:00:54 +01:00
Andy Green
5ef6c548d8
coverity: 62488 62253: comment NOP left in for extensibility
2020-08-18 14:00:54 +01:00
Andy Green
260bd38d56
coverity: 62319: coverity thinks we must always check blob size
2020-08-18 14:00:54 +01:00
Andy Green
d3d8b3a74c
coverity: 62370: reassure coverity static blob always exists
2020-08-18 14:00:54 +01:00
Andy Green
03ab5b5247
coverity: 62376: reassure coverity static blob always exists
2020-08-18 14:00:54 +01:00
Andy Green
80395f479f
coverity: 62431: reassure coverity static blob always exists
2020-08-18 14:00:54 +01:00
Andy Green
fc9a23abeb
coverity: 62581: lwa auth: handle illegal blob index
2020-08-18 14:00:54 +01:00
Andy Green
1892af1ce3
coverity: 40529: add needless check on NULL simple_ptr after confirmed it has nonzero length
2020-08-18 14:00:54 +01:00
Andy Green
630391e0fb
coverity: 50320: show coverity protocol can always be found by name
2020-08-18 14:00:54 +01:00
Andy Green
b1281f1f3a
coverity: 50773: no need to set m any more when transitioning and exiting
2020-08-18 14:00:54 +01:00
Andy Green
cdbf86fe4a
coverity: 51248: convince coverity we have an ah attached before dereference during parse
2020-08-18 14:00:54 +01:00
Andy Green
b63c7f1e8e
coverity: 62131: check when logging role name for NULL
2020-08-18 14:00:54 +01:00
Andy Green
06005d14b4
coverity: 62154: calculation needed if WITH_FILE_OPS
2020-08-18 09:34:50 +01:00
Andy Green
048604751c
coverity: 62584: init m only inside preprocessor conditional that needs it
2020-08-18 09:28:40 +01:00
Andy Green
60e2c65208
coverity: 62333; no need to init cce as set on all paths that use it
2020-08-18 09:19:34 +01:00
Andy Green
400355fdc3
coverity: 62458: coverity doesnt understand nonzero header length means simple_ptr cannot be NULL
2020-08-18 09:19:33 +01:00
Andy Green
9745c5cca8
coverity: 62477: explicitly check wsi->protocol even though client creation sets it
2020-08-18 09:11:45 +01:00
Andy Green
192b76c89b
coverity: 62540: explicitly check for NULL even though cannot be
2020-08-18 09:08:03 +01:00
Andy Green
0f173e0bbe
coverity: 62622: remove unused line
2020-08-18 09:00:39 +01:00
Andy Green
52182da689
sspc: protect wsi from NULL not cwsi
2020-08-17 16:27:05 +01:00
Andy Green
83912f40e8
sspc: proxy: extend DESTROY_ME
2020-08-17 14:36:33 +01:00
Andy Green
c6e1352e99
sspc: add translation helpers and comments about pss usage between client and proxy
...
Helpers remove casts and derefs.
Add additional pointer arithmetic in client_pss_to_sspc_h() helper to
remove dependency on handle_offset being the first thing in the userdata
Make the helper names explicit for different proxy and client pss handling,
so it should be clearer that client helpers belong in a client section and
vice versa.
2020-08-17 14:32:23 +01:00
Jed Lu
80992b0ebd
sspc: client: audit all deserialize *pss references and confirmed checked for NULL
2020-08-17 06:57:30 +01:00
Andy Green
e8cbfea22d
lws_smd: take care about build with disabled
2020-08-16 05:35:56 +01:00
Andy Green
7692d920a8
coverity: 244441: strerror broken on some platforms
...
Some platforms have strerror but it's broken according to Coverity.
Let's avoid it
2020-08-14 09:14:24 +01:00
Andy Green
491f0f6068
coverity: 324943: confirm get_random worked
...
In normal systems this doesn't have a way to fail. But check it for
consistency.
2020-08-14 09:07:27 +01:00
Andy Green
aec2bdec2f
coverity: 324897: mqtt: check unsub var for NULL
2020-08-14 09:02:29 +01:00
Andy Green
795d20081e
coverity: 232068: hpack 6-bit index may be garbage
...
It's possible an attacker may send an illegal dynamic index
we can't succeed to look up
2020-08-14 08:56:19 +01:00
Andy Green
ecb8de3386
coverity: 232025: modulo with zero modulus
...
Add a generic helper macro that has defined operation with modulus 0
2020-08-14 08:46:31 +01:00
Andy Green
4a28bc8c87
coverity: 231739: clear false positive by needless checks
...
Client connection api must provide host
2020-08-14 07:27:08 +01:00
Andy Green
df2f135c09
coverity: 324692: mqtt: check for OOM in generate_id
2020-08-14 07:18:48 +01:00
Andy Green
908d259a47
coverity: 305064: clear false positive by needless NULL check
...
Add needless check so we don't keep getting the same coverity hit from different people
2020-08-14 07:02:07 +01:00
Andy Green
146858fb54
coverity: 231926: clear false positive by showing coverity what it wants to see
...
We can't get here without testing for COLON_PATH existing in http2.c as part of
the h2spec pass code.
if (!lws_hdr_total_length(h2n->swsi, WSI_TOKEN_HTTP_COLON_PATH) ||
!lws_hdr_total_length(h2n->swsi, WSI_TOKEN_HTTP_COLON_METHOD) ||
!lws_hdr_total_length(h2n->swsi, WSI_TOKEN_HTTP_COLON_SCHEME) ||
lws_hdr_total_length(h2n->swsi, WSI_TOKEN_HTTP_COLON_STATUS) ||
lws_hdr_extant(h2n->swsi, WSI_TOKEN_CONNECTION)) {
lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR,
"Pseudoheader checks");
break;
}
So there is no issue. But show Coverity what it wants so we don't keep getting this
false positive reported by different coverity users.
2020-08-14 06:35:31 +01:00
Andy Green
7c9ead211a
sspc-proxy-fragmented-dsh-must-use-fragmented-flags
...
We compute the refragmented flags when cutting up large client serialized
payload blocks. But we had a bug where we didn't actually apply it and
applied the original client flags on the fragments.
That causes a crisis because EOM is used to mark end of post body and
complete the transaction, that is then happening on the first fragment.
This one-liner corrects it to use the computed, refragmented flags on the
dsh fragments and eliminate the problem.
2020-08-13 16:48:26 +01:00
Andy Green
44608abce6
sspc: fix intree build for sspc examples and increase post example body
...
Correct a comment about payload layout and add detailed comments about
dsh handling at proxy.
Increase the post size so it shows up fragmentation issues at the proxy.
2020-08-13 16:48:16 +01:00
Andy Green
54f98aff78
sspc: make it clear we can only get RPAR_STREAMTYPE in WAIT_INITIAL_TX state
...
Otherwise Coverity will complain we only set up ssi in WAIT_INITIAL_TX
2020-08-13 06:40:39 +01:00
Andy Green
d51e44388c
sspc: ss timeout check is onward still alive before setting
2020-08-12 19:25:34 +01:00
Andy Green
ee404d7449
uv: cmake: use find_ only if no commandline paths
...
Libuv override paths were broken since the CMakeLists.txt refactor,
find_library worked OK. This should go back to allowing both.
2020-08-12 07:26:03 +01:00
William Yu
98f63c6c8d
freertos: explicitly include semphr.h
...
Although it's already included in lws esp-idf freertos case, in some
other freertos environments it's necessary to explicitly include
the semaphore header.
2020-08-12 05:54:27 +01:00
