resource-agents/fix-handler-out-of-scope-leak.patch

From cebb02175a980bd74d84beeef336dbcba73df19f Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Thu, 22 Feb 2024 16:42:01 +0800
Subject: [PATCH] fix handler out of scope leak, unitialized value and check
 that netmaskbits != EOS

---
 tools/findif.c      |  2 +-
 tools/storage_mon.c | 10 ++++++++--
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/tools/findif.c b/tools/findif.c
index a25395f..ab108a3 100644
--- a/tools/findif.c
+++ b/tools/findif.c
@@ -669,7 +669,7 @@ main(int argc, char ** argv) {
 		}
 	}
 
-	if (netmaskbits) {
+	if (netmaskbits != NULL && *netmaskbits != EOS) {
 		best_netmask = netmask;
 	}else if (best_netmask == 0L) {
 		/*
diff --git a/tools/storage_mon.c b/tools/storage_mon.c
index 1aae29e..3484ca6 100644
--- a/tools/storage_mon.c
+++ b/tools/storage_mon.c
@@ -382,7 +382,9 @@ static int write_pid_file(const char *pidfile)
 		syslog(LOG_ERR, "Failed to write '%s' to %s: %s", pid, pidfile, strerror(errno));
 		goto done;
 	}
-	close(fd);
+	if (fd != -1) {
+		close(fd);
+	}
 	rc = 0;
 done:
 	if (pid != NULL) {
@@ -683,7 +685,11 @@ storage_mon_client(void)
 	/* greater than 0	: monitoring error. 		*/
 	/* -1			: communication system error.	*/
 	/* -2                   : Not all checks completed for first device in daemon mode. */ 
-	rc = atoi(response.message);
+	if (strnlen(response.message, 1)) {
+		rc = atoi(response.message);
+	} else {
+		rc = -1;
+	}
 
 	syslog(LOG_DEBUG, "daemon response[%d]: %s \n", response.hdr.id, response.message);
 
-- 
2.33.0
storage_mon/findif: fix handler out of scope leak, unitialized value and check that netmaskbits != EOS 2024-02-22 17:01:47 +08:00			`From cebb02175a980bd74d84beeef336dbcba73df19f Mon Sep 17 00:00:00 2001`
			`From: Oyvind Albrigtsen <oalbrigt@redhat.com>`
			`Date: Thu, 22 Feb 2024 16:42:01 +0800`
			`Subject: [PATCH] fix handler out of scope leak, unitialized value and check`
			`that netmaskbits != EOS`

			`---`
			`tools/findif.c \| 2 +-`
			`tools/storage_mon.c \| 10 ++++++++--`
			`2 files changed, 9 insertions(+), 3 deletions(-)`

			`diff --git a/tools/findif.c b/tools/findif.c`
			`index a25395f..ab108a3 100644`
			`--- a/tools/findif.c`
			`+++ b/tools/findif.c`
			`@@ -669,7 +669,7 @@ main(int argc, char ** argv) {`
			`}`
			`}`

			`- if (netmaskbits) {`
			`+ if (netmaskbits != NULL && *netmaskbits != EOS) {`
			`best_netmask = netmask;`
			`}else if (best_netmask == 0L) {`
			`/*`
			`diff --git a/tools/storage_mon.c b/tools/storage_mon.c`
			`index 1aae29e..3484ca6 100644`
			`--- a/tools/storage_mon.c`
			`+++ b/tools/storage_mon.c`
			`@@ -382,7 +382,9 @@ static int write_pid_file(const char *pidfile)`
			`syslog(LOG_ERR, "Failed to write '%s' to %s: %s", pid, pidfile, strerror(errno));`
			`goto done;`
			`}`
			`- close(fd);`
			`+ if (fd != -1) {`
			`+ close(fd);`
			`+ }`
			`rc = 0;`
			`done:`
			`if (pid != NULL) {`
			`@@ -683,7 +685,11 @@ storage_mon_client(void)`
			`/* greater than 0 : monitoring error. */`
			`/* -1 : communication system error. */`
			`/* -2 : Not all checks completed for first device in daemon mode. */`
			`- rc = atoi(response.message);`
			`+ if (strnlen(response.message, 1)) {`
			`+ rc = atoi(response.message);`
			`+ } else {`
			`+ rc = -1;`
			`+ }`

			`syslog(LOG_DEBUG, "daemon response[%d]: %s \n", response.hdr.id, response.message);`

			`--`
			`2.33.0`