diff --git a/NEWS b/NEWS index d1852a07..51658726 100644 --- a/NEWS +++ b/NEWS @@ -18,6 +18,7 @@ NEWS * [mmap] fix mmap alignment * [plugins] when modules are linked statically still only load the modules given in the config * [mmap] handle SIGBUS in network; those get triggered if the file gets smaller during reading + * fix some warnings found by coverity ("leak" in setup phase, not catching too long unix socket paths in mod_proxy) - 1.4.36 - 2015-07-26 * use keep-alive timeout while waiting for HTTP headers; use always the read timeout while waiting for the HTTP body diff --git a/src/configfile.c b/src/configfile.c index f6971596..578957ac 100644 --- a/src/configfile.c +++ b/src/configfile.c @@ -1049,17 +1049,18 @@ int config_parse_cmd(server *srv, config_t *context, const char *cmd) { return -1; } - source = buffer_init_string(cmd); - out = buffer_init(); - if (!buffer_string_is_empty(context->basedir)) { if (0 != chdir(context->basedir->ptr)) { log_error_write(srv, __FILE__, __LINE__, "sbs", "cannot change directory to", context->basedir, strerror(errno)); + free(oldpwd); return -1; } } + source = buffer_init_string(cmd); + out = buffer_init(); + if (0 != proc_open_buffer(cmd, NULL, out, NULL)) { log_error_write(srv, __FILE__, __LINE__, "sbss", "opening", source, "failed:", strerror(errno)); @@ -1074,6 +1075,7 @@ int config_parse_cmd(server *srv, config_t *context, const char *cmd) { if (0 != chdir(oldpwd)) { log_error_write(srv, __FILE__, __LINE__, "sss", "cannot change directory to", oldpwd, strerror(errno)); + free(oldpwd); return -1; } free(oldpwd); diff --git a/src/mod_proxy.c b/src/mod_proxy.c index d5d37ca3..bbbdd696 100644 --- a/src/mod_proxy.c +++ b/src/mod_proxy.c @@ -376,6 +376,13 @@ static int proxy_establish_connection(server *srv, handler_ctx *hctx) { #if defined(HAVE_SYS_UN_H) if (strstr(host->host->ptr, "/")) { + if (buffer_string_length(host->host) + 1 > sizeof(proxy_addr_un.sun_path)) { + log_error_write(srv, __FILE__, __LINE__, "sB", + "ERROR: Unix Domain socket filename too long:", + host->host); + return -1; + } + memset(&proxy_addr_un, 0, sizeof(proxy_addr_un)); proxy_addr_un.sun_family = AF_UNIX; strcpy(proxy_addr_un.sun_path, host->host->ptr);