Skip to content

Commit 78283e1

Browse files
wb2oszwb2osz
committed
Potential issues found by static analysis.
1 parent 6ffef6e commit 78283e1

File tree

3 files changed

+37
-3
lines changed

3 files changed

+37
-3
lines changed

config.c

+4-1
Original file line numberDiff line numberDiff line change
@@ -594,7 +594,10 @@ static char *split (char *string, int rest_of_line)
594594
{
595595
static char cmd[MAXCMDLEN];
596596
static char token[MAXCMDLEN];
597-
static char *c; // current position in cmd.
597+
static char shutup[] = " "; // Shut up static analysis which gets upset
598+
// over the case where this could be called with
599+
// string NULL and c was not yet initialized.
600+
static char *c = shutup; // Current position in command line.
598601
char *s, *t;
599602
int in_quotes;
600603

decode_aprs.c

+1-1
Original file line numberDiff line numberDiff line change
@@ -4801,7 +4801,7 @@ int main (int argc, char *argv[])
48014801

48024802
if (bytes[0] == FEND) {
48034803

4804-
if (bytes[1] != 0) {
4804+
if (num_bytes < 2 || bytes[1] != 0) {
48054805
text_color_set(DW_COLOR_ERROR);
48064806
dw_printf("Was expecting to find 00 after the initial C0.\n");
48074807
continue;

kiss_frame.c

+32-1
Original file line numberDiff line numberDiff line change
@@ -545,7 +545,8 @@ void kiss_process_msg (unsigned char *kiss_msg, int kiss_len, int debug, int cli
545545
/* Our current default is a maximum of 6 channels but it is easily */
546546
/* increased by changing one number and recompiling. */
547547

548-
if ((port == 2 || port == 8) &&
548+
if (kiss_len > 16 &&
549+
(port == 2 || port == 8) &&
549550
kiss_msg[1] == 'Q' << 1 &&
550551
kiss_msg[2] == 'S' << 1 &&
551552
kiss_msg[3] == 'T' << 1 &&
@@ -596,6 +597,11 @@ void kiss_process_msg (unsigned char *kiss_msg, int kiss_len, int debug, int cli
596597

597598
case KISS_CMD_TXDELAY: /* 1 = TXDELAY */
598599

600+
if (kiss_len < 2) {
601+
text_color_set(DW_COLOR_ERROR);
602+
dw_printf ("KISS ERROR: Missing value for TXDELAY command.\n");
603+
return;
604+
}
599605
text_color_set(DW_COLOR_INFO);
600606
dw_printf ("KISS protocol set TXDELAY = %d (*10mS units = %d mS), port %d\n", kiss_msg[1], kiss_msg[1] * 10, port);
601607
if (kiss_msg[1] < 4 || kiss_msg[1] > 100) {
@@ -608,6 +614,11 @@ void kiss_process_msg (unsigned char *kiss_msg, int kiss_len, int debug, int cli
608614

609615
case KISS_CMD_PERSISTENCE: /* 2 = Persistence */
610616

617+
if (kiss_len < 2) {
618+
text_color_set(DW_COLOR_ERROR);
619+
dw_printf ("KISS ERROR: Missing value for PERSISTENCE command.\n");
620+
return;
621+
}
611622
text_color_set(DW_COLOR_INFO);
612623
dw_printf ("KISS protocol set Persistence = %d, port %d\n", kiss_msg[1], port);
613624
if (kiss_msg[1] < 5 || kiss_msg[1] > 250) {
@@ -620,6 +631,11 @@ void kiss_process_msg (unsigned char *kiss_msg, int kiss_len, int debug, int cli
620631

621632
case KISS_CMD_SLOTTIME: /* 3 = SlotTime */
622633

634+
if (kiss_len < 2) {
635+
text_color_set(DW_COLOR_ERROR);
636+
dw_printf ("KISS ERROR: Missing value for SLOTTIME command.\n");
637+
return;
638+
}
623639
text_color_set(DW_COLOR_INFO);
624640
dw_printf ("KISS protocol set SlotTime = %d (*10mS units = %d mS), port %d\n", kiss_msg[1], kiss_msg[1] * 10, port);
625641
if (kiss_msg[1] < 2 || kiss_msg[1] > 50) {
@@ -632,6 +648,11 @@ void kiss_process_msg (unsigned char *kiss_msg, int kiss_len, int debug, int cli
632648

633649
case KISS_CMD_TXTAIL: /* 4 = TXtail */
634650

651+
if (kiss_len < 2) {
652+
text_color_set(DW_COLOR_ERROR);
653+
dw_printf ("KISS ERROR: Missing value for TXTAIL command.\n");
654+
return;
655+
}
635656
text_color_set(DW_COLOR_INFO);
636657
dw_printf ("KISS protocol set TXtail = %d (*10mS units = %d mS), port %d\n", kiss_msg[1], kiss_msg[1] * 10, port);
637658
if (kiss_msg[1] < 2) {
@@ -644,13 +665,23 @@ void kiss_process_msg (unsigned char *kiss_msg, int kiss_len, int debug, int cli
644665

645666
case KISS_CMD_FULLDUPLEX: /* 5 = FullDuplex */
646667

668+
if (kiss_len < 2) {
669+
text_color_set(DW_COLOR_ERROR);
670+
dw_printf ("KISS ERROR: Missing value for FULLDUPLEX command.\n");
671+
return;
672+
}
647673
text_color_set(DW_COLOR_INFO);
648674
dw_printf ("KISS protocol set FullDuplex = %d, port %d\n", kiss_msg[1], port);
649675
xmit_set_fulldup (port, kiss_msg[1]);
650676
break;
651677

652678
case KISS_CMD_SET_HARDWARE: /* 6 = TNC specific */
653679

680+
if (kiss_len < 2) {
681+
text_color_set(DW_COLOR_ERROR);
682+
dw_printf ("KISS ERROR: Missing value for SET HARDWARE command.\n");
683+
return;
684+
}
654685
kiss_msg[kiss_len] = '\0';
655686
text_color_set(DW_COLOR_INFO);
656687
dw_printf ("KISS protocol set hardware \"%s\", port %d\n", (char*)(kiss_msg+1), port);

0 commit comments

Comments
 (0)