diff options
author | Douglas Gilbert <dgilbert@interlog.com> | 2022-01-19 19:12:36 +0000 |
---|---|---|
committer | Douglas Gilbert <dgilbert@interlog.com> | 2022-01-19 19:12:36 +0000 |
commit | 84c586f1f1d8bd102928f3ae95d1d1185a59de8f (patch) | |
tree | 4e078230ad1395e3524357e64abf506e35f5acb8 /src | |
parent | 31de60f68ae11ed1ad16510e0e86b5603f93bda3 (diff) | |
download | sg3_utils-84c586f1f1d8bd102928f3ae95d1d1185a59de8f.tar.gz |
round of coverity identified issue fixes (and non-issues)
git-svn-id: https://svn.bingwo.ca/repos/sg3_utils/trunk@931 6180dd3e-e324-4e3e-922d-17de1ae2f315
Diffstat (limited to 'src')
-rw-r--r-- | src/sg_dd.c | 41 | ||||
-rw-r--r-- | src/sg_logs.c | 43 | ||||
-rw-r--r-- | src/sg_map26.c | 6 | ||||
-rw-r--r-- | src/sg_modes.c | 3 | ||||
-rw-r--r-- | src/sg_persist.c | 8 | ||||
-rw-r--r-- | src/sg_raw.c | 6 | ||||
-rw-r--r-- | src/sg_read.c | 25 | ||||
-rw-r--r-- | src/sg_read_buffer.c | 9 | ||||
-rw-r--r-- | src/sg_reassign.c | 4 | ||||
-rw-r--r-- | src/sg_sat_phy_event.c | 16 | ||||
-rw-r--r-- | src/sg_sat_read_gplog.c | 4 | ||||
-rw-r--r-- | src/sg_scan_linux.c | 5 | ||||
-rw-r--r-- | src/sg_seek.c | 6 | ||||
-rw-r--r-- | src/sg_stpg.c | 9 | ||||
-rw-r--r-- | src/sg_test_rwbuf.c | 15 | ||||
-rw-r--r-- | src/sg_vpd.c | 3 | ||||
-rw-r--r-- | src/sg_xcopy.c | 15 | ||||
-rw-r--r-- | src/sgm_dd.c | 24 | ||||
-rw-r--r-- | src/sgp_dd.c | 51 |
19 files changed, 177 insertions, 116 deletions
diff --git a/src/sg_dd.c b/src/sg_dd.c index 2fa37500..65f76985 100644 --- a/src/sg_dd.c +++ b/src/sg_dd.c @@ -1,7 +1,7 @@ /* A utility program for copying files. Specialised for "files" that * represent devices that understand the SCSI command set. * - * Copyright (C) 1999 - 2021 D. Gilbert and P. Allworth + * Copyright (C) 1999 - 2022 D. Gilbert and P. Allworth * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) @@ -70,7 +70,7 @@ #include "sg_unaligned.h" #include "sg_pr2serr.h" -static const char * version_str = "6.31 20211114"; +static const char * version_str = "6.32 20220118"; #define ME "sg_dd: " @@ -85,6 +85,8 @@ static const char * version_str = "6.31 20211114"; #define DEF_BLOCKS_PER_2048TRANSFER 32 #define DEF_SCSI_CDBSZ 10 #define MAX_SCSI_CDBSZ 16 +#define MAX_BPT_VALUE (1 << 24) /* used for maximum bs as well */ +#define MAX_COUNT_SKIP_SEEK (1LL << 48) /* coverity wants upper bound */ #define DEF_MODE_CDB_SZ 10 #define DEF_MODE_RESP_LEN 252 @@ -1848,15 +1850,16 @@ main(int argc, char * argv[]) bpt_given = true; } else if (0 == strcmp(key, "bs")) { blk_sz = sg_get_num(buf); - bpt_given = true; - } else if (0 == strcmp(key, "bs")) { - blk_sz = sg_get_num(buf); - if (-1 == blk_sz) { + if ((blk_sz < 0) || (blk_sz > MAX_BPT_VALUE)) { pr2serr(ME "bad argument to 'bs='\n"); return SG_LIB_SYNTAX_ERROR; } } else if (0 == strcmp(key, "cdbsz")) { iflag.cdbsz = sg_get_num(buf); + if ((iflag.cdbsz < 6) || (iflag.cdbsz > 32)) { + pr2serr(ME "'cdbsz' expects 6, 10, 12, 16 or 32\n"); + return SG_LIB_SYNTAX_ERROR; + } oflag.cdbsz = iflag.cdbsz; cdbsz_given = true; } else if (0 == strcmp(key, "cdl")) { @@ -1894,7 +1897,7 @@ main(int argc, char * argv[]) } else if (0 == strcmp(key, "count")) { if (0 != strcmp("-1", buf)) { dd_count = sg_get_llnum(buf); - if (-1LL == dd_count) { + if ((dd_count < 0) || (dd_count > MAX_COUNT_SKIP_SEEK)) { pr2serr(ME "bad argument to 'count='\n"); return SG_LIB_SYNTAX_ERROR; } @@ -1906,9 +1909,13 @@ main(int argc, char * argv[]) t = sg_get_num(buf); oflag.fua = !! (t & 1); iflag.fua = !! (t & 2); - } else if (0 == strcmp(key, "ibs")) + } else if (0 == strcmp(key, "ibs")) { ibs = sg_get_num(buf); - else if (strcmp(key, "if") == 0) { + if ((ibs < 0) || (ibs > MAX_BPT_VALUE)) { + pr2serr(ME "bad argument to 'ibs='\n"); + return SG_LIB_SYNTAX_ERROR; + } + } else if (strcmp(key, "if") == 0) { if ('\0' != inf[0]) { pr2serr("Second IFILE argument??\n"); return SG_LIB_SYNTAX_ERROR; @@ -1921,9 +1928,13 @@ main(int argc, char * argv[]) pr2serr(ME "bad argument to 'iflag='\n"); return SG_LIB_SYNTAX_ERROR; } - } else if (0 == strcmp(key, "obs")) + } else if (0 == strcmp(key, "obs")) { obs = sg_get_num(buf); - else if (0 == strcmp(key, "odir")) { + if ((obs < 0) || (obs > MAX_BPT_VALUE)) { + pr2serr(ME "bad argument to 'obs='\n"); + return SG_LIB_SYNTAX_ERROR; + } + } else if (0 == strcmp(key, "odir")) { iflag.direct = !! sg_get_num(buf); oflag.direct = iflag.direct; } else if (strcmp(key, "of") == 0) { @@ -1956,13 +1967,13 @@ main(int argc, char * argv[]) } } else if (0 == strcmp(key, "seek")) { seek = sg_get_llnum(buf); - if (-1LL == seek) { + if ((seek < 0) || (seek > MAX_COUNT_SKIP_SEEK)) { pr2serr(ME "bad argument to 'seek='\n"); return SG_LIB_SYNTAX_ERROR; } } else if (0 == strcmp(key, "skip")) { skip = sg_get_llnum(buf); - if (-1LL == skip) { + if ((skip < 0) || (skip > MAX_COUNT_SKIP_SEEK)) { pr2serr(ME "bad argument to 'skip='\n"); return SG_LIB_SYNTAX_ERROR; } @@ -2080,8 +2091,8 @@ main(int argc, char * argv[]) pr2serr("Can't use both append and seek switches\n"); return SG_LIB_CONTRADICT; } - if (bpt < 1) { - pr2serr("bpt must be greater than 0\n"); + if ((bpt < 1) || (bpt > MAX_BPT_VALUE)) { + pr2serr("bpt must be > 0 and <= %d\n", MAX_BPT_VALUE); return SG_LIB_SYNTAX_ERROR; } if (iflag.sparse) diff --git a/src/sg_logs.c b/src/sg_logs.c index 694ee6e7..de5d339e 100644 --- a/src/sg_logs.c +++ b/src/sg_logs.c @@ -1,5 +1,5 @@ /* A utility program originally written for the Linux OS SCSI subsystem. - * Copyright (C) 2000-2021 D. Gilbert + * Copyright (C) 2000-2022 D. Gilbert * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) @@ -36,7 +36,7 @@ #include "sg_unaligned.h" #include "sg_pr2serr.h" -static const char * version_str = "1.91 20211231"; /* spc6r06 + sbc5r01 */ +static const char * version_str = "1.92 20220114"; /* spc6r06 + sbc5r01 */ #define MX_ALLOC_LEN (0xfffc) #define SHORT_RESP_LEN 128 @@ -58,6 +58,7 @@ static const char * version_str = "1.91 20211231"; /* spc6r06 + sbc5r01 */ #define SELF_TEST_LPAGE 0x10 #define SOLID_STATE_MEDIA_LPAGE 0x11 #define REQ_RECOVERY_LPAGE 0x13 +#define DEVICE_STATS_LPAGE 0x14 #define BACKGROUND_SCAN_LPAGE 0x15 #define SAT_ATA_RESULTS_LPAGE 0x16 #define PROTO_SPECIFIC_LPAGE 0x18 @@ -79,7 +80,7 @@ static const char * version_str = "1.91 20211231"; /* spc6r06 + sbc5r01 */ #define LAST_N_INQUIRY_DATA_CH_SUBPG 0x1 /* page 0xb */ #define LAST_N_MODE_PG_DATA_CH_SUBPG 0x2 /* page 0xb */ -/* Vendor product identifiers followed by associated mask values */ +/* Vendor product numbers/identifiers */ #define VP_NONE (-1) #define VP_SEAG 0 #define VP_HITA 1 @@ -90,8 +91,10 @@ static const char * version_str = "1.91 20211231"; /* spc6r06 + sbc5r01 */ #define VP_ALL 99 #define MVP_OFFSET 8 -/* MVO_STD or-ed with MVP_<vendor> is T10 defined lpage with vendor specific - * parameter codes */ + +/* Vendor product masks + * MVP_STD OR-ed with MVP_<vendor> is a T10 defined lpage with vendor + * specific parameter codes (e.g. Information Exceptions lpage [0x2f]) */ #define MVP_STD (1 << (MVP_OFFSET - 1)) #define MVP_SEAG (1 << (VP_SEAG + MVP_OFFSET)) #define MVP_HITA (1 << (VP_HITA + MVP_OFFSET)) @@ -372,12 +375,13 @@ static struct log_elem log_arr[] = { show_tapealert_response_page}, /* 0x12, 0x0 SSC,ADC */ {REQ_RECOVERY_LPAGE, 0, 0, PDT_TAPE, MVP_STD, "Requested recovery", "rr", show_requested_recovery_page}, /* 0x13, 0x0 SSC,ADC */ - {0x14, 0, 0, PDT_TAPE, MVP_STD, "Device statistics", "ds", + {DEVICE_STATS_LPAGE, 0, 0, PDT_TAPE, MVP_STD, "Device statistics", "ds", show_device_stats_page}, /* 0x14, 0x0 SSC,ADC */ - {0x14, 0, 0, PDT_MCHANGER, MVP_STD, "Media changer statistics", "mcs", - show_media_stats_page}, /* 0x14, 0x0 SMC */ - {0x14, ZONED_BLOCK_DEV_STATS_SUBPG, 0, 0, MVP_STD, /* 0x14,0x1 zbc2r01 */ - "Zoned block device statistics", "zbds", show_zoned_block_dev_stats}, + {DEVICE_STATS_LPAGE, 0, 0, PDT_MCHANGER, MVP_STD, /* 0x14, 0x0 SMC */ + "Media changer statistics", "mcs", show_media_stats_page}, + {DEVICE_STATS_LPAGE, ZONED_BLOCK_DEV_STATS_SUBPG, /* 0x14,0x1 zbc2r01 */ + 0, 0, MVP_STD, "Zoned block device statistics", "zbds", + show_zoned_block_dev_stats}, {BACKGROUND_SCAN_LPAGE, 0, 0, 0, MVP_STD, "Background scan results", "bsr", show_background_scan_results_page}, /* 0x15, 0x0 SBC */ {BACKGROUND_SCAN_LPAGE, BACKGROUND_OP_SUBPG, 0, 0, MVP_STD, @@ -421,8 +425,8 @@ static struct log_elem log_arr[] = { NULL}, /* 0x2d, 0 SSC */ {TAPE_ALERT_LPAGE, 0, 0, PDT_TAPE, MVP_STD, "Tape alert", "ta", show_tape_alert_ssc_page}, /* 0x2e, 0 SSC */ - {IE_LPAGE, 0, 0, -1, (MVP_STD | MVP_SMSTR), "Informational exceptions", - "ie", show_ie_page}, /* 0x2f, 0 */ + {IE_LPAGE, 0, 0, -1, (MVP_STD | MVP_SMSTR | MVP_HITA), + "Informational exceptions", "ie", show_ie_page}, /* 0x2f, 0 */ /* vendor specific */ {0x30, 0, 0, PDT_DISK, MVP_HITA, "Performance counters (Hitachi)", "pc_hi", show_hgst_perf_page}, /* 0x30, 0 SBC */ @@ -669,8 +673,8 @@ get_vp_mask(int vpn) if (vpn < 0) return 0; else - return (vpn > (32 - MVP_OFFSET)) ? OVP_ALL : - (1 << (vpn + MVP_OFFSET)); + return (vpn >= (32 - MVP_OFFSET)) ? OVP_ALL : + (1 << (vpn + MVP_OFFSET)); } static int @@ -3099,7 +3103,8 @@ show_app_client_page(const uint8_t * resp, int len, const struct opts_t * op) return true; } -/* IE_LPAGE [0x2f] <ie> "Informational Exceptions" introduced: SPC-3 */ +/* IE_LPAGE [0x2f] <ie> "Informational Exceptions" introduced: SPC-3 + * Previously known as "SMART Status and Temperature Reading" lpage. */ static bool show_ie_page(const uint8_t * resp, int len, const struct opts_t * op) { @@ -5752,12 +5757,10 @@ show_device_stats_page(const uint8_t * resp, int len, switch (pc) { case 0x1000: printf(" Media motion (head) hours for each medium type:\n"); - for (k = 0; ((pl - 4) - k) >= 8; k += 8, p += 8) { - printf(" Density code: 0x%x, Medium type: 0x%x\n", - p[2], p[3]); - printf(" Medium motion hours: %u\n", + for (k = 0; ((pl - 4) - k) >= 8; k += 8, p += 8) + printf(" [%d] Density code: %u, Medium type: 0x%x, " + "hours: %u\n", ((k / 8) + 1), p[2], p[3], sg_get_unaligned_be32(p + 4)); - } break; default: if (pc >= 0x8000) diff --git a/src/sg_map26.c b/src/sg_map26.c index 3fca0190..2ea8d691 100644 --- a/src/sg_map26.c +++ b/src/sg_map26.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005-2021 Douglas Gilbert. + * Copyright (c) 2005-2022 Douglas Gilbert. * All rights reserved. * Use of this source code is governed by a BSD-style * license that can be found in the BSD_LICENSE file. @@ -47,7 +47,7 @@ #endif #include "sg_lib.h" -static const char * version_str = "1.18 20211118"; +static const char * version_str = "1.19 20220117"; #define ME "sg_map26: " @@ -396,7 +396,7 @@ list_matching_nodes(const char * dir_name, int file_type, int majj, int minn, } struct sg_item_t { - char name[NAME_LEN_MAX]; + char name[NAME_LEN_MAX + 2]; int ft; int nt; int d_type; diff --git a/src/sg_modes.c b/src/sg_modes.c index 47062b1d..c0fc87f0 100644 --- a/src/sg_modes.c +++ b/src/sg_modes.c @@ -790,6 +790,9 @@ dStrRaw(const uint8_t * str, int len) printf("%c", str[k]); } +/* Note to coverity: this function is safe as long as the page_code_desc + * objects pointed to by pcdp have a sentinel object at the end of each + * array. And they do by design.*/ static int count_desc_elems(const struct page_code_desc * pcdp) { diff --git a/src/sg_persist.c b/src/sg_persist.c index e779fe41..872f16ee 100644 --- a/src/sg_persist.c +++ b/src/sg_persist.c @@ -1,5 +1,5 @@ /* A utility program originally written for the Linux OS SCSI subsystem. - * Copyright (C) 2004-2021 D. Gilbert + * Copyright (C) 2004-2022 D. Gilbert * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) @@ -35,7 +35,7 @@ #include "sg_unaligned.h" #include "sg_pr2serr.h" -static const char * version_str = "0.68 20210610"; +static const char * version_str = "0.69 20220118"; #define PRIN_RKEY_SA 0x0 @@ -1279,7 +1279,9 @@ main(int argc, char * argv[]) flagged = true; goto fini; } - sg_cmds_close_device(sg_fd); + res = sg_cmds_close_device(sg_fd); + if (res < 0) + pr2serr("%s: sg_cmds_close_device() failed res=%d\n", ME, res); } if (! op->readwrite_force) { diff --git a/src/sg_raw.c b/src/sg_raw.c index 9cfa19c3..453a85a4 100644 --- a/src/sg_raw.c +++ b/src/sg_raw.c @@ -1,7 +1,7 @@ /* * A utility program originally written for the Linux OS SCSI subsystem. * - * Copyright (C) 2000-2021 Ingo van Lil <inguin@gmx.de> + * Copyright (C) 2000-2022 Ingo van Lil <inguin@gmx.de> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -39,7 +39,7 @@ #include "sg_pr2serr.h" #include "sg_unaligned.h" -#define SG_RAW_VERSION "0.4.37 (2021-06-01)" +#define SG_RAW_VERSION "0.4.38 (2022-01-18)" #define DEFAULT_TIMEOUT 20 #define MIN_SCSI_CDBSZ 6 @@ -323,7 +323,7 @@ parse_cmd_line(struct opts_t * op, int argc, char *argv[]) return SG_LIB_SYNTAX_ERROR; } - if (op->cdb_length > MAX_SCSI_CDBSZ) { + if (op->cdb_length >= MAX_SCSI_CDBSZ) { pr2serr("CDB too long (max. %d bytes)\n", MAX_SCSI_CDBSZ); return SG_LIB_SYNTAX_ERROR; } diff --git a/src/sg_read.c b/src/sg_read.c index 628e0d88..a4f7ceec 100644 --- a/src/sg_read.c +++ b/src/sg_read.c @@ -1,6 +1,6 @@ /* * A utility program for the Linux OS SCSI generic ("sg") device driver. - * Copyright (C) 2001 - 2021 D. Gilbert + * Copyright (C) 2001 - 2022 D. Gilbert * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) @@ -58,12 +58,14 @@ #include "sg_pr2serr.h" -static const char * version_str = "1.37 20211114"; +static const char * version_str = "1.38 20220118"; #define DEF_BLOCK_SIZE 512 #define DEF_BLOCKS_PER_TRANSFER 128 #define DEF_SCSI_CDBSZ 10 #define MAX_SCSI_CDBSZ 16 +#define MAX_BPT_VALUE (1 << 24) /* used for maximum bs as well */ +#define MAX_COUNT_SKIP_SEEK (1LL << 48) /* coverity wants upper bound */ #define ME "sg_read: " @@ -456,30 +458,35 @@ main(int argc, char * argv[]) do_blk_sgio = !! sg_get_num(buf); else if (0 == strcmp(key,"bpt")) { bpt = sg_get_num(buf); - if (-1 == bpt) { + if ((bpt < 0) || (bpt > MAX_BPT_VALUE)) { pr2serr( ME "bad argument to 'bpt'\n"); return SG_LIB_SYNTAX_ERROR; } } else if (0 == strcmp(key,"bs")) { bs = sg_get_num(buf); - if (-1 == bs) { + if ((bs < 0) || (bs > MAX_BPT_VALUE)) { pr2serr( ME "bad argument to 'bs'\n"); return SG_LIB_SYNTAX_ERROR; } - } else if (0 == strcmp(key,"cdbsz")) + } else if (0 == strcmp(key,"cdbsz")) { scsi_cdbsz = sg_get_num(buf); - else if (0 == strcmp(key,"count")) { + if ((scsi_cdbsz < 0) || (scsi_cdbsz > 32)) { + pr2serr( ME "bad argument to 'cdbsz', expect 6, 10, 12, 16 " + "or 32\n"); + return SG_LIB_SYNTAX_ERROR; + } + } else if (0 == strcmp(key,"count")) { count_given = true; if ('-' == *buf) { dd_count = sg_get_llnum(buf + 1); - if (-1 == dd_count) { + if ((dd_count < 0) || (dd_count > MAX_COUNT_SKIP_SEEK)) { pr2serr( ME "bad argument to 'count'\n"); return SG_LIB_SYNTAX_ERROR; } dd_count = - dd_count; } else { dd_count = sg_get_llnum(buf); - if (-1 == dd_count) { + if ((dd_count < 0) || (dd_count > MAX_COUNT_SKIP_SEEK)) { pr2serr( ME "bad argument to 'count'\n"); return SG_LIB_SYNTAX_ERROR; } @@ -504,7 +511,7 @@ main(int argc, char * argv[]) outf[INF_SZ - 1] = '\0'; } else if (0 == strcmp(key,"skip")) { skip = sg_get_llnum(buf); - if (-1 == skip) { + if ((skip < 0) || (skip > MAX_COUNT_SKIP_SEEK)) { pr2serr( ME "bad argument to 'skip'\n"); return SG_LIB_SYNTAX_ERROR; } diff --git a/src/sg_read_buffer.c b/src/sg_read_buffer.c index 93c32a58..01a79c33 100644 --- a/src/sg_read_buffer.c +++ b/src/sg_read_buffer.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006-2021 Luben Tuikov and Douglas Gilbert. + * Copyright (c) 2006-2022 Luben Tuikov and Douglas Gilbert. * All rights reserved. * Use of this source code is governed by a BSD-style * license that can be found in the BSD_LICENSE file. @@ -39,7 +39,7 @@ * device. */ -static const char * version_str = "1.33 20211114"; /* spc6r05 */ +static const char * version_str = "1.34 20220118"; /* spc6r05 */ #ifndef SG_READ_BUFFER_10_CMD @@ -483,7 +483,10 @@ main(int argc, char * argv[]) do_long = true; break; case 'm': - if (isdigit((uint8_t)*optarg)) { + if (NULL == optarg) { + pr2serr("bad argument to '--mode'\n"); + return SG_LIB_SYNTAX_ERROR; + } else if (isdigit((uint8_t)*optarg)) { rb_mode = sg_get_num(optarg); if ((rb_mode < 0) || (rb_mode > 31)) { pr2serr("argument to '--mode' should be in the range 0 " diff --git a/src/sg_reassign.c b/src/sg_reassign.c index 173b2481..68668ec8 100644 --- a/src/sg_reassign.c +++ b/src/sg_reassign.c @@ -470,8 +470,8 @@ main(int argc, char * argv[]) div = 8; break; case 6: /* vendor specific */ - if (verbose) - pr2serr("defect list format: vendor specific\n"); + if (verbose) + pr2serr("defect list format: vendor specific\n"); break; default: pr2serr("defect list format %d unknown\n", dl_format); diff --git a/src/sg_sat_phy_event.c b/src/sg_sat_phy_event.c index 9b1f588f..090ecf75 100644 --- a/src/sg_sat_phy_event.c +++ b/src/sg_sat_phy_event.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006-2018 Douglas Gilbert. + * Copyright (c) 2006-2022 Douglas Gilbert. * All rights reserved. * Use of this source code is governed by a BSD-style * license that can be found in the BSD_LICENSE file. @@ -28,7 +28,7 @@ #include "sg_cmds_extra.h" #include "sg_pr2serr.h" -static const char * version_str = "1.13 20180628"; +static const char * version_str = "1.14 20220118"; /* This program uses a ATA PASS-THROUGH SCSI command. This usage is * defined in the SCSI to ATA Translation (SAT) drafts and standards. @@ -154,15 +154,17 @@ dStrRaw(const uint8_t * str, int len) } /* ATA READ LOG EXT command [2Fh, PIO data-in] */ -/* N.B. "log_addr" is the log page number, "page_in_log" is usually false */ +/* N.B. "log_addr" is the log page number, "page_in_log" is usually 0 */ static int -do_read_log_ext(int sg_fd, int log_addr, bool page_in_log, int feature, +do_read_log_ext(int sg_fd, int log_addr, int page_in_log, int feature, int blk_count, void * resp, int mx_resp_len, int cdb_len, bool ck_cond, bool extend, int do_hex, bool do_raw, int verbose) { /* Following for ATA READ/WRITE MULTIPLE (EXT) cmds, normally 0 */ +#if 0 bool t_type = false;/* false -> 512 byte LBs, true -> device's LB size */ +#endif bool t_dir = true; /* false -> to device, 1 -> from device */ bool byte_block = true; /* false -> bytes, true -> 512 byte blocks (if t_type=false) */ @@ -205,8 +207,10 @@ do_read_log_ext(int sg_fd, int log_addr, bool page_in_log, int feature, apt_cdb[2] = t_length; if (ck_cond) apt_cdb[2] |= 0x20; +#if 0 if (t_type) apt_cdb[2] |= 0x10; +#endif if (t_dir) apt_cdb[2] |= 0x8; if (byte_block) @@ -226,8 +230,10 @@ do_read_log_ext(int sg_fd, int log_addr, bool page_in_log, int feature, apt12_cdb[2] = t_length; if (ck_cond) apt12_cdb[2] |= 0x20; +#if 0 if (t_type) apt12_cdb[2] |= 0x10; +#endif if (t_dir) apt12_cdb[2] |= 0x8; if (byte_block) @@ -487,7 +493,7 @@ int main(int argc, char * argv[]) return sg_convert_errno(err); } ret = do_read_log_ext(sg_fd, SATA_PHY_EVENT_LPAGE, - false /* page_in_log */, + 0 /* page_in_log */, (reset ? 1 : 0) /* feature */, 1 /* blk_count */, inBuff, READ_LOG_EXT_RESPONSE_LEN, cdb_len, ck_cond, diff --git a/src/sg_sat_read_gplog.c b/src/sg_sat_read_gplog.c index d5ec3f5a..0c5ecce6 100644 --- a/src/sg_sat_read_gplog.c +++ b/src/sg_sat_read_gplog.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2014-2018 Hannes Reinecke, SUSE Linux GmbH. + * Copyright (c) 2014-2022 Hannes Reinecke, SUSE Linux GmbH. * All rights reserved. * Use of this source code is governed by a BSD-style * license that can be found in the BSD_LICENSE file. @@ -54,7 +54,7 @@ #define DEF_TIMEOUT 20 -static const char * version_str = "1.20 20180628"; +static const char * version_str = "1.21 20220118"; struct opts_t { bool ck_cond; diff --git a/src/sg_scan_linux.c b/src/sg_scan_linux.c index 7354ad4e..c04206a1 100644 --- a/src/sg_scan_linux.c +++ b/src/sg_scan_linux.c @@ -1,5 +1,5 @@ /* A utility program originally written for the Linux OS SCSI subsystem. - * Copyright (C) 1999 - 2018 D. Gilbert + * Copyright (C) 1999 - 2022 D. Gilbert * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) @@ -53,7 +53,7 @@ #include "sg_pr2serr.h" -static const char * version_str = "4.17 20180219"; +static const char * version_str = "4.18 20220118"; #define ME "sg_scan: " @@ -203,6 +203,7 @@ int main(int argc, char * argv[]) printf(ME "Out of memory\n"); return SG_LIB_CAT_OTHER; } + strcpy(fname, "<null>"); for (k = 1, j = 0; k < argc; ++k) { cp = argv[k]; diff --git a/src/sg_seek.c b/src/sg_seek.c index f99c1f0f..fb647639 100644 --- a/src/sg_seek.c +++ b/src/sg_seek.c @@ -418,9 +418,9 @@ fini: } } if (0 == verbose) { - const char * e_str = (SG_LIB_CAT_CONDITION_MET == ret) ? - "sg_seek: " : "sg_seek: failed"; - + const char * e_str = (SG_LIB_CAT_CONDITION_MET == ret) ? + "sg_seek: " : "sg_seek: failed"; + if (! sg_if_can2stderr(e_str, ret)) pr2serr("Some error occurred, try again with '-v' " "or '-vv' for more information\n"); diff --git a/src/sg_stpg.c b/src/sg_stpg.c index e57b13c5..a12b5cac 100644 --- a/src/sg_stpg.c +++ b/src/sg_stpg.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004-2021 Hannes Reinecke, Christophe Varoqui, Douglas Gilbert + * Copyright (c) 2004-2022 Hannes Reinecke, Christophe Varoqui, Douglas Gilbert * All rights reserved. * Use of this source code is governed by a BSD-style * license that can be found in the BSD_LICENSE file. @@ -34,7 +34,7 @@ * to the given SCSI device. */ -static const char * version_str = "1.20 20210610"; +static const char * version_str = "1.21 20220118"; #define TGT_GRP_BUFF_LEN 1024 #define MX_ALLOC_LEN (0xc000 + 0x80) @@ -142,15 +142,14 @@ dStrRaw(const uint8_t * str, int len) static int decode_target_port(uint8_t * buff, int len, int *d_id, int *d_tpg) { - int c_set, assoc, desig_type, i_len; - int off, u; + int c_set, assoc, desig_type, i_len, off; const uint8_t * bp; const uint8_t * ip; *d_id = -1; *d_tpg = -1; off = -1; - while ((u = sg_vpd_dev_id_iter(buff, len, &off, -1, -1, -1)) == 0) { + while (sg_vpd_dev_id_iter(buff, len, &off, -1, -1, -1) == 0) { bp = buff + off; i_len = bp[3]; if ((off + i_len + 4) > len) { diff --git a/src/sg_test_rwbuf.c b/src/sg_test_rwbuf.c index d31abc6b..5b87c3bf 100644 --- a/src/sg_test_rwbuf.c +++ b/src/sg_test_rwbuf.c @@ -1,7 +1,7 @@ /* * (c) 2000 Kurt Garloff * heavily based on Douglas Gilbert's sg_rbuf program. - * (c) 1999-2019 Douglas Gilbert + * (c) 1999-2022 Douglas Gilbert * * Program to test the SCSI host adapter by issuing * write and read operations on a device's buffer @@ -47,7 +47,7 @@ #include "sg_pr2serr.h" -static const char * version_str = "1.20 20191220"; +static const char * version_str = "1.21 20220118"; #define BPI (signed)(sizeof(int)) @@ -200,22 +200,23 @@ void do_fill_buffer (int *buf, int len) { int sum; int i; int rln = len; - srand (time (0)); + + srand(time(0)); retry: if (len >= BPI) - base = 0x12345678 + rand (); + base = 0x12345678 + rand(); /* don't need strong crypto */ else - base = 0x12345678 + (char) rand (); + base = 0x12345678 + (char)rand(); sum = base; for (i = 0; i < len/BPI - 1; i++) { /* we rely on rand() giving full range of int */ - buf[i] = rand (); + buf[i] = rand(); sum += buf[i]; } while (rln%BPI) { - ((char*)buf)[--rln] = rand (); + ((char*)buf)[--rln] = rand(); sum += ((char*)buf)[rln]; } if (len >= BPI) buf[len/BPI - 1] = 0x12345678 - sum; diff --git a/src/sg_vpd.c b/src/sg_vpd.c index 0ca63030..1a74af52 100644 --- a/src/sg_vpd.c +++ b/src/sg_vpd.c @@ -40,7 +40,7 @@ */ -static const char * version_str = "1.67 20220109"; /* spc6r06 + sbc5r01 */ +static const char * version_str = "1.68 20220118"; /* spc6r06 + sbc5r01 */ /* standard VPD pages, in ascending page number order */ #define VPD_SUPPORTED_VPDS 0x0 @@ -755,6 +755,7 @@ decode_dev_ids_quiet(uint8_t * buff, int len, int m_assoc, uint8_t sas_tport_addr[8]; rtp = 0; + u = 0; memset(sas_tport_addr, 0, sizeof(sas_tport_addr)); for (k = 0, off = -1; true; ++k) { if ((0 == k) && (0 != buff[2])) { diff --git a/src/sg_xcopy.c b/src/sg_xcopy.c index 4307668b..39ad83c6 100644 --- a/src/sg_xcopy.c +++ b/src/sg_xcopy.c @@ -1,7 +1,7 @@ /* A utility program for copying files. Similar to 'dd' but using * the 'Extended Copy' command. * - * Copyright (c) 2011-2021 Hannes Reinecke, SUSE Labs + * Copyright (c) 2011-2022 Hannes Reinecke, SUSE Labs * * Largely taken from 'sg_dd', which has the * @@ -69,7 +69,7 @@ #include "sg_unaligned.h" #include "sg_pr2serr.h" -static const char * version_str = "0.72 20210902"; +static const char * version_str = "0.73 20220118"; #define ME "sg_xcopy: " @@ -306,7 +306,7 @@ open_sg(struct xcopy_fp_t * fp, int vb) int devmajor, devminor, offset; struct sg_simple_inquiry_resp sir; char ebuff[EBUFF_SZ]; - int len; + int len, res; devmajor = major(fp->devno); devminor = minor(fp->devno); @@ -344,7 +344,9 @@ open_sg(struct xcopy_fp_t * fp, int vb) } if (sg_simple_inquiry(fp->sg_fd, &sir, false, vb)) { pr2serr("INQUIRY failed on %s\n", ebuff); - sg_cmds_close_device(fp->sg_fd); + res = sg_cmds_close_device(fp->sg_fd); + if (res < 0) + pr2serr("sg_cmds_close_device() failed as well\n"); fp->sg_fd = -1; return -1; } @@ -1024,7 +1026,7 @@ desc_from_vpd_id(int sg_fd, uint8_t *desc, int desc_len, int res, verb; uint8_t rcBuff[256], *bp, *best = NULL; unsigned int len = 254; - int off = -1, u, i_len, best_len = 0, assoc, desig, f_desig = 0; + int off = -1, i_len, best_len = 0, assoc, desig, f_desig = 0; char b[80]; verb = (verbose ? verbose - 1: 0); @@ -1060,8 +1062,7 @@ desc_from_vpd_id(int sg_fd, uint8_t *desc, int desc_len, hex2stderr(rcBuff, len, 1); } - while ((u = sg_vpd_dev_id_iter(rcBuff + 4, len - 4, &off, 0, -1, -1)) == - 0) { + while (sg_vpd_dev_id_iter(rcBuff + 4, len - 4, &off, 0, -1, -1) == 0) { bp = rcBuff + 4 + off; i_len = bp[3]; if (((unsigned int)off + i_len + 4) > len) { diff --git a/src/sgm_dd.c b/src/sgm_dd.c index e95fca9e..aa656b39 100644 --- a/src/sgm_dd.c +++ b/src/sgm_dd.c @@ -1,7 +1,7 @@ /* A utility program for copying files. Specialised for "files" that * represent devices that understand the SCSI command set. * - * Copyright (C) 1999 - 2021 D. Gilbert and P. Allworth + * Copyright (C) 1999 - 2022 D. Gilbert and P. Allworth * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) @@ -69,13 +69,15 @@ #include "sg_pr2serr.h" -static const char * version_str = "1.18 20211114"; +static const char * version_str = "1.19 20220118"; #define DEF_BLOCK_SIZE 512 #define DEF_BLOCKS_PER_TRANSFER 128 #define DEF_BLOCKS_PER_2048TRANSFER 32 #define DEF_SCSI_CDBSZ 10 #define MAX_SCSI_CDBSZ 16 +#define MAX_BPT_VALUE (1 << 24) /* used for maximum bs as well */ +#define MAX_COUNT_SKIP_SEEK (1LL << 48) /* coverity wants upper bound */ #define ME "sgm_dd: " @@ -795,6 +797,10 @@ main(int argc, char * argv[]) } } else if (0 == strcmp(key,"cdbsz")) { scsi_cdbsz_in = sg_get_num(buf); + if ((scsi_cdbsz_in < 6) || (scsi_cdbsz_in > 32)) { + pr2serr(ME "'cdbsz' expects 6, 10, 12, 16 or 32\n"); + return SG_LIB_SYNTAX_ERROR; + } scsi_cdbsz_out = scsi_cdbsz_in; cdbsz_given = true; } else if (0 == strcmp(key,"coe")) { @@ -803,7 +809,7 @@ main(int argc, char * argv[]) } else if (0 == strcmp(key,"count")) { if (0 != strcmp("-1", buf)) { dd_count = sg_get_llnum(buf); - if (-1LL == dd_count) { + if ((dd_count < 0) || (dd_count > MAX_COUNT_SKIP_SEEK)) { pr2serr(ME "bad argument to 'count'\n"); return SG_LIB_SYNTAX_ERROR; } @@ -818,7 +824,7 @@ main(int argc, char * argv[]) in_flags.fua = true; } else if (0 == strcmp(key,"ibs")) { ibs = sg_get_num(buf); - if (-1 == ibs) { + if ((ibs < 0) || (ibs > MAX_BPT_VALUE)) { pr2serr(ME "bad argument to 'ibs'\n"); return SG_LIB_SYNTAX_ERROR; } @@ -850,19 +856,19 @@ main(int argc, char * argv[]) } } else if (0 == strcmp(key,"obs")) { obs = sg_get_num(buf); - if (-1 == obs) { + if ((obs < 0) || (obs > MAX_BPT_VALUE)) { pr2serr(ME "bad argument to 'obs'\n"); return SG_LIB_SYNTAX_ERROR; } } else if (0 == strcmp(key,"seek")) { seek = sg_get_llnum(buf); - if (-1LL == seek) { + if ((seek < 0) || (seek > MAX_COUNT_SKIP_SEEK)) { pr2serr(ME "bad argument to 'seek'\n"); return SG_LIB_SYNTAX_ERROR; } } else if (0 == strcmp(key,"skip")) { skip = sg_get_llnum(buf); - if (-1LL == skip) { + if ((skip < 0) || (skip > MAX_COUNT_SKIP_SEEK)) { pr2serr(ME "bad argument to 'skip'\n"); return SG_LIB_SYNTAX_ERROR; } @@ -955,8 +961,8 @@ main(int argc, char * argv[]) pr2serr("Can't use both append and seek switches\n"); return SG_LIB_CONTRADICT; } - if (bpt < 1) { - pr2serr("bpt must be greater than 0\n"); + if ((bpt < 1) || (bpt > MAX_BPT_VALUE)) { + pr2serr("bpt must be > 0 and <= %d\n", MAX_BPT_VALUE); return SG_LIB_SYNTAX_ERROR; } /* defaulting transfer size to 128*2048 for CD/DVDs is too large diff --git a/src/sgp_dd.c b/src/sgp_dd.c index b71bf7b4..a36d9d03 100644 --- a/src/sgp_dd.c +++ b/src/sgp_dd.c @@ -1,7 +1,7 @@ /* A utility program for copying files. Specialised for "files" that * represent devices that understand the SCSI command set. * - * Copyright (C) 1999 - 2021 D. Gilbert and P. Allworth + * Copyright (C) 1999 - 2022 D. Gilbert and P. Allworth * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) @@ -85,13 +85,15 @@ #include "sg_pr2serr.h" -static const char * version_str = "5.83 20211105"; +static const char * version_str = "5.84 20220118"; #define DEF_BLOCK_SIZE 512 #define DEF_BLOCKS_PER_TRANSFER 128 #define DEF_BLOCKS_PER_2048TRANSFER 32 #define DEF_SCSI_CDBSZ 10 #define MAX_SCSI_CDBSZ 16 +#define MAX_BPT_VALUE (1 << 24) /* used for maximum bs as well */ +#define MAX_COUNT_SKIP_SEEK (1LL << 48) /* coverity wants upper bound */ #define SENSE_BUFF_LEN 64 /* Arbitrary, could be larger */ @@ -370,13 +372,15 @@ thread_exit_handler(int sig) static char * tsafe_strerror(int code, char * ebp) { + int status; char * cp; - pthread_mutex_lock(&strerr_mut); + status = pthread_mutex_lock(&strerr_mut); + if (0 != status) pr2serr("lock strerr_mut"); cp = safe_strerror(code); strncpy(ebp, cp, STRERR_BUFF_LEN); - pthread_mutex_unlock(&strerr_mut); - + status = pthread_mutex_unlock(&strerr_mut); + if (0 != status) pr2serr("unlock strerr_mut"); ebp[STRERR_BUFF_LEN - 1] = '\0'; return ebp; } @@ -649,8 +653,10 @@ sg_in_open(const char * fnp, struct flags_t * flagp, int bs, int bpt) perror(ebuff); return -sg_convert_errno(err); } - if (sg_prepare(fd, bs, bpt)) + if (sg_prepare(fd, bs, bpt)) { + close(fd); return -SG_LIB_FILE_ERROR; + } return fd; } @@ -675,8 +681,10 @@ sg_out_open(const char * fnp, struct flags_t * flagp, int bs, int bpt) perror(ebuff); return -sg_convert_errno(err); } - if (sg_prepare(fd, bs, bpt)) + if (sg_prepare(fd, bs, bpt)) { + close(fd); return -SG_LIB_FILE_ERROR; + } return fd; } @@ -1424,19 +1432,23 @@ main(int argc, char * argv[]) keylen = strlen(key); if (0 == strcmp(key,"bpt")) { clp->bpt = sg_get_num(buf); - if (-1 == clp->bpt) { + if ((clp->bpt < 0) || (clp->bpt > MAX_BPT_VALUE)) { pr2serr("%sbad argument to 'bpt='\n", my_name); return SG_LIB_SYNTAX_ERROR; } bpt_given = 1; } else if (0 == strcmp(key,"bs")) { clp->bs = sg_get_num(buf); - if (-1 == clp->bs) { + if ((clp->bs < 0) || (clp->bs > MAX_BPT_VALUE)) { pr2serr("%sbad argument to 'bs='\n", my_name); return SG_LIB_SYNTAX_ERROR; } } else if (0 == strcmp(key,"cdbsz")) { clp->cdbsz_in = sg_get_num(buf); + if ((clp->cdbsz_in < 6) || (clp->cdbsz_in > 32)) { + pr2serr("%s'cdbsz' expects 6, 10, 12, 16 or 32\n", my_name); + return SG_LIB_SYNTAX_ERROR; + } clp->cdbsz_out = clp->cdbsz_in; cdbsz_given = 1; } else if (0 == strcmp(key,"coe")) { @@ -1445,7 +1457,7 @@ main(int argc, char * argv[]) } else if (0 == strcmp(key,"count")) { if (0 != strcmp("-1", buf)) { dd_count = sg_get_llnum(buf); - if (-1LL == dd_count) { + if ((dd_count < 0) || (dd_count > MAX_COUNT_SKIP_SEEK)) { pr2serr("%sbad argument to 'count='\n", my_name); return SG_LIB_SYNTAX_ERROR; } @@ -1464,7 +1476,7 @@ main(int argc, char * argv[]) clp->in_flags.fua = true; } else if (0 == strcmp(key,"ibs")) { ibs = sg_get_num(buf); - if (-1 == ibs) { + if ((ibs < 0) || (ibs > MAX_BPT_VALUE)) { pr2serr("%sbad argument to 'ibs='\n", my_name); return SG_LIB_SYNTAX_ERROR; } @@ -1483,7 +1495,7 @@ main(int argc, char * argv[]) } } else if (0 == strcmp(key,"obs")) { obs = sg_get_num(buf); - if (-1 == obs) { + if ((obs < 0) || (obs > MAX_BPT_VALUE)) { pr2serr("%sbad argument to 'obs='\n", my_name); return SG_LIB_SYNTAX_ERROR; } @@ -1502,13 +1514,13 @@ main(int argc, char * argv[]) } } else if (0 == strcmp(key,"seek")) { seek = sg_get_llnum(buf); - if (-1LL == seek) { + if ((seek < 0) || (seek > MAX_COUNT_SKIP_SEEK)) { pr2serr("%sbad argument to 'seek='\n", my_name); return SG_LIB_SYNTAX_ERROR; } } else if (0 == strcmp(key,"skip")) { skip = sg_get_llnum(buf); - if (-1LL == skip) { + if ((skip < 0) || (skip > MAX_COUNT_SKIP_SEEK)) { pr2serr("%sbad argument to 'skip='\n", my_name); return SG_LIB_SYNTAX_ERROR; } @@ -1611,8 +1623,8 @@ main(int argc, char * argv[]) pr2serr("Can't use both append and seek switches\n"); return SG_LIB_SYNTAX_ERROR; } - if (clp->bpt < 1) { - pr2serr("bpt must be greater than 0\n"); + if ((clp->bpt < 1) || (clp->bpt > MAX_BPT_VALUE)) { + pr2serr("bpt must be > 0 and <= %d\n", MAX_BPT_VALUE); return SG_LIB_SYNTAX_ERROR; } if (clp->in_flags.mmap && clp->out_flags.mmap) { @@ -1851,9 +1863,14 @@ main(int argc, char * argv[]) clp->out_count = dd_count; clp->out_rem_count = dd_count; clp->seek = seek; - clp->out_blk = seek; status = pthread_mutex_init(&clp->inout_mutex, NULL); if (0 != status) err_exit(status, "init inout_mutex"); + status = pthread_mutex_lock(&clp->inout_mutex); + if (0 != status) err_exit(status, "lock inout_mutex"); + clp->out_blk = seek; + status = pthread_mutex_unlock(&clp->inout_mutex); + if (0 != status) err_exit(status, "unlock inout_mutex"); + status = pthread_cond_init(&clp->out_sync_cv, NULL); if (0 != status) err_exit(status, "init out_sync_cv"); |