From b23c010728c1c808796a7948aa7ff9f9a08966ac Mon Sep 17 00:00:00 2001
From: Martin Schanzenbach <mschanzenbach@posteo.de>
Date: Fri, 26 Mar 2021 10:13:29 +0100
Subject: -fix some coverity issues wrt gns

---
 src/gns/gnunet-dns2gns.c                 |  8 ++++++++
 src/gns/gnunet-gns-proxy.c               | 23 ++++++++++++-----------
 src/gns/gnunet-service-gns_interceptor.c |  1 -
 src/gns/gnunet-service-gns_resolver.c    | 27 ++++++++++++++++++++-------
 src/gns/plugin_rest_gns.c                |  4 +++-
 src/gnsrecord/gnsrecord_misc.c           |  2 +-
 src/gnsrecord/gnunet-gnsrecord-tvg.c     |  2 +-
 7 files changed, 45 insertions(+), 22 deletions(-)

diff --git a/src/gns/gnunet-dns2gns.c b/src/gns/gnunet-dns2gns.c
index 0a9b7c861..06f4c9841 100644
--- a/src/gns/gnunet-dns2gns.c
+++ b/src/gns/gnunet-dns2gns.c
@@ -309,6 +309,14 @@ dns_result_processor (void *cls,
   }
   request->packet = GNUNET_DNSPARSER_parse ((char *) dns,
                                             r);
+  if (NULL == request->packet)
+  {
+    GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+                _ ("Failed to parse DNS response!\n"));
+    GNUNET_SCHEDULER_cancel (request->timeout_task);
+    do_timeout (request);
+    return;
+  }
   GNUNET_DNSSTUB_resolve_cancel (request->dns_lookup);
   send_response (request);
 }
diff --git a/src/gns/gnunet-gns-proxy.c b/src/gns/gnunet-gns-proxy.c
index 833a8da01..d02f0f576 100644
--- a/src/gns/gnunet-gns-proxy.c
+++ b/src/gns/gnunet-gns-proxy.c
@@ -1841,6 +1841,7 @@ create_response (void *cls,
   char *curlurl;
   char ipstring[INET6_ADDRSTRLEN];
   char ipaddr[INET6_ADDRSTRLEN + 2];
+  char *curl_hosts;
   const struct sockaddr *sa;
   const struct sockaddr_in *s4;
   const struct sockaddr_in6 *s6;
@@ -1900,6 +1901,14 @@ create_response (void *cls,
         GNUNET_break (0);
         return MHD_NO;
       }
+      GNUNET_asprintf (&curl_hosts,
+                       "%s:%d:%s",
+                       s5r->leho,
+                       port,
+                       ipaddr);
+      s5r->hosts = curl_slist_append (NULL,
+                                      curl_hosts);
+      GNUNET_free (curl_hosts);
     }
     else
     {
@@ -1949,21 +1958,13 @@ create_response (void *cls,
      * Pre-populate cache to resolve Hostname.
      * This is necessary as the DNS name in the CURLOPT_URL is used
      * for SNI http://de.wikipedia.org/wiki/Server_Name_Indication
-     */if (NULL != s5r->leho)
+     */
+    if ((NULL != s5r->leho) &&
+        (NULL != s5r->hosts))
     {
-      char *curl_hosts;
-
-      GNUNET_asprintf (&curl_hosts,
-                       "%s:%d:%s",
-                       s5r->leho,
-                       port,
-                       ipaddr);
-      s5r->hosts = curl_slist_append (NULL,
-                                      curl_hosts);
       curl_easy_setopt (s5r->curl,
                         CURLOPT_RESOLVE,
                         s5r->hosts);
-      GNUNET_free (curl_hosts);
     }
     if (s5r->is_gns)
     {
diff --git a/src/gns/gnunet-service-gns_interceptor.c b/src/gns/gnunet-service-gns_interceptor.c
index b53f4af6b..255f85598 100644
--- a/src/gns/gnunet-service-gns_interceptor.c
+++ b/src/gns/gnunet-service-gns_interceptor.c
@@ -323,7 +323,6 @@ handle_dns_request (void *cls,
     GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
                 "Received malformed DNS packet, leaving it untouched.\n");
     GNUNET_DNS_request_forward (rh);
-    GNUNET_DNSPARSER_free_packet (p);
     return;
   }
 
diff --git a/src/gns/gnunet-service-gns_resolver.c b/src/gns/gnunet-service-gns_resolver.c
index 49c1b340a..2f8a55804 100644
--- a/src/gns/gnunet-service-gns_resolver.c
+++ b/src/gns/gnunet-service-gns_resolver.c
@@ -764,6 +764,7 @@ transmit_lookup_dns_result (struct GNS_ResolverHandle *rh)
       rd[i].data = pos->data;
       rd[i].data_size = pos->data_size;
       rd[i].record_type = pos->record_type;
+      rd[i].flags = GNUNET_GNSRECORD_RF_NONE;
       /**
        * If this is a LEHO, we added this before. It must be a supplemental
        * record #LSD0001
@@ -772,12 +773,11 @@ transmit_lookup_dns_result (struct GNS_ResolverHandle *rh)
         rd[i].flags |= GNUNET_GNSRECORD_RF_SUPPLEMENTAL;
       if (0 == pos->expiration_time)
       {
-        rd[i].flags = GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION;
+        rd[i].flags |= GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION;
         rd[i].expiration_time = 0;
       }
       else
       {
-        rd[i].flags = GNUNET_GNSRECORD_RF_NONE;
         rd[i].expiration_time = pos->expiration_time;
       }
       i++;
@@ -1764,6 +1764,8 @@ recursive_gns2dns_resolution (struct GNS_ResolverHandle *rh,
       /**
        * Records other than GNS2DNS not allowed
        */
+      if (NULL != ns)
+        GNUNET_free (ns);
       return GNUNET_SYSERR;
     }
     off = 0;
@@ -1771,15 +1773,22 @@ recursive_gns2dns_resolution (struct GNS_ResolverHandle *rh,
                                      rd[i].data_size,
                                      &off);
     ip = GNUNET_strdup (&((const char *) rd[i].data)[off]);
+    if ((NULL == n) ||
+        (NULL == ip))
+    {
+      GNUNET_break_op (0);
+      if (NULL != n)
+        GNUNET_free (n);
+      if (NULL != ip)
+        GNUNET_free (ip);
+      continue;
+    }
+
     off += strlen (ip) + 1;
 
-    if ((NULL == n) ||
-        (NULL == ip) ||
-        (off != rd[i].data_size))
+    if (off != rd[i].data_size)
     {
       GNUNET_break_op (0);
-      GNUNET_free (n);
-      GNUNET_free (ip);
       continue;
     }
     /* resolve 'ip' to determine the IP(s) of the DNS
@@ -1909,6 +1918,8 @@ recursive_gns2dns_resolution (struct GNS_ResolverHandle *rh,
       GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
                   _ ("Name `%s' cannot be converted to IDNA."),
                   tmp);
+      GNUNET_free (tmp);
+      GNUNET_free (ac);
       return GNUNET_SYSERR;
     }
     GNUNET_free (tmp);
@@ -1922,6 +1933,8 @@ recursive_gns2dns_resolution (struct GNS_ResolverHandle *rh,
     GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
                 _ ("GNS lookup resulted in DNS name that is too long (`%s')\n"),
                 ac->label);
+    GNUNET_free (ac->label);
+    GNUNET_free (ac);
     return GNUNET_SYSERR;
   }
   continue_with_gns2dns (ac);
diff --git a/src/gns/plugin_rest_gns.c b/src/gns/plugin_rest_gns.c
index 2ccb5be2b..3a35c9999 100644
--- a/src/gns/plugin_rest_gns.c
+++ b/src/gns/plugin_rest_gns.c
@@ -270,7 +270,9 @@ handle_gns_response (void *cls,
   result = json_dumps (result_obj, 0);
   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Result %s\n", result);
   resp = GNUNET_REST_create_response (result);
-  MHD_add_response_header (resp, "Content-Type", "application/json");
+  GNUNET_assert (MHD_NO != MHD_add_response_header (resp,
+                                                    "Content-Type",
+                                                    "application/json"));
   handle->proc (handle->proc_cls, resp, MHD_HTTP_OK);
   GNUNET_free (result);
   json_decref (result_obj);
diff --git a/src/gnsrecord/gnsrecord_misc.c b/src/gnsrecord/gnsrecord_misc.c
index 82c38f19a..dacd7ca31 100644
--- a/src/gnsrecord/gnsrecord_misc.c
+++ b/src/gnsrecord/gnsrecord_misc.c
@@ -350,7 +350,7 @@ GNUNET_GNSRECORD_block_get_expiration (const struct
   case GNUNET_GNSRECORD_TYPE_PKEY:
     return GNUNET_TIME_absolute_ntoh (block->ecdsa_block.expiration_time);
   default:
-    return GNUNET_TIME_absolute_get_zero_ ();
+    GNUNET_break (0); /* Hopefully we never get here, but we might */
   }
   return GNUNET_TIME_absolute_get_zero_ ();
 
diff --git a/src/gnsrecord/gnunet-gnsrecord-tvg.c b/src/gnsrecord/gnunet-gnsrecord-tvg.c
index 47b13bdab..d6b35544c 100644
--- a/src/gnsrecord/gnunet-gnsrecord-tvg.c
+++ b/src/gnsrecord/gnunet-gnsrecord-tvg.c
@@ -172,7 +172,7 @@ run (void *cls,
   fprintf (stdout, "RRBLOCK:\n");
   print_bytes (rrblock, block_size, 8);
   fprintf (stdout, "\n");
-
+  GNUNET_free (rdata);
 }
 
 
-- 
cgit v1.2.3