From f23df31975de5263082b47cde4b19790fdab7380 Mon Sep 17 00:00:00 2001
From: Kyle Evans <kevans@FreeBSD.org>
Date: Tue, 31 Dec 2019 04:00:24 +0000
Subject: inetd: knock out some clang analyze warnings

chargen_dg: clang-analyze is convinced that endring could be non-NULL at
entry, and thus wants to assume that rs == NULL. Just independently
initialize rs if it's NULL to appease the analyzer.

getconfigent: policy leaks on return

free_connlist: reorganize the loop to make it clear that we're not going to
access `conn` after it's been freed.

cpmip/hashval: left-shifts performed will result in UB as we take
signed 0xABC3D20F and left shift it by 5.
---
 usr.sbin/inetd/builtins.c |  4 ++--
 usr.sbin/inetd/inetd.c    | 20 ++++++++++++++------
 2 files changed, 16 insertions(+), 8 deletions(-)

(limited to 'usr.sbin/inetd')

diff --git a/usr.sbin/inetd/builtins.c b/usr.sbin/inetd/builtins.c
index dff27bdc6470..028ca8d96b2c 100644
--- a/usr.sbin/inetd/builtins.c
+++ b/usr.sbin/inetd/builtins.c
@@ -132,10 +132,10 @@ chargen_dg(int s, struct servtab *sep)
 	socklen_t size;
 	char text[LINESIZ+2];
 
-	if (endring == 0) {
+	if (endring == NULL)
 		initring();
+	if (rs == NULL)
 		rs = ring;
-	}
 
 	size = sizeof(ss);
 	if (recvfrom(s, text, sizeof(text), 0,
diff --git a/usr.sbin/inetd/inetd.c b/usr.sbin/inetd/inetd.c
index 42852da158d1..1c4f9761f028 100644
--- a/usr.sbin/inetd/inetd.c
+++ b/usr.sbin/inetd/inetd.c
@@ -1646,8 +1646,11 @@ more:
 			continue;
 		break;
 	}
-	if (cp == NULL)
-		return ((struct servtab *)0);
+	if (cp == NULL) {
+		free(policy);
+		return (NULL);
+	}
+
 	/*
 	 * clear the static buffer, since some fields (se_ctrladdr,
 	 * for example) don't get initialized here.
@@ -2206,7 +2209,7 @@ cpmip(const struct servtab *sep, int ctrl)
 	   (sep->se_family == AF_INET || sep->se_family == AF_INET6) &&
 	    getpeername(ctrl, (struct sockaddr *)&rss, &rssLen) == 0 ) {
 		time_t t = time(NULL);
-		int hv = 0xABC3D20F;
+		unsigned int hv = 0xABC3D20F;
 		int i;
 		int cnt = 0;
 		CHash *chBest = NULL;
@@ -2493,11 +2496,15 @@ resize_conn(struct servtab *sep, int maxpip)
 static void
 free_connlist(struct servtab *sep)
 {
-	struct conninfo *conn;
+	struct conninfo *conn, *conn_temp;
 	int i, j;
 
 	for (i = 0; i < PERIPSIZE; ++i) {
-		while ((conn = LIST_FIRST(&sep->se_conn[i])) != NULL) {
+		LIST_FOREACH_SAFE(conn, &sep->se_conn[i], co_link, conn_temp) {
+			if (conn == NULL) {
+				LIST_REMOVE(conn, co_link);
+				continue;
+			}
 			for (j = 0; j < conn->co_numchild; ++j)
 				free_proc(conn->co_proc[j]);
 			conn->co_numchild = 0;
@@ -2553,7 +2560,8 @@ free_proc(struct procinfo *proc)
 static int
 hashval(char *p, int len)
 {
-	int i, hv = 0xABC3D20F;
+	unsigned int hv = 0xABC3D20F;
+	int i;
 
 	for (i = 0; i < len; ++i, ++p)
 		hv = (hv << 5) ^ (hv >> 23) ^ *p;
-- 
cgit v1.2.3