From e583a25a8bee4508031dc7d6c333472a8017e416 Mon Sep 17 00:00:00 2001 From: Tatsuhiro Tsujikawa Date: Sun, 22 Feb 2015 17:53:12 +0900 Subject: [PATCH] nghttpx: Fix error found by coverity scan --- src/shrpx.cc | 14 ++++++- src/shrpx_http2_session.cc | 76 +++++++++++++++++++------------------- 2 files changed, 49 insertions(+), 41 deletions(-) diff --git a/src/shrpx.cc b/src/shrpx.cc index 8c5d3e16..9a88bf8c 100644 --- a/src/shrpx.cc +++ b/src/shrpx.cc @@ -205,6 +205,7 @@ create_unix_domain_acceptor(ConnectionHandler *handler) { if (pathlen + 1 > sizeof(addr.un.sun_path)) { LOG(FATAL) << "UNIX domain socket path " << path << " is too long > " << sizeof(addr.un.sun_path); + close(fd); return nullptr; } // copy path including terminal NULL @@ -213,8 +214,17 @@ create_unix_domain_acceptor(ConnectionHandler *handler) { // unlink (remove) already existing UNIX domain socket path unlink(path); - if (bind(fd, &addr.sa, sizeof(addr.un)) != 0 || - listen(fd, get_config()->backlog) != 0) { + if (bind(fd, &addr.sa, sizeof(addr.un)) != 0) { + auto error = errno; + LOG(FATAL) << "Failed to bind UNIX domain socket, error=" << error; + close(fd); + return nullptr; + } + + if (listen(fd, get_config()->backlog) != 0) { + auto error = errno; + LOG(FATAL) << "Failed to listen to UNIX domain socket, error=" << error; + close(fd); return nullptr; } diff --git a/src/shrpx_http2_session.cc b/src/shrpx_http2_session.cc index 6f7bf5f5..f57c29a6 100644 --- a/src/shrpx_http2_session.cc +++ b/src/shrpx_http2_session.cc @@ -406,47 +406,45 @@ http_parser_settings htp_hooks = { } // namespace int Http2Session::downstream_read_proxy() { - for (;;) { - if (rb_.rleft() == 0) { - return 0; - } - - size_t nread = http_parser_execute(proxy_htp_.get(), &htp_hooks, - reinterpret_cast(rb_.pos), - rb_.rleft()); - - rb_.drain(nread); - - auto htperr = HTTP_PARSER_ERRNO(proxy_htp_.get()); - - if (htperr == HPE_PAUSED) { - switch (state_) { - case Http2Session::PROXY_CONNECTED: - // we need to increment nread by 1 since http_parser_execute() - // returns 1 less value we expect. This means taht - // rb_.pos[nread] points to \x0a (LF), which is last byte of - // empty line to terminate headers. We want to eat that byte - // here. - rb_.drain(1); - - // Initiate SSL/TLS handshake through established tunnel. - if (initiate_connection() != 0) { - return -1; - } - return 0; - case Http2Session::PROXY_FAILED: - return -1; - } - // should not be here - assert(0); - } - - if (htperr != HPE_OK) { - return -1; - } - + if (rb_.rleft() == 0) { return 0; } + + size_t nread = + http_parser_execute(proxy_htp_.get(), &htp_hooks, + reinterpret_cast(rb_.pos), rb_.rleft()); + + rb_.drain(nread); + + auto htperr = HTTP_PARSER_ERRNO(proxy_htp_.get()); + + if (htperr == HPE_PAUSED) { + switch (state_) { + case Http2Session::PROXY_CONNECTED: + // we need to increment nread by 1 since http_parser_execute() + // returns 1 less value we expect. This means taht + // rb_.pos[nread] points to \x0a (LF), which is last byte of + // empty line to terminate headers. We want to eat that byte + // here. + rb_.drain(1); + + // Initiate SSL/TLS handshake through established tunnel. + if (initiate_connection() != 0) { + return -1; + } + return 0; + case Http2Session::PROXY_FAILED: + return -1; + } + // should not be here + assert(0); + } + + if (htperr != HPE_OK) { + return -1; + } + + return 0; } int Http2Session::downstream_connect_proxy() {