diff mbox series

[for-3.1,3/4] slirp: Remove code that handles socreate() failure

Message ID 20181106151323.16154-4-peter.maydell@linaro.org
State New
Headers show
Series slirp: fix coverity issues | expand

Commit Message

Peter Maydell Nov. 6, 2018, 3:13 p.m. UTC 
Now that socreate() can never fail, we can remove the code
that was trying to handle that situation.

In particular this removes code in tcp_connect() that
provoked Coverity to complain (CID 1005724): in
 closesocket(accept(inso->s, (struct sockaddr *)&addr, &addrlen));
if the accept() call fails then we pass closesocket() -1
instead of a valid file descriptor.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 slirp/ip_icmp.c   | 2 +-
 slirp/slirp.c     | 3 ---
 slirp/socket.c    | 3 ---
 slirp/tcp_input.c | 3 +--
 slirp/tcp_subr.c  | 5 -----
 slirp/udp.c       | 6 ------
 slirp/udp6.c      | 3 ---
 7 files changed, 2 insertions(+), 23 deletions(-)

Comments

Samuel Thibault Nov. 6, 2018, 11:08 p.m. UTC | #1 
Peter Maydell, le mar. 06 nov. 2018 15:13:22 +0000, a ecrit:
> Now that socreate() can never fail, we can remove the code
> that was trying to handle that situation.
> 
> In particular this removes code in tcp_connect() that
> provoked Coverity to complain (CID 1005724): in
>  closesocket(accept(inso->s, (struct sockaddr *)&addr, &addrlen));
> if the accept() call fails then we pass closesocket() -1
> instead of a valid file descriptor.
> 
> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Applied, thanks!
diff mbox series

Patch

diff --git a/slirp/ip_icmp.c b/slirp/ip_icmp.c
index da100d1f55f..9210eef3f35 100644
--- a/slirp/ip_icmp.c
+++ b/slirp/ip_icmp.c
@@ -160,7 +160,7 @@  icmp_input(struct mbuf *m, int hlen)
     } else {
       struct socket *so;
       struct sockaddr_storage addr;
-      if ((so = socreate(slirp)) == NULL) goto freeit;
+      so = socreate(slirp);
       if (icmp_send(so, m, hlen) == 0) {
         return;
       }
diff --git a/slirp/slirp.c b/slirp/slirp.c
index 3c3c03b22f7..322edf51eb8 100644
--- a/slirp/slirp.c
+++ b/slirp/slirp.c
@@ -1477,9 +1477,6 @@  static int slirp_state_load(QEMUFile *f, void *opaque, int version_id)
         int ret;
         struct socket *so = socreate(slirp);
 
-        if (!so)
-            return -ENOMEM;
-
         ret = vmstate_load_state(f, &vmstate_slirp_socket, so, version_id);
 
         if (ret < 0)
diff --git a/slirp/socket.c b/slirp/socket.c
index 35a9a145659..c01d8696afb 100644
--- a/slirp/socket.c
+++ b/slirp/socket.c
@@ -713,9 +713,6 @@  tcp_listen(Slirp *slirp, uint32_t haddr, u_int hport, uint32_t laddr,
 	DEBUG_ARG("flags = %x", flags);
 
 	so = socreate(slirp);
-	if (!so) {
-	  return NULL;
-	}
 
 	/* Don't tcp_attach... we don't need so_snd nor so_rcv */
 	if ((so->so_tcpcb = tcp_newtcpcb(so)) == NULL) {
diff --git a/slirp/tcp_input.c b/slirp/tcp_input.c
index 4f79c95fdb4..d073ef95256 100644
--- a/slirp/tcp_input.c
+++ b/slirp/tcp_input.c
@@ -429,8 +429,7 @@  findso:
 	  if ((tiflags & (TH_SYN|TH_FIN|TH_RST|TH_URG|TH_ACK)) != TH_SYN)
 	    goto dropwithreset;
 
-	  if ((so = socreate(slirp)) == NULL)
-	    goto dropwithreset;
+          so = socreate(slirp);
 	  if (tcp_attach(so) < 0) {
             g_free(so); /* Not sofree (if it failed, it's not insqued) */
             goto dropwithreset;
diff --git a/slirp/tcp_subr.c b/slirp/tcp_subr.c
index 0270c89ae3a..fa61349cbb0 100644
--- a/slirp/tcp_subr.c
+++ b/slirp/tcp_subr.c
@@ -469,11 +469,6 @@  void tcp_connect(struct socket *inso)
         so = inso;
     } else {
         so = socreate(slirp);
-        if (so == NULL) {
-            /* If it failed, get rid of the pending connection */
-            closesocket(accept(inso->s, (struct sockaddr *)&addr, &addrlen));
-            return;
-        }
         if (tcp_attach(so) < 0) {
             g_free(so); /* NOT sofree */
             return;
diff --git a/slirp/udp.c b/slirp/udp.c
index e5bf065bf23..c47870a61b4 100644
--- a/slirp/udp.c
+++ b/slirp/udp.c
@@ -171,9 +171,6 @@  udp_input(register struct mbuf *m, int iphlen)
 	   * create one
 	   */
 	  so = socreate(slirp);
-	  if (!so) {
-	      goto bad;
-	  }
 	  if (udp_attach(so, AF_INET) == -1) {
 	    DEBUG_MISC((dfd," udp_attach errno = %d-%s\n",
 			errno,strerror(errno)));
@@ -331,9 +328,6 @@  udp_listen(Slirp *slirp, uint32_t haddr, u_int hport, uint32_t laddr,
 	socklen_t addrlen = sizeof(struct sockaddr_in);
 
 	so = socreate(slirp);
-	if (!so) {
-	    return NULL;
-	}
 	so->s = qemu_socket(AF_INET,SOCK_DGRAM,0);
         if (so->s < 0) {
             sofree(so);
diff --git a/slirp/udp6.c b/slirp/udp6.c
index 7c4a6b003a8..986010f0d3a 100644
--- a/slirp/udp6.c
+++ b/slirp/udp6.c
@@ -91,9 +91,6 @@  void udp6_input(struct mbuf *m)
     if (so == NULL) {
         /* If there's no socket for this packet, create one. */
         so = socreate(slirp);
-        if (!so) {
-            goto bad;
-        }
         if (udp_attach(so, AF_INET6) == -1) {
             DEBUG_MISC((dfd, " udp6_attach errno = %d-%s\n",
                         errno, strerror(errno)));