diff --git a/cde/programs/dtsession/SmCommun.c b/cde/programs/dtsession/SmCommun.c index c86c0c1ac..df210d80c 100644 --- a/cde/programs/dtsession/SmCommun.c +++ b/cde/programs/dtsession/SmCommun.c @@ -786,7 +786,7 @@ ProcessClientMessage( _DtAddToResource(smGD.display, newRes); } - if (NULL != newRes) free(newRes); + free(newRes); } } else if (cEvent->message_type == XaDtSmSaverInfo) diff --git a/cde/programs/dtsession/SmDB.c b/cde/programs/dtsession/SmDB.c index 7fa5208f4..b6c0e9aaf 100644 --- a/cde/programs/dtsession/SmDB.c +++ b/cde/programs/dtsession/SmDB.c @@ -498,7 +498,8 @@ OpenOutputClientDB(char *fileName, /* Open fileName for writing. */ if ((outputDB->xrmDBFile = fopen(fileName, "w")) == (FILE *)NULL) { - rename(outputDB->tmpDBFileName, fileName); + int rv; + rv = rename(outputDB->tmpDBFileName, fileName); XtFree(outputDB->xrmDBFileName); XtFree(outputDB->tmpDBFileName); XtFree((char *)outputDB); @@ -705,9 +706,10 @@ CloseClientDB(ClientDB clientDBPtr, Boolean writeDB) } else { + int rv; /* Close file and remove it; restore original DB. */ fclose(clientDB->xrmDBFile); - rename(clientDB->tmpDBFileName, clientDB->xrmDBFileName); + rv = rename(clientDB->tmpDBFileName, clientDB->xrmDBFileName); } XtFree(clientDB->xrmDBFileName); diff --git a/cde/programs/dtsession/SmGlobals.c b/cde/programs/dtsession/SmGlobals.c index 9b31be089..51eeeef96 100644 --- a/cde/programs/dtsession/SmGlobals.c +++ b/cde/programs/dtsession/SmGlobals.c @@ -476,7 +476,7 @@ InitSMGlobals( void ) /* * Pull screen saver resources from Dtsession*. */ - smGD.SmNextension = smGD.SmNextension = smGD.extensionSpec = ""; + smGD.SmNextension = smGD.SmCextension = smGD.extensionSpec = ""; } XtGetSubresources(smGD.topLevelWid, (XtPointer) &smSaverRes, @@ -684,7 +684,7 @@ SetRestorePath( */ if (getenv("DISPLAY") == 0) { - sprintf(tmpDisplayName, "DISPLAY=%s", displayName); + snprintf(tmpDisplayName, MAXPATHLEN, "DISPLAY=%s", displayName); putenv(tmpDisplayName); } } @@ -703,7 +703,7 @@ SetRestorePath( pch = strdup ((char *) GETMESSAGE (40, 15, " No session name was provided for the -session command line option.")); - if (!pch) + if (pch) { DtMsgLogMessage (argv[0], DtMsgLogWarning, pch); free (pch); @@ -1109,22 +1109,31 @@ SetSavePath( if(status == 0) { char * tmpName; - char * tmpDir; + int len, tfd; - strcpy (savedOldDir, smGD.etcPath); + strcpy(savedOldDir, smGD.etcPath); - tmpName = (char *) XtMalloc (strlen (smGD.restoreSession) + 2); - sprintf (tmpName, "%s.", smGD.restoreSession); - if (strlen (tmpName) > 5) { - tmpName[4] = '.'; - tmpName[5] = '\000'; - } - tmpDir = (char *) tempnam (smGD.savePath, tmpName); - MoveDirectory (smGD.etcPath, tmpDir, False); + len = strlen(smGD.savePath) + strlen(smGD.restoreSession) + + strlen("XXXXXX") + 3; + tmpName = (char *) XtCalloc(1, len); - strcpy (savedTmpDir, tmpDir); - free (tmpDir); - XtFree ((char *) tmpName); + sprintf(tmpName, "%s/%s.XXXXXX", smGD.savePath, + smGD.restoreSession); + + if ((tfd = mkstemp(tmpName)) == -1) + { + PrintErrnoError(DtError, smNLS.cantCreateDirsString); + } + else + { + close(tfd); + unlink(tmpName); + + MoveDirectory(smGD.etcPath, tmpName, False); + + strncpy(savedTmpDir, tmpName, len - 1); + } + XtFree((char *) tmpName); } MoveDirectory(smGD.clientPath, smGD.etcPath, False); } @@ -1165,25 +1174,35 @@ SetSavePath( * save is complete. */ char * tmpName; - char * tmpDir; sprintf(smGD.etcPath, "%s.%s", smGD.clientPath, SM_OLD_EXTENSION); status = stat(smGD.etcPath, &buf); if(status == 0) { - tmpName = (char *) XtMalloc (strlen (smGD.restoreSession) + 2); - sprintf (tmpName, "%s.", smGD.restoreSession); - strcpy (savedOldDir, smGD.etcPath); - if (strlen (tmpName) > 5) { - tmpName[4] = '.'; - tmpName[5] = '\000'; - } - tmpDir = (char *) tempnam (smGD.savePath, tmpName); - MoveDirectory (smGD.etcPath, tmpDir, False); + int len, tfd; - strcpy (savedTmpDir, tmpDir); - free (tmpDir); - XtFree ((char *) tmpName); + len = strlen(smGD.savePath) + strlen(smGD.restoreSession) + + strlen("XXXXXX") + 3; + tmpName = (char *) XtCalloc(1, len); + sprintf(tmpName, "%s/%s.XXXXXX", smGD.savePath, + smGD.restoreSession); + + strcpy (savedOldDir, smGD.etcPath); + + if ((tfd = mkstemp(tmpName)) == -1) + { + PrintErrnoError(DtError, smNLS.cantCreateDirsString); + } + else + { + close(tfd); + unlink(tmpName); + + MoveDirectory (smGD.etcPath, tmpName, False); + + strcpy (savedTmpDir, tmpName); + } + XtFree((char *) tmpName); } MoveDirectory(smGD.clientPath, smGD.etcPath, False); @@ -1194,13 +1213,21 @@ SetSavePath( status = mkdir(smGD.clientPath, 0000); if(status == -1) { + PrintErrnoError(DtError, smNLS.cantCreateDirsString); + smGD.clientPath[0] = 0; + smGD.settingPath[0] = 0; + smGD.resourcePath[0] = 0; + return(-1); + } + status = chmod(smGD.clientPath, 0755); + if(status == -1) + { PrintErrnoError(DtError, smNLS.cantCreateDirsString); smGD.clientPath[0] = 0; smGD.settingPath[0] = 0; smGD.resourcePath[0] = 0; return(-1); - } - chmod(smGD.clientPath, 0755); + } } strcat(smGD.clientPath, "/"); @@ -1284,7 +1311,13 @@ SetFontSavePath(char *langPtr) smGD.fontPath[0] = 0; return(-1); } - chmod(smGD.fontPath, 0755); + status = chmod(smGD.fontPath, 0755); + if(status == -1) + { + PrintErrnoError(DtError, smNLS.cantCreateDirsString); + smGD.fontPath[0] = 0; + return(-1); + } } return(0); @@ -1632,7 +1665,7 @@ TrimErrorlog( void ) len = strlen(home) + strlen(DtPERSONAL_CONFIG_DIRECTORY) + 2; if (len > MAXPATHLEN) savePath = SM_REALLOC(savePath, len); - sprintf(savePath, "%s/%s", home, DtPERSONAL_CONFIG_DIRECTORY); + snprintf(savePath, len - 1, "%s/%s", home, DtPERSONAL_CONFIG_DIRECTORY); /* * If errorlog.old exists and it is not empty, delete @@ -2352,11 +2385,11 @@ InitializeSpecificSession ( if (len > MAXPATHLEN) alt_dir = XtRealloc(alt_dir, len + 1); - (void) sprintf (alt_dir, "%s/%s/%s/%s", - home, - DtPERSONAL_CONFIG_DIRECTORY, - DtSM_SESSION_DIRECTORY, - SM_HOME_DIRECTORY); + snprintf(alt_dir, len, "%s/%s/%s/%s", + home, + DtPERSONAL_CONFIG_DIRECTORY, + DtSM_SESSION_DIRECTORY, + SM_HOME_DIRECTORY); if (!SetAlternateSession (session_dir, alt_dir, @@ -2412,6 +2445,12 @@ InitializePaths ( char *db_file = (char *) XtMalloc(MAXPATHLEN); struct stat buf; + if (!db_file) + { + PrintError(DtError, smNLS.cantMallocErrorString); + return; + } + smGD.savePath = _DtCreateDtDirs(disp); (void) sprintf (smGD.settingPath, "%s/%s/%s", @@ -2434,7 +2473,7 @@ InitializePaths ( if ((stat(db_file, &buf)) == 0) (void) strcpy (smGD.clientPath, db_file); } - if (db_file) XtFree(db_file); + XtFree(db_file); } @@ -2472,6 +2511,13 @@ SetAlternateSession ( char *db_file2 = (char *) XtMalloc(MAXPATHLEN); struct stat buf; + if (!db_file1 || !db_file2) + { + PrintError(DtError, smNLS.cantMallocErrorString); + return False; + } + + if ((stat (session_dir, &buf)) != 0) { /* * The requested dir does not exist, create it @@ -2560,8 +2606,8 @@ SetAlternateSession ( SetSysDefaults (); } - if (db_file1) XtFree(db_file1); - if (db_file2) XtFree(db_file2); + XtFree(db_file1); + XtFree(db_file2); return (True); } diff --git a/cde/programs/dtsession/SmLock.c b/cde/programs/dtsession/SmLock.c index 25069851e..fb45d37c8 100644 --- a/cde/programs/dtsession/SmLock.c +++ b/cde/programs/dtsession/SmLock.c @@ -162,7 +162,8 @@ static Boolean CanReAuthenticate(char *name, uid_t uid, char *passwd, Boolean fail = False; *pwent = (name == NULL) ? getpwuid(uid) : getpwnam(name); - *spent = getspnam((*pwent)->pw_name); + if (pwent) + *spent = getspnam((*pwent)->pw_name); #ifdef JET_AUTHDEBUG fprintf(stderr, "CanReAuthenticate(): %s %s %s\n", diff --git a/cde/programs/dtsession/SmRestore.c b/cde/programs/dtsession/SmRestore.c index 30204800b..53835c254 100644 --- a/cde/programs/dtsession/SmRestore.c +++ b/cde/programs/dtsession/SmRestore.c @@ -58,6 +58,7 @@ #include #include #include +#include #ifdef _SUN_OS /* to get the define for NOFILE */ #include #endif /* _SUN_OS */ @@ -590,7 +591,7 @@ RestoreState( void ) fileSize = MAXLINE + 1; } - line = (unsigned char *) malloc ((fileSize + 1) * sizeof(char *)); + line = malloc(fileSize + 1); if (line == NULL) { line = fallBackLine; @@ -828,6 +829,8 @@ RestoreResources( Boolean errorHandlerInstalled, ... ) char *argv[20]; va_list args; +#if 0 + /* JET - this seems like a bad (and unused) idea */ /* * Check for alternate resource loader. */ @@ -835,6 +838,9 @@ RestoreResources( Boolean errorHandlerInstalled, ... ) { pgrm = CDE_INSTALLATION_TOP "/bin/dtsession_res"; } +#else + pgrm = CDE_INSTALLATION_TOP "/bin/dtsession_res"; +#endif /* * By convention, exec() wants arg0 to be the program name. Ex: if pgrm @@ -1286,7 +1292,7 @@ RestoreSettings( void ) ptrSize += 50; restorePtrArray = (char **)SM_REALLOC((char *) restorePtrArray, ptrSize * - sizeof(char **)); + sizeof(char *)); if(restorePtrArray == NULL) { PrintErrnoError(DtError, smNLS.cantMallocErrorString); @@ -2065,6 +2071,7 @@ RestoreClients( void ) SM_FREE((char *) remoteBuf[i]); } } + free(displayName); return(-1); } cmdPtr = NULL; @@ -3497,14 +3504,20 @@ StartClient( smRes.ignoreEnvironment, ','); } - if (!defaultCwd) { - if (getenv ("HOME")) - defaultCwd = strdup (getenv ("HOME")); - else - defaultCwd = getcwd (NULL, MAXPATHLEN + 1); - - (void) gethostname (localHost, MAXHOSTNAMELEN); - } + if (!defaultCwd) + { + char *tstr = getenv("HOME"); + if (tstr) + { + int slen = strlen(tstr) + 1; + defaultCwd = XtCalloc(1, slen); + strncpy(defaultCwd, tstr, slen - 1); + } + else + defaultCwd = getcwd (NULL, MAXPATHLEN + 1); + + (void) gethostname (localHost, MAXHOSTNAMELEN); + } if (!cwd) { cwdNull = True; diff --git a/cde/programs/dtsession/SmSave.c b/cde/programs/dtsession/SmSave.c index 3df9e1554..ee849071d 100644 --- a/cde/programs/dtsession/SmSave.c +++ b/cde/programs/dtsession/SmSave.c @@ -504,29 +504,36 @@ PruneSessionDirectory () */ char * tmpName; - char * tmp; + int len, tfd; - tmpName = (char *) XtMalloc (strlen (smGD.restoreSession) + 2); - sprintf (tmpName, "%s.", smGD.restoreSession); - if (strlen (tmpName) > 5) { - tmpName[4] = '.'; - tmpName[5] = '\000'; - } - tmp = (char *) tempnam (smGD.savePath, tmpName); + len = strlen(smGD.savePath) + strlen(smGD.restoreSession) + + strlen("XXXXXX") + 3; + tmpName = XtCalloc (1, len); + sprintf(tmpName, "%s/%s.XXXXXX", smGD.savePath, + smGD.restoreSession); - sprintf (saveDir, "%s/%s", smGD.savePath, smGD.restoreSession); + if ((tfd = mkstemp(tmpName)) == -1) + { + PrintErrnoError(DtError, smNLS.cantCreateDirsString); + } + else + { + close(tfd); + unlink(tmpName); - MoveDirectory (saveDir, tmp, False); - MoveDirectory (oldestDir, saveDir, False); + sprintf (saveDir, "%s/%s", + smGD.savePath, smGD.restoreSession); - sprintf (clientDB, "%s/%s/%s", smGD.savePath, - smGD.restoreSession, SM_CLIENT_FILE2); + MoveDirectory (saveDir, tmpName, False); + MoveDirectory (oldestDir, saveDir, False); - ExecuteDiscardCommands (clientDB); + sprintf (clientDB, "%s/%s/%s", smGD.savePath, + smGD.restoreSession, SM_CLIENT_FILE2); - MoveDirectory (tmp, saveDir, True); + ExecuteDiscardCommands (clientDB); - free (tmp); + MoveDirectory (tmpName, saveDir, True); + } XtFree (tmpName); } @@ -551,7 +558,7 @@ PruneSessionDirectory () if (((stat (saveDir, &buf)) == 0) && S_ISDIR (buf.st_mode)) { - sprintf (clientDB, "rm -rf %s", saveDir); + sprintf (clientDB, "/bin/rm -rf %s", saveDir); SystemCmd (clientDB); sprintf (oldestDir, "%s/%s", smGD.savePath, diff --git a/cde/programs/dtsession/SmUI.c b/cde/programs/dtsession/SmUI.c index c92ea588a..7885a0c64 100644 --- a/cde/programs/dtsession/SmUI.c +++ b/cde/programs/dtsession/SmUI.c @@ -907,9 +907,8 @@ CreateLockDialogWithCover( */ i = 0; envLog = getenv("LOGNAME"); - lockMessage = XtMalloc(100 + strlen(envLog)); - sprintf( - lockMessage, + lockMessage = XtCalloc(1, 100 + strlen(envLog)); + snprintf(lockMessage, 100 + strlen(envLog) - 1, ((char *)GETMESSAGE(18, 1, "Display locked by user %s.")), envLog); lockString = XmStringCreateLocalized(lockMessage); XtSetArg(uiArgs[i], XmNtopAttachment, XmATTACH_POSITION); i++; diff --git a/cde/programs/dtsession/SrvFile_io.c b/cde/programs/dtsession/SrvFile_io.c index 237722bde..1fa77e540 100644 --- a/cde/programs/dtsession/SrvFile_io.c +++ b/cde/programs/dtsession/SrvFile_io.c @@ -228,10 +228,8 @@ char *palette) DEFAULT_PALETTE); } - if (path != NULL) - SRV_FREE(path); - if (palettePath != NULL) - SRV_FREE(palettePath); + SRV_FREE(path); + SRV_FREE(palettePath); return (paletteDef); @@ -372,6 +370,7 @@ ReadPaletteFile( error_value = 1; unlink(palettePath); SRV_FREE(fullPath); + close(fd); return((struct _palette *) NULL); } } diff --git a/cde/programs/dtsession/SrvPalette.c b/cde/programs/dtsession/SrvPalette.c index e6f96e7c5..09275c0b9 100644 --- a/cde/programs/dtsession/SrvPalette.c +++ b/cde/programs/dtsession/SrvPalette.c @@ -665,7 +665,7 @@ convert_pixel_set( int i; char *converted; char *p; - int colormappingindex; + int colormappingindex = 0; const int colormapping [4][XmCO_MAX_NUM_COLORS] = { {0, 1, 2, 3, 4, 5, 6, 7}, /* XmCO_HIGH_COLOR */