coverity: fix contex.c Untrusted value as argument

CID 138664 (#1 of 1): Untrusted value as argument (TAINTED_SCALAR) tainted_data: Passing tainted variable hostname to a tainted sink. [show details] Signed-off-by: Robin Getz <[email protected]>
analogdevicesinc · Apr 3, 2020 · 0e69d57 · 0e69d57
1 parent eb99f04
commit 0e69d57
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 10 deletions.
diff --git a/context.c b/context.c
@@ -20,6 +20,7 @@
 #include "iio-config.h"
 #include "iio-private.h"
 #include "sort.h"
+#include "network.h"
 
 #include <errno.h>
 #include <string.h>
@@ -311,19 +312,18 @@ struct iio_context * iio_create_default_context(void)
 	char *hostname = getenv("IIOD_REMOTE");
 
 	if (hostname) {
-		struct iio_context *ctx;
+		if (strlen(hostname) > 2 && strlen(hostname) < MAXHOSTNAMELEN + 4) {
+			struct iio_context *ctx;
 
-		ctx = iio_create_context_from_uri(hostname);
-		if (ctx)
-			return ctx;
-
-#ifdef WITH_NETWORK_BACKEND
+			ctx = iio_create_context_from_uri(hostname);
+			if (ctx)
+				return ctx;
+		}
+#ifdef HAVE_DNS_SD
 		/* If the environment variable is an empty string, we will
 		 * discover the server using ZeroConf */
-		if (strlen(hostname) == 0)
-			hostname = NULL;
-
-		return iio_create_network_context(hostname);
+		if (!hostname[0])
+			return iio_create_network_context(NULL);
 #endif
 	}
 

diff --git a/usb.c b/usb.c
@@ -1072,6 +1072,9 @@ struct iio_context * usb_create_context_from_uri(const char *uri)
 	if (bus < 0 || address < 0 || interface < 0)
 		goto err_bad_uri;
 
+	if (bus > UINT_MAX || address > UINT8_MAX || interface > UINT8_MAX)
+		goto err_bad_uri;
+
 	return usb_create_context((unsigned int) bus,
 			(unsigned int) address, (unsigned int) interface);