/usr/src/lib/libagentx/agentx_log.c

Bug Summary

File:	src/lib/libagentx/agentx_log.c
Warning:	line 305, column 13 Access to field 'ax_fd' results in a dereference of a null pointer (loaded from variable 'ax')

Annotated Source Code

Press '?' to see keyboard shortcuts

Show analyzer invocation

clang -cc1 -cc1 -triple amd64-unknown-openbsd7.0 -analyze -disable-free -disable-llvm-verifier -discard-value-names -main-file-name agentx_log.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 1 -fhalf-no-semantic-interposition -mframe-pointer=all -relaxed-aliasing -fno-rounding-math -mconstructor-aliases -munwind-tables -target-cpu x86-64 -target-feature +retpoline-indirect-calls -target-feature +retpoline-indirect-branches -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/usr/src/lib/libagentx/obj -resource-dir /usr/local/lib/clang/13.0.0 -D PIC -internal-isystem /usr/local/lib/clang/13.0.0/include -internal-externc-isystem /usr/include -O2 -fdebug-compilation-dir=/usr/src/lib/libagentx/obj -ferror-limit 19 -fwrapv -D_RET_PROTECTOR -ret-protector -fgnuc-version=4.2.1 -vectorize-loops -vectorize-slp -fno-builtin-malloc -fno-builtin-calloc -fno-builtin-realloc -fno-builtin-valloc -fno-builtin-free -fno-builtin-strdup -fno-builtin-strndup -analyzer-output=html -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /home/ben/Projects/vmm/scan-build/2022-01-12-194120-40624-1 -x c /usr/src/lib/libagentx/agentx_log.c

1/*	$OpenBSD: agentx_log.c,v 1.2 2020/10/26 16:02:16 tb Exp $ */
2/*
3 * Copyright (c) 2020 Martijn van Duren <martijn@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17 
18#include <errno(*__errno()).h>
19#include <stdarg.h>
20#include <stdio.h>
21#include <stdlib.h>
22#include <string.h>
23 
24#include "agentx_internal.h"
25 
26#define AGENTX_CONTEXT_NAME(axc)(axc->axc_name_default ? "<default>" : (char *)axc->
axc_name.aos_string) (axc->axc_name_default ? "<default>" : \
27    (char *)axc->axc_name.aos_string)
28#define AGENTX_GET_CTXNAME(axg)(axg->axg_context_default ? "<default>" : (char *)axg
->axg_context.aos_string) (axg->axg_context_default ? "<default>" : \
29    (char *)axg->axg_context.aos_string)
30 
31enum agentx_log_type {
32	AGENTX_LOG_TYPE_FATAL,
33	AGENTX_LOG_TYPE_WARN,
34	AGENTX_LOG_TYPE_INFO,
35	AGENTX_LOG_TYPE_DEBUG
36};
37 
38void (*agentx_log_fatal)(const char *, ...)
39    __attribute__((__format__ (printf, 1, 2))) = NULL((void *)0);
40void (*agentx_log_warn)(const char *, ...)
41    __attribute__((__format__ (printf, 1, 2))) = NULL((void *)0);
42void (*agentx_log_info)(const char *, ...)
43    __attribute__((__format__ (printf, 1, 2))) = NULL((void *)0);
44void (*agentx_log_debug)(const char *, ...)
45    __attribute__((__format__ (printf, 1, 2))) = NULL((void *)0);
46 
47 
48static void
49agentx_log_do(enum agentx_log_type, const char *, va_list, int,
50    struct agentx *, struct agentx_session *, struct agentx_context *,
51    struct agentx_get *);
52 
53void
54agentx_log_ax_fatalx(struct agentx *ax, const char *fmt, ...)
55{
56	va_list ap;
57 
58	va_start(ap, fmt)__builtin_va_start(ap, fmt);
59	agentx_log_do(AGENTX_LOG_TYPE_FATAL, fmt, ap, 0, ax, NULL((void *)0), NULL((void *)0),
60	    NULL((void *)0));
61	va_end(ap)__builtin_va_end(ap);
62	abort();
63}
64 
65void
66agentx_log_ax_warn(struct agentx *ax, const char *fmt, ...)
67{
68	va_list ap;
69 
70	va_start(ap, fmt)__builtin_va_start(ap, fmt);
71	agentx_log_do(AGENTX_LOG_TYPE_WARN, fmt, ap, 1, ax, NULL((void *)0), NULL((void *)0),
72	    NULL((void *)0));
73	va_end(ap)__builtin_va_end(ap);
74}
75 
76void
77agentx_log_ax_warnx(struct agentx *ax, const char *fmt, ...)
78{
79	va_list ap;
80 
81	va_start(ap, fmt)__builtin_va_start(ap, fmt);
82	agentx_log_do(AGENTX_LOG_TYPE_WARN, fmt, ap, 0, ax, NULL((void *)0), NULL((void *)0),
83	    NULL((void *)0));
84	va_end(ap)__builtin_va_end(ap);
85}
86 
87void
88agentx_log_ax_info(struct agentx *ax, const char *fmt, ...)
89{
90	va_list ap;
91 
92	va_start(ap, fmt)__builtin_va_start(ap, fmt);
93	agentx_log_do(AGENTX_LOG_TYPE_INFO, fmt, ap, 0, ax, NULL((void *)0), NULL((void *)0),
94	    NULL((void *)0));
95	va_end(ap)__builtin_va_end(ap);
96}
97 
98void
99agentx_log_ax_debug(struct agentx *ax, const char *fmt, ...)
100{
101	va_list ap;
102 
103	va_start(ap, fmt)__builtin_va_start(ap, fmt);
104	agentx_log_do(AGENTX_LOG_TYPE_DEBUG, fmt, ap, 0, ax, NULL((void *)0), NULL((void *)0),
105	    NULL((void *)0));
106	va_end(ap)__builtin_va_end(ap);
107}
108 
109void
110agentx_log_axs_fatalx(struct agentx_session *axs, const char *fmt, ...)
111{
112	va_list ap;
113 
114	va_start(ap, fmt)__builtin_va_start(ap, fmt);
115	agentx_log_do(AGENTX_LOG_TYPE_FATAL, fmt, ap, 0, NULL((void *)0), axs, NULL((void *)0),
116	    NULL((void *)0));
117	va_end(ap)__builtin_va_end(ap);
118	abort();
119}
120 
121void
122agentx_log_axs_warnx(struct agentx_session *axs, const char *fmt, ...)
123{
124	va_list ap;
125 
126	va_start(ap, fmt)__builtin_va_start(ap, fmt);
127	agentx_log_do(AGENTX_LOG_TYPE_WARN, fmt, ap, 0, NULL((void *)0), axs, NULL((void *)0),
128	    NULL((void *)0));
129	va_end(ap)__builtin_va_end(ap);
130}
131 
132void
133agentx_log_axs_warn(struct agentx_session *axs, const char *fmt, ...)
134{
135	va_list ap;
136 
137	va_start(ap, fmt)__builtin_va_start(ap, fmt);
138	agentx_log_do(AGENTX_LOG_TYPE_WARN, fmt, ap, 1, NULL((void *)0), axs, NULL((void *)0),
139	    NULL((void *)0));
140	va_end(ap)__builtin_va_end(ap);
141}
142 
143void
144agentx_log_axs_info(struct agentx_session *axs, const char *fmt, ...)
145{
146	va_list ap;
147 
148	va_start(ap, fmt)__builtin_va_start(ap, fmt);
149	agentx_log_do(AGENTX_LOG_TYPE_INFO, fmt, ap, 0, NULL((void *)0), axs, NULL((void *)0),
150	    NULL((void *)0));
151	va_end(ap)__builtin_va_end(ap);
152}
153 
154void
155agentx_log_axc_fatalx(struct agentx_context *axc, const char *fmt, ...)
156{
157	va_list ap;
158 
159	va_start(ap, fmt)__builtin_va_start(ap, fmt);
160	agentx_log_do(AGENTX_LOG_TYPE_FATAL, fmt, ap, 0, NULL((void *)0), NULL((void *)0), axc,
161	    NULL((void *)0));
162	va_end(ap)__builtin_va_end(ap);
163	abort();
164}
165 
166void
167agentx_log_axc_warnx(struct agentx_context *axc, const char *fmt, ...)
168{
169	va_list ap;
170 
171	va_start(ap, fmt)__builtin_va_start(ap, fmt);
172	agentx_log_do(AGENTX_LOG_TYPE_WARN, fmt, ap, 0, NULL((void *)0), NULL((void *)0), axc,
173	    NULL((void *)0));
174	va_end(ap)__builtin_va_end(ap);
175}
176 
177void
178agentx_log_axc_warn(struct agentx_context *axc, const char *fmt, ...)
179{
180	va_list ap;
181 
182	va_start(ap, fmt)__builtin_va_start(ap, fmt);
183	agentx_log_do(AGENTX_LOG_TYPE_WARN, fmt, ap, 1, NULL((void *)0), NULL((void *)0), axc,
184	    NULL((void *)0));
185	va_end(ap)__builtin_va_end(ap);
186}
187 
188void
189agentx_log_axc_info(struct agentx_context *axc, const char *fmt, ...)
190{
191	va_list ap;
192 
193	va_start(ap, fmt)__builtin_va_start(ap, fmt);
194	agentx_log_do(AGENTX_LOG_TYPE_INFO, fmt, ap, 0, NULL((void *)0), NULL((void *)0), axc,
195	    NULL((void *)0));
196	va_end(ap)__builtin_va_end(ap);
197}
198 
199void
200agentx_log_axc_debug(struct agentx_context *axc, const char *fmt, ...)
201{
202	va_list ap;
203 
204	va_start(ap, fmt)__builtin_va_start(ap, fmt);
205	agentx_log_do(AGENTX_LOG_TYPE_DEBUG, fmt, ap, 0, NULL((void *)0), NULL((void *)0), axc,
206	    NULL((void *)0));
207	va_end(ap)__builtin_va_end(ap);
208}
209 
210void
211agentx_log_axg_fatalx(struct agentx_get *axg, const char *fmt, ...)
212{
213	va_list ap;
214 
215	va_start(ap, fmt)__builtin_va_start(ap, fmt);
216	agentx_log_do(AGENTX_LOG_TYPE_FATAL, fmt, ap, 0, NULL((void *)0), NULL((void *)0), NULL((void *)0),
1
Passing null pointer value via 5th parameter 'ax'→
2
←
Calling 'agentx_log_do'→
217	    axg);
218	va_end(ap)__builtin_va_end(ap);
219	abort();
220}
221 
222void
223agentx_log_axg_warnx(struct agentx_get *axg, const char *fmt, ...)
224{
225	va_list ap;
226 
227	va_start(ap, fmt)__builtin_va_start(ap, fmt);
228	agentx_log_do(AGENTX_LOG_TYPE_WARN, fmt, ap, 0, NULL((void *)0), NULL((void *)0), NULL((void *)0),
229	    axg);
230	va_end(ap)__builtin_va_end(ap);
231}
232 
233void
234agentx_log_axg_warn(struct agentx_get *axg, const char *fmt, ...)
235{
236	va_list ap;
237 
238	va_start(ap, fmt)__builtin_va_start(ap, fmt);
239	agentx_log_do(AGENTX_LOG_TYPE_WARN, fmt, ap, 1, NULL((void *)0), NULL((void *)0), NULL((void *)0),
240	    axg);
241	va_end(ap)__builtin_va_end(ap);
242}
243 
244void
245agentx_log_axg_debug(struct agentx_get *axg, const char *fmt, ...)
246{
247	va_list ap;
248 
249	va_start(ap, fmt)__builtin_va_start(ap, fmt);
250	agentx_log_do(AGENTX_LOG_TYPE_DEBUG, fmt, ap, 0, NULL((void *)0), NULL((void *)0), NULL((void *)0),
251	    axg);
252	va_end(ap)__builtin_va_end(ap);
253}
254 
255static void
256agentx_log_do(enum agentx_log_type type, const char *fmt, va_list ap,
257    int useerrno, struct agentx *ax, struct agentx_session *axs,
258    struct agentx_context *axc, struct agentx_get *axg)
259{
260	void (*agentx_log)(const char *, ...);
261	char buf[1500];
262 
263	if (type2.1
'type' is equal to AGENTX_LOG_TYPE_FATAL
 == AGENTX_LOG_TYPE_FATAL)
3
←
Taking true branch→
264		agentx_log = agentx_log_fatal;
265	else if (type == AGENTX_LOG_TYPE_WARN)
266		agentx_log = agentx_log_warn;
267	else if (type == AGENTX_LOG_TYPE_INFO)
268		agentx_log = agentx_log_info;
269	else
270		agentx_log = agentx_log_debug;
271	if (agentx_log == NULL((void *)0))
4
←
Assuming 'agentx_log' is not equal to NULL→
5
←
Taking false branch→
272		return;
273 
274	vsnprintf(buf, sizeof(buf), fmt, ap);
275 
276	if (axg != NULL((void *)0)) {
6
←
Assuming 'axg' is equal to NULL→
7
←
Taking false branch→
277		if (useerrno)
278			agentx_log("[fd:%d sess:%u ctx:%s trid:%u pid:%u]: "
279			    "%s: %s", axg->axg_fd, axg->axg_sessionid,
280			    AGENTX_GET_CTXNAME(axg)(axg->axg_context_default ? "<default>" : (char *)axg
->axg_context.aos_string), axg->axg_transactionid,
281			    axg->axg_packetid, buf, strerror(errno(*__errno())));
282		else
283			agentx_log("[fd:%d sess:%u ctx:%s trid:%u pid:%u]: "
284			    "%s", axg->axg_fd, axg->axg_sessionid,
285			    AGENTX_GET_CTXNAME(axg)(axg->axg_context_default ? "<default>" : (char *)axg
->axg_context.aos_string), axg->axg_transactionid,
286			    axg->axg_packetid, buf);
287	} else if (axc7.1
'axc' is equal to NULL
 != NULL((void *)0)) {
8
←
Taking false branch→
288		axs = axc->axc_axs;
289		ax = axs->axs_ax;
290		if (useerrno)
291			agentx_log("[fd:%d sess:%u ctx:%s]: %s: %s",
292			    ax->ax_fd, axs->axs_id, AGENTX_CONTEXT_NAME(axc)(axc->axc_name_default ? "<default>" : (char *)axc->
axc_name.aos_string),
293			    buf, strerror(errno(*__errno())));
294		else
295			agentx_log("[fd:%d sess:%u ctx:%s]: %s", ax->ax_fd,
296			    axs->axs_id, AGENTX_CONTEXT_NAME(axc)(axc->axc_name_default ? "<default>" : (char *)axc->
axc_name.aos_string), buf);
297	} else if (axs8.1
'axs' is equal to NULL
 != NULL((void *)0)) {
9
←
Taking false branch→
298		ax = axs->axs_ax;
299		if (useerrno)
300			agentx_log("[fd:%d sess:%u]: %s: %s", ax->ax_fd,
301			    axs->axs_id, buf, strerror(errno(*__errno())));
302		else
303			agentx_log("[fd:%d sess:%u]: %s", ax->ax_fd,
304			    axs->axs_id, buf);
305	} else if (ax->ax_fd == -1) {
10
←
Access to field 'ax_fd' results in a dereference of a null pointer (loaded from variable 'ax')
306		if (useerrno)
307			agentx_log("%s: %s", buf, strerror(errno(*__errno())));
308		else
309			agentx_log("%s", buf);
310	} else {
311		if (useerrno)
312			agentx_log("[fd:%d]: %s: %s", ax->ax_fd, buf,
313			    strerror(errno(*__errno())));
314		else
315			agentx_log("[fd:%d]: %s", ax->ax_fd, buf);
316	}
317}