cli: Fixed coverity issue in cli-cmd-system.c

This patch adds a missing check of the return value of strtok_r() and returns an error if it's NULL. It also fixes a couple of leaks. Change-Id: Ib15d6f843516e44c3bd8790a2e3ad936e357f6d4 BUG: 789278 Signed-off-by: Xavier Hernandez <jahernan@redhat.com>
author: Xavier Hernandez <jahernan@redhat.com> 2017-11-02 10:11:43 +0100
committer: Jeff Darcy <jeff@pl.atyp.us> 2017-12-20 15:44:22 +0000
commit: 8ad87e4fa5803718746e0e7315e8c9f1a37952c0 (patch)
tree: 33084115f57bdd1f5e9623ed3fe9125050cd5b88 /cli/src
parent: 7d81a49a0479b4b98a639b5e50ec2ea4fa8a1314 (diff)
1 files changed, 22 insertions, 1 deletions
diff --git a/cli/src/cli-cmd-system.c b/cli/src/cli-cmd-system.c
index 93aac0b60cc..3b1d967b650 100644
--- a/cli/src/cli-cmd-system.c
+++ b/cli/src/cli-cmd-system.c
@@ -461,6 +461,10 @@ cli_cmd_sys_exec_cbk (struct cli_state *state, struct cli_cmd_word *word,
                 goto out;
 
         command = strtok_r ((char *)words[2], " ", &saveptr);
+        if (command == NULL) {
+                gf_log("cli", GF_LOG_ERROR, "Failed to parse command");
+                goto out;
+        }
         do {
                 tmp = strtok_r (NULL, " ", &saveptr);
                 if (tmp) {
@@ -513,14 +517,31 @@ cli_cmd_sys_exec_cbk (struct cli_state *state, struct cli_cmd_word *word,
         }
 
         proc = &cli_rpc_prog->proctable[GLUSTER_CLI_SYS_EXEC];
-        if (proc && proc->fn) {
+        if (proc->fn) {
                 frame = create_frame (THIS, THIS->ctx->pool);
                 if (!frame)
                         goto out;
                 CLI_LOCAL_INIT (local, words, frame, dict);
                 ret = proc->fn (frame, THIS, (void*)dict);
+
+                /* proc->fn is processed synchronously, which means that the
+                 * execution flow won't return here until the operation is
+                 * fully processed, including any related callback. For this
+                 * reason, it's safe to destroy the stack here, since no one
+                 * can still be using it. Additionally, it's not easy to move
+                 * the stack destroy to the callback executed after completion
+                 * of the operation because there are multiple things than can
+                 * fail even before having queued the callback, so we would
+                 * still need to destroy the stack if proc->fn returns an
+                 * error. */
+                CLI_STACK_DESTROY(frame);
+                dict = NULL;
         }
 out:
+        if (dict != NULL) {
+                dict_unref(dict);
+        }
+
         return ret;
 }
author	Xavier Hernandez <jahernan@redhat.com>	2017-11-02 10:11:43 +0100
committer	Jeff Darcy <jeff@pl.atyp.us>	2017-12-20 15:44:22 +0000
commit	8ad87e4fa5803718746e0e7315e8c9f1a37952c0 (patch)
tree	33084115f57bdd1f5e9623ed3fe9125050cd5b88 /cli/src
parent	7d81a49a0479b4b98a639b5e50ec2ea4fa8a1314 (diff)