coverity.com fixes - initial round

This commit tries to fix a bunch of issues found
by coverity.com.

Signed-off-by: Jaroslav Kysela <perex@perex.cz>
This commit is contained in:
Jaroslav Kysela 2025-11-10 17:56:27 +01:00
parent f0679e5de2
commit 47f4f9b73b
40 changed files with 283 additions and 133 deletions

View file

@ -220,13 +220,10 @@ static ssize_t write_manifest_data(snd_tplg_t *tplg)
return ret;
}
tplg_log(tplg, 'B', tplg->bin_pos, "manifest: write %d bytes",
sizeof(tplg->manifest));
tplg_log(tplg, 'B', tplg->bin_pos, "manifest: write %zu bytes", sizeof(tplg->manifest));
ret = twrite(tplg, &tplg->manifest, sizeof(tplg->manifest));
if (ret >= 0) {
tplg_log(tplg, 'B', tplg->bin_pos,
"manifest: write %d priv bytes",
tplg->manifest.priv.size);
tplg_log(tplg, 'B', tplg->bin_pos, "manifest: write %d priv bytes", tplg->manifest.priv.size);
ret = twrite(tplg, tplg->manifest_pdata, tplg->manifest.priv.size);
}
return ret;

View file

@ -1111,7 +1111,7 @@ int tplg_add_enum(snd_tplg_t *tplg, struct snd_tplg_enum_template *enum_ctl,
if (enum_ctl->values[i] == NULL)
continue;
memcpy(&ec->values[i * sizeof(int) * ENUM_VAL_SIZE],
memcpy(&ec->values[i * ENUM_VAL_SIZE],
enum_ctl->values[i],
sizeof(int) * ENUM_VAL_SIZE);
}

View file

@ -329,9 +329,9 @@ done:
buf[i] = 0;
source = &buf[i + 2];
strcpy(line->source, source);
strcpy(line->control, control);
strcpy(line->sink, sink);
snd_strlcpy(line->source, source, sizeof(line->source));
snd_strlcpy(line->control, control, sizeof(line->source));
snd_strlcpy(line->sink, sink, sizeof(line->source));
return 0;
}

View file

@ -461,8 +461,7 @@ static int copy_data_hex(char *data, int off, const char *str, int width)
return 0;
}
static int tplg_parse_data_hex(snd_config_t *cfg, struct tplg_elem *elem,
int width)
static int tplg_parse_data_hex(snd_config_t *cfg, struct tplg_elem *elem, unsigned int width)
{
struct snd_soc_tplg_private *priv;
const char *value = NULL;
@ -471,11 +470,14 @@ static int tplg_parse_data_hex(snd_config_t *cfg, struct tplg_elem *elem,
tplg_dbg(" data: %s", elem->id);
if (width > 4)
return -EINVAL;
if (snd_config_get_string(cfg, &value) < 0)
return -EINVAL;
num = get_hex_num(value);
if (num <= 0) {
if (num <= 0 || num > 16384) {
snd_error(TOPOLOGY, "malformed hex variable list %s", value);
return -EINVAL;
}
@ -483,14 +485,16 @@ static int tplg_parse_data_hex(snd_config_t *cfg, struct tplg_elem *elem,
size = num * width;
priv = elem->data;
if (size > TPLG_MAX_PRIV_SIZE) {
snd_error(TOPOLOGY, "data too big %d", size);
if (size < 0 || size > TPLG_MAX_PRIV_SIZE) {
snd_error(TOPOLOGY, "data too big %u", (unsigned int)size);
return -EINVAL;
}
if (priv != NULL) {
off = priv->size;
esize = elem->size + size;
if (off > 1024*1024)
return -ENOMEM;
esize = off + size;
priv = realloc(priv, esize);
} else {
off = 0;
@ -1696,7 +1700,7 @@ static int tplg_verify_tuple_set(snd_tplg_t *tplg, size_t pos,
j = tplg_get_tuple_size(va->type) * va->num_elems;
if (j + sizeof(*va) != va->size) {
tplg_log(tplg, 'A', pos, "tuple set verify: wrong vendor array size %d "
"(expected %d for %d count %d)",
"(expected %zu for %d count %d)",
va->size, j + sizeof(*va), va->type, va->num_elems);
return -EINVAL;
}

View file

@ -91,6 +91,8 @@ int tplg_parse_ops(snd_tplg_t *tplg ATTRIBUTE_UNUSED, snd_config_t *cfg,
if (snd_config_get_string(n, &value) < 0)
continue;
ival = lookup_ops(value);
if (ival < 0)
return ival;
} else {
if (tplg_get_integer(n, &ival, 0))
continue;
@ -176,6 +178,8 @@ int tplg_parse_ext_ops(snd_tplg_t *tplg ATTRIBUTE_UNUSED,
if (snd_config_get_string(n, &value) < 0)
continue;
ival = lookup_ops(value);
if (ival < 0)
return ival;
} else {
if (tplg_get_integer(n, &ival, 0))
continue;