https://bugs.openldap.org/show_bug.cgi?id=10012
Issue ID: 10012 Summary: fcntl called without checking value Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: libraries Assignee: bugs@openldap.org Reporter: balaev@tarantool.org Target Milestone: ---
Created attachment 949 --> https://bugs.openldap.org/attachment.cgi?id=949&action=edit patch file
ldap_pvt_socket() and ldap_int_socket() calls fcntl without checking value of file descriptor.
https://bugs.openldap.org/show_bug.cgi?id=10012
--- Comment #1 from Howard Chu hyc@openldap.org --- Who cares? The fcntl call would just fail with EBADF.
https://bugs.openldap.org/show_bug.cgi?id=10012
--- Comment #2 from balaev@tarantool.org --- (In reply to Howard Chu from comment #1)
Who cares? The fcntl call would just fail with EBADF.
Some static analyzers (for example, svace) generate warnings on such code. In fact, yes, there is no problem as such. It just performs a meaningless action in case socket(2) fails.
https://bugs.openldap.org/show_bug.cgi?id=10012
--- Comment #3 from Howard Chu hyc@openldap.org --- (In reply to balaev from comment #2)
(In reply to Howard Chu from comment #1)
Who cares? The fcntl call would just fail with EBADF.
Some static analyzers (for example, svace) generate warnings on such code. In fact, yes, there is no problem as such. It just performs a meaningless action in case socket(2) fails.
Yes, the likelihood of which is near zero on a typical system. It would mean the system was out of memory, or file descriptors, or some other resource exhaustion which almost never happens in practice, and if it does happen, far worse things will be failing on the machine.
When was the last time you've even heard of socket() failing?
https://bugs.openldap.org/show_bug.cgi?id=10012
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Keywords|needs_review | Resolution|--- |WONTFIX
https://bugs.openldap.org/show_bug.cgi?id=10012
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED
-
openldap-its@openldap.org