fixed incorrect sprintf format usage; fixed access to uninitialized memory in DB...
authorVictor Kirhenshtein <victor@netxms.org>
Sun, 8 Oct 2017 09:55:48 +0000 (12:55 +0300)
committerVictor Kirhenshtein <victor@netxms.org>
Sun, 8 Oct 2017 09:55:48 +0000 (12:55 +0300)
src/libnetxms/seh.cpp
src/server/libnxsrv/agent.cpp
src/server/tools/nxdbmgr/export.cpp
src/server/tools/nxdbmgr/init.cpp
src/server/tools/nxdbmgr/upgrade_v0.cpp

index 114fdfb..0868aeb 100644 (file)
@@ -272,7 +272,7 @@ BOOL LIBNETXMS_EXPORTABLE SEHServiceExceptionHandler(EXCEPTION_POINTERS *pInfo)
 #endif
                          pInfo->ExceptionRecord->ExceptionCode,
                          SEHExceptionName(pInfo->ExceptionRecord->ExceptionCode),
-                         pInfo->ExceptionRecord->ExceptionAddress);
+                         (ULONG_PTR)pInfo->ExceptionRecord->ExceptionAddress);
 
                // NetXMS and OS version
                GetWindowsVersionString(szWindowsVersion, 256);
@@ -365,7 +365,7 @@ BOOL LIBNETXMS_EXPORTABLE SEHServiceExceptionHandler(EXCEPTION_POINTERS *pInfo)
 #endif
                pInfo->ExceptionRecord->ExceptionCode,
                SEHExceptionName(pInfo->ExceptionRecord->ExceptionCode),
-               pInfo->ExceptionRecord->ExceptionAddress);
+               (ULONG_PTR)pInfo->ExceptionRecord->ExceptionAddress);
        }
 
        return TRUE;    // Terminate process
index 063f214..83ebe24 100644 (file)
@@ -1756,34 +1756,33 @@ UINT32 AgentConnection::setupEncryption(RSA *pServerKey)
  */
 UINT32 AgentConnection::getConfigFile(TCHAR **ppszConfig, UINT32 *pdwSize)
 {
-   UINT32 i, dwRqId, dwResult;
-   NXCPMessage msg(m_nProtocolVersion), *pResponse;
-
    *ppszConfig = NULL;
    *pdwSize = 0;
 
    if (!m_isConnected)
       return ERR_NOT_CONNECTED;
 
-   dwRqId = generateRequestId();
+   UINT32 dwResult;
+   UINT32 dwRqId = generateRequestId();
 
+   NXCPMessage msg(m_nProtocolVersion);
    msg.setCode(CMD_GET_AGENT_CONFIG);
    msg.setId(dwRqId);
 
    if (sendMessage(&msg))
    {
-      pResponse = waitForMessage(CMD_REQUEST_COMPLETED, dwRqId, m_dwCommandTimeout);
+      NXCPMessage *pResponse = waitForMessage(CMD_REQUEST_COMPLETED, dwRqId, m_dwCommandTimeout);
       if (pResponse != NULL)
       {
          dwResult = pResponse->getFieldAsUInt32(VID_RCC);
          if (dwResult == ERR_SUCCESS)
          {
-            UINT32 size = pResponse->getFieldAsBinary(VID_CONFIG_FILE, NULL, 0);
+            size_t size = pResponse->getFieldAsBinary(VID_CONFIG_FILE, NULL, 0);
             BYTE *utf8Text = (BYTE *)malloc(size + 1);
             pResponse->getFieldAsBinary(VID_CONFIG_FILE, (BYTE *)utf8Text, size);
 
             // We expect text file, so replace all non-printable characters with spaces
-            for(i = 0; i < size; i++)
+            for(size_t i = 0; i < size; i++)
                if ((utf8Text[i] < ' ') &&
                    (utf8Text[i] != '\t') &&
                    (utf8Text[i] != '\r') &&
index d275616..8fd5bfe 100644 (file)
@@ -189,8 +189,6 @@ void ExportDatabase(char *file, bool skipAudit, bool skipAlarms, bool skipEvent,
        sqlite3 *db;
        char *errmsg, queryTemplate[11][MAX_DB_STRING], *data;
        TCHAR idataTable[128];
-   int rowCount;
-       DB_RESULT hResult;
    int legacy = 0, major = 0, minor = 0;
        BOOL success = FALSE;
 
@@ -324,7 +322,6 @@ void ExportDatabase(char *file, bool skipAudit, bool skipAlarms, bool skipEvent,
                {
                   _tprintf(_T("ERROR: SQLite query failed: %hs (%hs)\n"), query, errmsg);
                   sqlite3_free(errmsg);
-                  DBFreeResult(hResult);
                   goto cleanup;
                }
             }
@@ -335,14 +332,12 @@ void ExportDatabase(char *file, bool skipAudit, bool skipAlarms, bool skipEvent,
             _sntprintf(idataTable, 128, _T("idata_%d"), id);
             if (!ExportTable(db, idataTable))
             {
-               DBFreeResult(hResult);
                goto cleanup;
             }
 
             _sntprintf(idataTable, 128, _T("tdata_%d"), id);
             if (!ExportTable(db, idataTable))
             {
-               DBFreeResult(hResult);
                goto cleanup;
             }
          }
index 327a0c7..7fa614f 100644 (file)
@@ -185,8 +185,7 @@ void InitDatabase(const char *pszInitFile)
 
    // Generate GUID for "Admins" group
    _uuid_generate(guid);
-   _sntprintf(szQuery, 256, _T("UPDATE user_groups SET guid='%s' WHERE id=-2147483647"),
-              _uuid_to_string(guid, szGUID), GROUP_EVERYONE);
+   _sntprintf(szQuery, 256, _T("UPDATE user_groups SET guid='%s' WHERE id=-2147483647"), _uuid_to_string(guid, szGUID));
    if (!SQLQuery(szQuery))
       goto init_failed;
 
index c831597..16ca890 100644 (file)
@@ -1816,10 +1816,10 @@ static BOOL H_UpgradeFromV415(int currVersion, int newVersion)
       sysAccess = sysAccess | SYSTEM_ACCESS_VIEW_ALL_ALARMS;
 
       TCHAR query[MAX_DB_STRING];
-      _sntprintf(query, MAX_DB_STRING, _T("UPDATE user_groups SET system_access=%ld WHERE name='Everyone'"), sysAccess);
+      _sntprintf(query, MAX_DB_STRING, _T("UPDATE user_groups SET system_access=") UINT64_FMT _T(" WHERE name='Everyone'"), sysAccess);
       CHK_EXEC(SQLQuery(query));
 
-   DBFreeResult(hResult);
+      DBFreeResult(hResult);
    }
    else
    {
@@ -10468,8 +10468,8 @@ static BOOL MoveObjectData(DWORD dwId, BOOL bInheritRights)
    {
       _sntprintf(szQuery, 1024, _T("INSERT INTO object_properties (object_id,name,")
                                    _T("status,is_deleted,image_id,inherit_access_rights,")
-                                   _T("last_modified) VALUES (%d,'%s',%d,%d,%d,%d,%ld)"),
-                 dwId, szName, dwStatus, bIsDeleted, dwImageId, bInheritRights, time(NULL));
+                                   _T("last_modified) VALUES (%d,'%s',%d,%d,%d,%d,") INT64_FMT _T(")"),
+                 dwId, szName, dwStatus, bIsDeleted, dwImageId, bInheritRights, (INT64)time(NULL));
 
       if (!SQLQuery(szQuery))
          if (!g_bIgnoreErrors)
@@ -10599,10 +10599,10 @@ static BOOL H_UpgradeFromV26(int currVersion, int newVersion)
             {
                _sntprintf(szQuery, 1024, _T("INSERT INTO object_properties (object_id,name,")
                                             _T("status,is_deleted,image_id,inherit_access_rights,")
-                                            _T("last_modified) VALUES (%d,'%s',5,0,%d,%d,%ld)"),
+                                            _T("last_modified) VALUES (%d,'%s',5,0,%d,%d,") INT64_FMT _T(")"),
                           dwId, szName, dwImageId,
                           DBGetFieldLong(hResult, i, 1) ? TRUE : FALSE,
-                          time(NULL));
+                          (INT64)time(NULL));
 
                if (!SQLQuery(szQuery))
                   if (!g_bIgnoreErrors)