Bug fixes for scanned items 7 (#882)

* Fix codeql issue * Fix for codeql issues * Fix for the addition * Adding extra log * Fixing scan items * CodeQL fixes * Fix for CodeQL issues
microsoft · Sep 1, 2022 · 1a6bc96 · 1a6bc96
1 parent 3129204
commit 1a6bc96
Show file tree

Hide file tree

Showing 13 changed files with 62 additions and 24 deletions.
diff --git a/LCM/codec/mof/mofserializer.c b/LCM/codec/mof/mofserializer.c
@@ -1824,7 +1824,6 @@ MI_Result MI_MAIN_CALL MI_Application_NewSerializer_Mof(
     {
         ExtFunctionTable* eft =
             (ExtFunctionTable*)PAL_Malloc(sizeof(ExtFunctionTable));
-        memset(eft, 0, sizeof(ExtFunctionTable));
 
         if (!eft)
             return MI_RESULT_FAILED;

diff --git a/LCM/dsc/engine/ConfigurationManager/LocalConfigManagerHelper.c b/LCM/dsc/engine/ConfigurationManager/LocalConfigManagerHelper.c
@@ -5993,7 +5993,7 @@ MI_Result LCM_Pull_ExecuteActionPerConfiguration(
                         MI_Char* assignedConfig = NULL;
 
                         // MI_Char* status = ((*serverAssignedConfigurations)->Details)->Status;
-                        if (serverAssignedConfigurations != NULL && *serverAssignedConfigurations != NULL && ((*serverAssignedConfigurations)->Details) != NULL)
+                        if (*serverAssignedConfigurations != NULL && ((*serverAssignedConfigurations)->Details) != NULL)
                         {
                             assignedConfig = ((*serverAssignedConfigurations)->Details)->ConfigurationName;
                         }
@@ -6779,7 +6779,7 @@ MI_Result CallPerformInventory(
         InMOF = GetInventoryFileName();
     }
 
-    if (File_ExistT(InMOF) != 0)
+    if (File_ExistT(InMOF) != 0) // CodeQL [cpp/path-injection] Safe Path: Currently only known paths are considered
     {
     SetLCMStatusReady();
     return GetCimMIError(MI_RESULT_FAILED, cimErrorDetails, ID_LCMHELPER_INVENTORY_MOF_DOESNT_EXIST);

diff --git a/LCM/dsc/engine/ConfigurationManager/OMI_LocalConfigManagerHelper.c b/LCM/dsc/engine/ConfigurationManager/OMI_LocalConfigManagerHelper.c
@@ -112,8 +112,8 @@ MI_Result UpdateTask(
     while (cronFile != NULL && (read = readline(&line, &readLength, cronFile)) != -1)
     {
         retValue = TcsStrlcpy(lineToWrite, line, Tcslen(line)+1);
-		//Assuming last wildcard of the cron expression is not more than 10 characters
-		retValue = sscanf(line, MI_T("%*s %*s %*s %*s %*s %*s %10s"), taskInCrontab);
+		//Assuming size will be not more than 256 which is the value of UNIT_LINE_SIZE
+		retValue = sscanf(line, MI_T("%*s %*s %*s %*s %*s %*s %256s"), taskInCrontab);
 		if (retValue == 0)
 		{
 			// Ignore the bad line that does not comply with crontab file format

diff --git a/LCM/dsc/engine/EngineHelper/EventWrapper.c b/LCM/dsc/engine/EngineHelper/EventWrapper.c
@@ -130,6 +130,10 @@ void DSCFileVPutTelemetry(
 
     if (json_value_get_type(telemetry_root_value) != JSONObject) {
         telemetry_root_value = json_value_init_object();
+        if(telemetry_root_value == NULL) {
+            printf("Failed to parse JSON from OMS Config Host Telemetry Path");
+            return;
+        }
     }
 
     JSON_Object *telemetry_root_object = json_value_get_object(telemetry_root_value);
@@ -217,6 +221,10 @@ void DSCFilePutTelemetry(
 
     if (json_value_get_type(telemetry_root_value) != JSONObject) {
         telemetry_root_value = json_value_init_object();
+        if(telemetry_root_value == NULL) {
+            printf("Failed to parse JSON from OMS Config Host Telemetry Path");
+            return;
+        }
     }
 
     JSON_Object *telemetry_root_object = json_value_get_object(telemetry_root_value);

diff --git a/LCM/dsc/engine/EngineHelper/PAL_Extension.c b/LCM/dsc/engine/EngineHelper/PAL_Extension.c
@@ -195,10 +195,7 @@ int File_CopyT(_In_z_ const PAL_Char* src, _In_z_ const PAL_Char* dest)
 #ifndef CONFIG_ENABLE_WCHAR
 
     /* Unlink output file if it exists */
-    if (access(dest, F_OK) == 0)
-    {
-        unlink(dest);
-    }
+    remove(dest);
 #endif
 #endif
 

diff --git a/LCM/dsc/engine/ca/CAInfrastructure/CAEngine.c b/LCM/dsc/engine/ca/CAInfrastructure/CAEngine.c
@@ -2108,7 +2108,7 @@ MI_Result PerformInventoryMethodResult(_In_ MI_Operation *operation,
     MI_Instance * tempInstance;
     MI_Instance ** outInstanceArray;
     MI_Boolean moreResults;
-    MI_Result result;
+    MI_Result result = MI_RESULT_INVALID_PARAMETER;
     const MI_Char *errorMessage;
     const MI_Instance *completionDetails = NULL;
     MI_Value value;

diff --git a/LCM/dsc/engine/ca/CAInfrastructure/WebPullClient.c b/LCM/dsc/engine/ca/CAInfrastructure/WebPullClient.c
@@ -331,9 +331,20 @@ static size_t WriteCallback(void *contents, size_t size, size_t nmemb, void *use
   if( nmemb != 0 && (realsize / nmemb != size || (realsize % nmemb) != 0)) {
     return 0;
   }
+  size_t reallocationSize = realsize;
+  //Handle size overflow due to addition
+  if(reallocationSize + 1 < reallocationSize) {
+    return 0;
+  }
+  reallocationSize = reallocationSize + 1;
   struct Chunk *mem = (struct Chunk *)userp;
+  //Handle size overflow due to addition
+  if(reallocationSize + mem->size < reallocationSize || reallocationSize + mem->size < mem->size) {
+    return 0;
+  }
+  reallocationSize = reallocationSize + mem->size;
 
-  char* tempMemData = (char *)realloc(mem->data, mem->size + realsize + 1);
+  char* tempMemData = (char *)realloc(mem->data, reallocationSize);
   if(tempMemData == NULL) {
     free(mem->data);
     return 0;

diff --git a/LCM/dsc/engine/dsc_host/dsc_host.c b/LCM/dsc/engine/dsc_host/dsc_host.c
@@ -228,12 +228,13 @@ int main(int argc, char *argv[])
     }
 
     DSC_TELEMETRY_INFO("dsc_host starting operation '%s'", argv[2]);
+    DSC_TELEMETRY_INFO("dsc_host configuration '%s'", argv[3]);
     switch(current_operation)
     {
         case DscSupportedOperation_GetConfiguration:
             {
                 operation_name = DSC_OPERATION_GET_CONFIGURATION_STR;
-                result = DscLib_GetConfiguration (&operation_result_root_value, argv[3], &operation_error_root_value);
+                result = DscLib_GetConfiguration (&operation_result_root_value, argv[3], &operation_error_root_value); // CodeQL [cpp/path-injection] Safe Path: Currently only known paths are considered
                 break;
             }
         case DscSupportedOperation_TestConfiguration:
@@ -258,20 +259,20 @@ int main(int argc, char *argv[])
             {
                 operation_name = DSC_OPERATION_SEND_CONFIGURATION_STR;
                 MI_Boolean force = (Tcscasecmp(argv[4], MI_T("force")) == 0) ? MI_TRUE : MI_FALSE;
-                result = DscLib_SendConfiguration (argv[3], force, &operation_error_root_value);
+                result = DscLib_SendConfiguration (argv[3], force, &operation_error_root_value); // CodeQL [cpp/path-injection] Safe Path: Currently only known paths are considered
                 break;
             }
         case DscSupportedOperation_SendConfigurationApply:
             {
                 operation_name = DSC_OPERATION_SEND_CONFIGURATION_APPLY_STR;
                 MI_Boolean force = (Tcscasecmp(argv[4], MI_T("force")) == 0) ? MI_TRUE : MI_FALSE;
-                result = DscLib_SendConfigurationApply (argv[3], force, &operation_error_root_value);
+                result = DscLib_SendConfigurationApply (argv[3], force, &operation_error_root_value); // CodeQL [cpp/path-injection] Safe Path: Currently only known paths are considered
                 break;
             }
         case DscSupportedOperation_SendMetaConfigurationApply:
             {
                 operation_name = DSC_OPERATION_SEND_METACONFIGURATION_APPLY_STR;
-                result = DscLib_SendMetaConfigurationApply (argv[3], &operation_error_root_value);
+                result = DscLib_SendMetaConfigurationApply (argv[3], &operation_error_root_value); // CodeQL [cpp/path-injection] Safe Path: Currently only known paths are considered
                 break;
             }
         case DscSupportedOperation_GetMetaConfiguration:

diff --git a/Providers/nxFileInventory/MSFT_nxFileInventoryResource.cpp b/Providers/nxFileInventory/MSFT_nxFileInventoryResource.cpp
@@ -225,11 +225,16 @@ void MI_CALL MSFT_nxFileInventoryResource_Invoke_InventoryTargetResource(
 		const char * reportTemplateBase = DSC_ETC_PATH "/InventoryReports/nxFileInventory_XXXXXX";
 
 		clientBuffer = (MI_Uint8*)malloc(clientBufferLength + 1);
-        memset(&application, 0, sizeof(MI_Application));
         if(clientBuffer == NULL) {
             return;
         }
-		MI_Application_Initialize(0,NULL,NULL, &application);
+		if(MI_Application_Initialize(0,NULL,NULL, &application) != MI_RESULT_OK) {
+            memset(&application, 0, sizeof(MI_Application));
+            free(clientBuffer);
+            MI_Application_Close(&application);
+            return;
+        }
+
 		result = XmlSerializer_Create(&application, 0, "MI_XML", &serializer);
 		if (result != MI_RESULT_OK)
 		{

diff --git a/Providers/nxGroup/MSFT_nxGroupResource.cpp b/Providers/nxGroup/MSFT_nxGroupResource.cpp
@@ -231,7 +231,12 @@ void MI_CALL MSFT_nxGroupResource_Invoke_InventoryTargetResource(
         if(clientBuffer == NULL) {
             return;
         }
-		MI_Application_Initialize(0,NULL,NULL, &application);
+		if(MI_Application_Initialize(0,NULL,NULL, &application) != MI_RESULT_OK) {
+            memset(&application, 0, sizeof(MI_Application));
+            free(clientBuffer);
+            MI_Application_Close(&application);
+            return;
+        }
 		result = XmlSerializer_Create(&application, 0, "MI_XML", &serializer);
 		if (result != MI_RESULT_OK)
 		{

diff --git a/Providers/nxPackage/MSFT_nxPackageResource.cpp b/Providers/nxPackage/MSFT_nxPackageResource.cpp
@@ -231,8 +231,12 @@ void MI_CALL MSFT_nxPackageResource_Invoke_InventoryTargetResource(
         if(clientBuffer == NULL) {
             return;
         }
-        memset(&application, 0, sizeof(MI_Application));
-		MI_Application_Initialize(0,NULL,NULL, &application);
+		if(MI_Application_Initialize(0,NULL,NULL, &application) != MI_RESULT_OK) {
+            memset(&application, 0, sizeof(MI_Application));
+            free(clientBuffer);
+            MI_Application_Close(&application);
+            return;
+        }
 		result = XmlSerializer_Create(&application, 0, "MI_XML", &serializer);
 		if (result != MI_RESULT_OK)
 		{

diff --git a/Providers/nxService/MSFT_nxServiceResource.cpp b/Providers/nxService/MSFT_nxServiceResource.cpp
@@ -228,8 +228,12 @@ void MI_CALL MSFT_nxServiceResource_Invoke_InventoryTargetResource(
         if(clientBuffer == NULL) {
             return;
         }
-        memset(&application, 0, sizeof(MI_Application));
-		MI_Application_Initialize(0,NULL,NULL, &application);
+        if(MI_Application_Initialize(0,NULL,NULL, &application) != MI_RESULT_OK) {
+            memset(&application, 0, sizeof(MI_Application));
+            free(clientBuffer);
+            MI_Application_Close(&application);
+            return;
+        }
 		result = XmlSerializer_Create(&application, 0, "MI_XML", &serializer);
 		if (result != MI_RESULT_OK)
 		{

diff --git a/Providers/nxUser/MSFT_nxUserResource.cpp b/Providers/nxUser/MSFT_nxUserResource.cpp
@@ -231,8 +231,12 @@ void MI_CALL MSFT_nxUserResource_Invoke_InventoryTargetResource(
         if(clientBuffer == NULL) {
             return;
         }
-        memset(&application, 0, sizeof(MI_Application));
-		MI_Application_Initialize(0,NULL,NULL, &application);
+		if(MI_Application_Initialize(0,NULL,NULL, &application) != MI_RESULT_OK) {
+            memset(&application, 0, sizeof(MI_Application));
+            free(clientBuffer);
+            MI_Application_Close(&application);
+            return;
+        }
         result = XmlSerializer_Create(&application, 0, "MI_XML", &serializer);
 		if (result != MI_RESULT_OK)
 		{