From 03c04c081a170668e52127be3c150582e458e1ed Mon Sep 17 00:00:00 2001
From: Simon Wilkinson <sxw@your-file-system.com>
Date: Fri, 15 Feb 2013 11:37:47 +0000
Subject: [PATCH] Don't allocate objects of 0 length

Fix assorted places in the code where we might have asked malloc to
allocate a block of zero length.

Caught by clang-analyzer

Change-Id: I6e1226ad83a52984ee7c53cbed8c867f38e4f866
Reviewed-on: http://gerrit.openafs.org/9155
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
---
 src/budb/procs.c              |  9 ++++++---
 src/libadmin/vos/vosutils.c   | 27 +++++++++++++++------------
 src/tools/dumpscan/dumptool.c | 17 ++++++++++++-----
 src/viced/callback.c          |  6 ++++--
 src/xstat/xstat_cm_test.c     | 21 +++++++++++++++------
 src/xstat/xstat_fs_test.c     |  7 ++++++-
 6 files changed, 58 insertions(+), 29 deletions(-)

diff --git a/src/budb/procs.c b/src/budb/procs.c
index 90afeae..868aea4 100644
--- a/src/budb/procs.c
+++ b/src/budb/procs.c
@@ -534,9 +534,12 @@ SendReturnList(struct ubik_trans *ut,
 
     /* Allocate space for the return values if needed and zero it */
     if (eList->budb_dumpList_val == 0) {
-	eList->budb_dumpList_val = calloc(to_return, e_size);
-	if (!eList->budb_dumpList_val)
-	    return (BUDB_NOMEM);
+	if (to_return > 0) {
+	    eList->budb_dumpList_val = calloc(to_return, e_size);
+	    if (!eList->budb_dumpList_val)
+		return (BUDB_NOMEM);
+	} else
+	    eList->budb_dumpList_val = NULL;
     } else {
         memset(eList->budb_dumpList_val, 0, e_size * to_return);
     }
diff --git a/src/libadmin/vos/vosutils.c b/src/libadmin/vos/vosutils.c
index 3fcab99..b00cc4a 100644
--- a/src/libadmin/vos/vosutils.c
+++ b/src/libadmin/vos/vosutils.c
@@ -277,22 +277,25 @@ VLDB_ListAttributes(afs_cell_handle_p cellHandle,
 		if (*entriesp > arrayEntries.bulkentries_len)
 		    *entriesp = arrayEntries.bulkentries_len;
 
-		blkentriesp->nbulkentries_val =
-		    malloc(*entriesp * sizeof(*blkentriesp));
-		if (blkentriesp->nbulkentries_val != NULL) {
-		    for (i = 0; i < *entriesp; i++) {
-			OldVLDB_to_NewVLDB((struct vldbentry *)&arrayEntries.
-					   bulkentries_val[i],
-					   (struct nvldbentry *)&blkentriesp->
-					   nbulkentries_val[i], &tst);
+		if (*entriesp > 0) {
+		    blkentriesp->nbulkentries_val =
+			calloc(*entriesp, sizeof(*blkentriesp));
+		    if (blkentriesp->nbulkentries_val != NULL) {
+		        for (i = 0; i < *entriesp; i++) {
+			    OldVLDB_to_NewVLDB((struct vldbentry *)&arrayEntries.
+					       bulkentries_val[i],
+					       (struct nvldbentry *)&blkentriesp->
+					       nbulkentries_val[i], &tst);
+			}
+		    } else {
+			tst = ADMNOMEM;
 		    }
 		} else {
-		    tst = ADMNOMEM;
-		}
-		if (arrayEntries.bulkentries_val) {
-		    free(arrayEntries.bulkentries_val);
+		    blkentriesp->nbulkentries_val = NULL;
 		}
 
+		xdr_free((xdrproc_t)xdr_bulkentries, &arrayEntries);
+
 		rc = 1;
 	    }
 	}
diff --git a/src/tools/dumpscan/dumptool.c b/src/tools/dumpscan/dumptool.c
index 6f6e44f..a8c05a0 100644
--- a/src/tools/dumpscan/dumptool.c
+++ b/src/tools/dumpscan/dumptool.c
@@ -1149,12 +1149,19 @@ ScanVnodes(FILE * f, VolumeDiskData * vol, int sizescan)
 	numSmallVnodes = numFileVnodes;
 
     } else {
-	LargeVnodeIndex = (struct vnodeData **)
-	    malloc(numDirVnodes * sizeof(struct vnodeData));
-	SmallVnodeIndex = (struct vnodeData **)
-	    malloc(numFileVnodes * sizeof(struct vnodeData));
+	if (numDirVnodes == 0)
+	    LargeVnodeIndex = NULL;
+	else
+	    LargeVnodeIndex = malloc(numDirVnodes
+				      * sizeof(struct vnodeData *));
+	if (numFileVnodes == 0)
+	    SmallVnodeIndex = NULL;
+	else
+	    SmallVnodeIndex = malloc(numFileVnodes
+				      * sizeof(struct vnodeData *));
 
-	if (LargeVnodeIndex == NULL || SmallVnodeIndex == NULL) {
+	if ((numDirVnodes != 0 && LargeVnodeIndex == NULL) ||
+	    (numFileVnodes != 0 && SmallVnodeIndex == NULL)) {
 	    if (verbose)
 		fprintf(stderr,
 			"Unable to allocate space " "for vnode tables\n");
diff --git a/src/viced/callback.c b/src/viced/callback.c
index 3c21a49..5460702 100644
--- a/src/viced/callback.c
+++ b/src/viced/callback.c
@@ -422,11 +422,13 @@ FDel(struct FileEntry *fe)
 int
 InitCallBack(int nblks)
 {
+    opr_Assert(nblks > 0);
+
     H_LOCK;
     tfirst = CBtime(time(NULL));
     /* N.B. The "-1", below, is because
      * FE[0] and CB[0] are not used--and not allocated */
-    FE = ((struct FileEntry *)(calloc(nblks, sizeof(struct FileEntry))));
+    FE = calloc(nblks, sizeof(struct FileEntry));
     if (!FE) {
 	ViceLogThenPanic(0, ("Failed malloc in InitCallBack\n"));
     }
@@ -434,7 +436,7 @@ InitCallBack(int nblks)
     cbstuff.nFEs = nblks;
     while (cbstuff.nFEs)
 	FreeFE(&FE[cbstuff.nFEs]);	/* This is correct */
-    CB = ((struct CallBack *)(calloc(nblks, sizeof(struct CallBack))));
+    CB = calloc(nblks, sizeof(struct CallBack));
     if (!CB) {
 	ViceLogThenPanic(0, ("Failed malloc in InitCallBack\n"));
     }
diff --git a/src/xstat/xstat_cm_test.c b/src/xstat/xstat_cm_test.c
index ce76972..bb1d5ad 100644
--- a/src/xstat/xstat_cm_test.c
+++ b/src/xstat/xstat_cm_test.c
@@ -790,11 +790,15 @@ RunTheTest(struct cmd_syndesc *a_s, void *arock)
     if (debugging_on)
 	printf("%s: Allocating socket array for %d Cache Manager(s)\n", rn,
 	       numCMs);
-    CMSktArray = malloc(numCMs * sizeof(struct sockaddr_in));
-    if (CMSktArray == (struct sockaddr_in *)0) {
-	printf("%s: Can't allocate socket array for %d Cache Managers\n", rn,
-	       numCMs);
-	exit(1);
+    if (numCMs > 0) {
+	CMSktArray = calloc(numCMs, sizeof(struct sockaddr_in));
+	if (CMSktArray == NULL) {
+	    printf("%s: Can't allocate socket array for %d Cache Managers\n",
+		   rn, numCMs);
+	    exit(1);
+	}
+    } else {
+	CMSktArray = NULL;
     }
 
     /*
@@ -824,7 +828,12 @@ RunTheTest(struct cmd_syndesc *a_s, void *arock)
      */
     if (debugging_on)
 	printf("Allocating %d long(s) for coll ID\n", numCollIDs);
-    collIDP = malloc(numCollIDs * sizeof(afs_int32));
+
+    if (numCollIDs > 0)
+	collIDP = calloc(numCollIDs, sizeof(afs_int32));
+    else
+	collIDP = NULL;
+
     currCollIDP = collIDP;
     curr_item = a_s->parms[P_COLL_IDS].items;
     for (currCollIDIdx = 0; currCollIDIdx < numCollIDs; currCollIDIdx++) {
diff --git a/src/xstat/xstat_fs_test.c b/src/xstat/xstat_fs_test.c
index 413d15c..d1e1fa3 100644
--- a/src/xstat/xstat_fs_test.c
+++ b/src/xstat/xstat_fs_test.c
@@ -726,7 +726,12 @@ RunTheTest(struct cmd_syndesc *a_s, void *dummy)
      */
     if (debugging_on)
 	printf("Allocating %d long(s) for coll ID\n", numCollIDs);
-    collIDP = malloc(numCollIDs * sizeof(afs_int32));
+
+    if (numCollIDs > 0)
+	collIDP = calloc(numCollIDs, sizeof(afs_int32));
+    else
+	collIDP = NULL;
+
     currCollIDP = collIDP;
     curr_item = a_s->parms[P_COLL_IDS].items;
     for (currCollIDIdx = 0; currCollIDIdx < numCollIDs; currCollIDIdx++) {
-- 
1.9.4