Error: NEGATIVE_RETURNS (CWE-394): [#def33]
bluez-5.75/client/gatt.c:973:2: negative_return_fn: Function "io_get_fd(io)" returns a negative number.
bluez-5.75/client/gatt.c:973:2: negative_returns: "io_get_fd(io)" is passed to a parameter that cannot be negative.
971| msg.msg_iovlen = iovlen;
972|
973|-> ret = sendmsg(io_get_fd(io), &msg, MSG_NOSIGNAL);
974| if (ret < 0) {
975| ret = -errno;
Error: NEGATIVE_RETURNS (CWE-394): [#def34]
bluez-5.75/client/gatt.c:1049:2: negative_return_fn: Function "io_get_fd(io)" returns a negative number.
bluez-5.75/client/gatt.c:1049:2: assign: Assigning: "fd" = "io_get_fd(io)".
bluez-5.75/client/gatt.c:1062:2: negative_returns: "fd" is passed to a parameter that cannot be negative.
1060| msg.msg_iovlen = 1;
1061|
1062|-> bytes_read = recvmsg(fd, &msg, MSG_DONTWAIT);
1063| if (bytes_read < 0) {
1064| bt_shell_printf("recvmsg: %s", strerror(errno));
---
client/gatt.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/client/gatt.c b/client/gatt.c
index 3aaa7a9361b9..6c7603985172 100644
--- a/client/gatt.c
+++ b/client/gatt.c
@@ -966,11 +966,15 @@ static int sock_send(struct io *io, struct iovec *iov, size_t iovlen)
struct msghdr msg;
int ret;
+ ret = io_get_fd(io);
+ if (ret < 0)
+ return ret;
+
memset(&msg, 0, sizeof(msg));
msg.msg_iov = iov;
msg.msg_iovlen = iovlen;
- ret = sendmsg(io_get_fd(io), &msg, MSG_NOSIGNAL);
+ ret = sendmsg(ret, &msg, MSG_NOSIGNAL);
if (ret < 0) {
ret = -errno;
bt_shell_printf("sendmsg: %s", strerror(-ret));
@@ -1052,6 +1056,11 @@ static bool sock_read(struct io *io, void *user_data)
if (io != notify_io.io && !chrc)
return true;
+ if (fd < 0) {
+ bt_shell_printf("recvmsg: %s", strerror(-fd));
+ return false;
+ }
+
iov.iov_base = buf;
iov.iov_len = sizeof(buf);
--
2.44.0