From d38e4a1b581636476a263b5ee7443deb1161d079 Mon Sep 17 00:00:00 2001
From: Shuduo Sang <sangshuduo@gmail.com>
Date: Tue, 6 Apr 2021 16:47:13 +0800
Subject: [PATCH] Hotfix/sangshuduo/td 3197 fix taosdemo coverity scan (#5691)

* [TD-3197] <fix>: fix taosdemo coverity scan issues.

* [TD-3197] <fix>: fix taosdemo coverity scan issue.

fix subscribeTest pids uninitialized.

* [TD-3197] <fix>: fix taosdemo coverity scan issues.

* [TD-3197] <fix>: fix coverity scan issues.

check super tbl info pointer.

* [TD-3197] <fix>: fix coverity scan issues.

move sub tbl query thread join into loop

* [TD-3197] <fix>: fix coverity scan issues.

remove unused variable

* [TD-3197] <fix>: fix coverity scan issues.

use more secure random library

* [TD-3197] <fix>: fix coverity scan issues.

use strncpy for more safe

* [TD-3197] <fix>: fix taosdemo coverity scan issue.

replace arc4random with rand().

* [TD-3197] <fix>: fix coverity scan issues.

check stb info pointer for start time

* [TD-3197] <fix>: fix coverity scan issues.

fix strcpy vulnerability

* [TD-3197] <fix>: fix taosdemo coverity scan issue.

modify taosdemoTest2. try to check database continously.

* [TD-3197] <fix>: taosdemo coverity scan issues.

* [TD-3197] <fix>: fix memory leak when parsing arguments.

* [TD-3197] <fix>: fix cmake strip arguments.

* [TD-3197] <fix>: taosdemo coverity scan.

fix cmake string manipulation.

Co-authored-by: Shuduo Sang <sdsang@taosdata.com>
---
 src/kit/taosdemo/CMakeLists.txt | 13 ++++++-------
 src/kit/taosdemo/taosdemo.c     |  2 ++
 src/kit/taosdump/taosdump.c     | 18 +++++++++++-------
 3 files changed, 19 insertions(+), 14 deletions(-)

diff --git a/src/kit/taosdemo/CMakeLists.txt b/src/kit/taosdemo/CMakeLists.txt
index ba27044a87..4e38a8842e 100644
--- a/src/kit/taosdemo/CMakeLists.txt
+++ b/src/kit/taosdemo/CMakeLists.txt
@@ -9,19 +9,18 @@ IF (GIT_FOUND)
     EXECUTE_PROCESS(
         COMMAND ${GIT_EXECUTABLE} log --pretty=oneline -n 1 ${CMAKE_CURRENT_LIST_DIR}/taosdemo.c
         RESULT_VARIABLE RESULT
-        OUTPUT_VARIABLE TAOSDEMO_COMMIT)
-    EXECUTE_PROCESS(
-        COMMAND bash "-c" "echo '${TAOSDEMO_COMMIT}' | awk '{print $1}' | cut -c -9"
-        RESULT_VARIABLE RESULT
         OUTPUT_VARIABLE TAOSDEMO_COMMIT_SHA1)
+    STRING(SUBSTRING "${TAOSDEMO_COMMIT_SHA1}" 0 7 TAOSDEMO_COMMIT_SHA1)
     EXECUTE_PROCESS(
         COMMAND ${GIT_EXECUTABLE} status -z -s ${CMAKE_CURRENT_LIST_DIR}/taosdemo.c
         RESULT_VARIABLE RESULT
         OUTPUT_VARIABLE TAOSDEMO_STATUS)
-    EXECUTE_PROCESS(
+    IF (TD_LINUX)
+      EXECUTE_PROCESS(
         COMMAND bash "-c" "echo '${TAOSDEMO_STATUS}' | awk '{print $1}'"
         RESULT_VARIABLE RESULT
         OUTPUT_VARIABLE TAOSDEMO_STATUS)
+    ENDIF (TD_LINUX)
     MESSAGE("taosdemo.c status: " ${TAOSDEMO_STATUS})
 ELSE()
     MESSAGE("Git not found")
@@ -29,9 +28,9 @@ ELSE()
     SET(TAOSDEMO_STATUS "unknown")
 ENDIF (GIT_FOUND)
 
-STRING(STRIP ${TAOSDEMO_COMMIT_SHA1} TAOSDEMO_COMMIT_SHA1)
+STRING(STRIP "${TAOSDEMO_COMMIT_SHA1}" TAOSDEMO_COMMIT_SHA1)
 MESSAGE("taosdemo's latest commit in short is:" ${TAOSDEMO_COMMIT_SHA1})
-STRING(STRIP ${TAOSDEMO_STATUS} TAOSDEMO_STATUS)
+STRING(STRIP "${TAOSDEMO_STATUS}" TAOSDEMO_STATUS)
 
 IF (TAOSDEMO_STATUS MATCHES "M")
     SET(TAOSDEMO_STATUS "modified")
diff --git a/src/kit/taosdemo/taosdemo.c b/src/kit/taosdemo/taosdemo.c
index 87a08dee49..edd7b86b1b 100644
--- a/src/kit/taosdemo/taosdemo.c
+++ b/src/kit/taosdemo/taosdemo.c
@@ -769,6 +769,7 @@ static void parse_args(int argc, char *argv[], SArguments *arguments) {
                   && strcasecmp(token, "BINARY")
                   && strcasecmp(token, "NCHAR")) {
             printHelp();
+            free(dupstr);
             ERROR_EXIT("Invalid data_type!\n");
             exit(EXIT_FAILURE);
           }
@@ -776,6 +777,7 @@ static void parse_args(int argc, char *argv[], SArguments *arguments) {
           token = strsep(&running, ",");
           if (index >= MAX_NUM_DATATYPE) break;
         }
+        free(dupstr);
         sptr[index] = NULL;
       }
     } else if (strcmp(argv[i], "-w") == 0) {
diff --git a/src/kit/taosdump/taosdump.c b/src/kit/taosdump/taosdump.c
index 9f176904fe..fd6ee9f2fc 100644
--- a/src/kit/taosdump/taosdump.c
+++ b/src/kit/taosdump/taosdump.c
@@ -483,25 +483,29 @@ static int queryDbImpl(TAOS *taos, char *command) {
 static void parse_args(int argc, char *argv[], SArguments *arguments) {
   for (int i = 1; i < argc; i++) {
     if (strcmp(argv[i], "-E") == 0) {
-      if (argv[i+1]) {
-        char *tmp = argv[++i];
+      char *tmp = strdup(argv[++i]);
+
+      if (tmp) {
         int64_t tmpEpoch;
         if (strchr(tmp, ':') && strchr(tmp, '-')) {
           if (TSDB_CODE_SUCCESS != taosParseTime(
-                    tmp, &tmpEpoch, strlen(tmp), TSDB_TIME_PRECISION_MILLI, 0)) {
+                      tmp, &tmpEpoch, strlen(tmp), TSDB_TIME_PRECISION_MILLI, 0)) {
             fprintf(stderr, "Input end time error!\n");
+            free(tmp);
             return;
           }
         } else {
           tmpEpoch = atoll(tmp);
         }
-
+  
         sprintf(argv[i], "%"PRId64"", tmpEpoch);
         debugPrint("%s() LN%d, tmp is: %s, argv[%d]: %s\n",
-             __func__, __LINE__, tmp, i, argv[i]);
+               __func__, __LINE__, tmp, i, argv[i]);
+
+        free(tmp);
       } else {
-        fprintf(stderr, "Input end time error!\n");
-        return;
+        errorPrint("%s() LN%d, strdup() cannot allocate memory\n", __func__, __LINE__);
+        exit(-1);
       }
     } else if (strcmp(argv[i], "-g") == 0) {
       arguments->debug_print = true;
-- 
GitLab