RDK-60308-[tr69hostif, RFC] RDK Coverity Defect Resolution for Device Management #143
Conversation
Fix multiple code quality issues in RFC xconf handler - Fixed 12 COPY_INSTEAD_OF_MOVE warnings using std::move(): * clearDB(): Move strings in set_RFCProperty calls * rfcStashRetrieveParams(): Move stashAccountId parameter * clearDBEnd(): Move key strings * updateHashInDB(): Move ConfigSetHash parameters * updateTimeInDB(): Move ConfigSetTime parameters * updateHashAndTimeInDB(): Move configSetHashValue and timestampString * GetValidAccountId(): Move value assignment * GetValidPartnerId(): Move value assignment * GetXconfSelect(): Move XconfUrl assignment * processXconfResponseConfigDataPart(): Move data string in push_back * ProcessXconfUrl(): Move FQDN assignment - Fixed DEADCODE warning by adding break statements to curl error code switch - Fixed RESOURCE_LEAK by properly freeing hashvalue and hashtime before freeing hashData - Fixed TOCTOU race condition by removing error check after remove() call
rfcMgr/xconf_handler.h
Outdated
| class XconfHandler { | ||
| public : | ||
| XconfHandler(){ } | ||
| XconfHandler() : _ebuild_type(RDKB_DEV) { } |
| _xconf_server_url = std::string(XconfUrl) + "/featureControl/getSettings"; | ||
| std::stringstream url = CreateXconfHTTPUrl(); | ||
| _xconf_server_url = FQDN; | ||
| _xconf_server_url = std::move(FQDN); |
There was a problem hiding this comment.
why stb:move needed only for few params?
| else | ||
| { | ||
| if (newValue.empty()) | ||
| if (currentValue.empty()) |
|
|
||
| RDK_LOG(RDK_LOG_INFO, LOG_RFCMGR, "[%s][%d] Clearing DB Value: %s\n", __FUNCTION__,__LINE__,ClearDB.c_str()); | ||
| RDK_LOG(RDK_LOG_INFO, LOG_RFCMGR, "[%s][%d] Bootstrap Clearing DB Value: %s\n", __FUNCTION__,__LINE__,BootstrapClearDB.c_str()); | ||
| RDK_LOG(RDK_LOG_INFO, LOG_RFCMGR, "[%s][%d] Clearing DB Value\n", __FUNCTION__,__LINE__); |
Coverity Issue - Using a moved object"reloadCacheKey" is used after it has been already moved. High Impact, CWE-457 Issue locationThis issue was discovered outside the diff for this Pull Request. You can find it at: |
| set_RFCProperty(name, std::move(reloadCacheKey), clearValue); | ||
|
|
||
| RDK_LOG(RDK_LOG_INFO, LOG_RFCMGR, "[%s][%d] Clearing DBEnd Key Value: %s\n", __FUNCTION__,__LINE__,ClearDBEndKey.c_str()); | ||
| RDK_LOG(RDK_LOG_INFO, LOG_RFCMGR, "[%s][%d] Bootstrap Clearing DBEnd Key Value: %s\n", __FUNCTION__,__LINE__,BootstrapClearDBEndKey.c_str()); |
There was a problem hiding this comment.
Coverity issue no longer present as of: undefined
Show issue
Coverity Issue - Using a moved object
"BootstrapClearDBEndKey" is used after it has been already moved.
High Impact, CWE-457
USE_AFTER_MOVE
| set_RFCProperty(name, std::move(BootstrapClearDBEndKey), clearValue); | ||
| set_RFCProperty(name, std::move(reloadCacheKey), clearValue); | ||
|
|
||
| RDK_LOG(RDK_LOG_INFO, LOG_RFCMGR, "[%s][%d] Clearing DBEnd Key Value: %s\n", __FUNCTION__,__LINE__,ClearDBEndKey.c_str()); |
There was a problem hiding this comment.
Coverity issue no longer present as of: undefined
Show issue
Coverity Issue - Using a moved object
"ClearDBEndKey" is used after it has been already moved.
High Impact, CWE-457
USE_AFTER_MOVE
| RDK_LOG(RDK_LOG_INFO, LOG_RFCMGR, "[%s][%d] Bootstrap Clearing DB Value: %s\n", __FUNCTION__,__LINE__,BootstrapClearDB.c_str()); | ||
| RDK_LOG(RDK_LOG_INFO, LOG_RFCMGR, "[%s][%d] Clearing DB Value\n", __FUNCTION__,__LINE__); | ||
| RDK_LOG(RDK_LOG_INFO, LOG_RFCMGR, "[%s][%d] Bootstrap Clearing DB Value\n", __FUNCTION__,__LINE__); | ||
| RDK_LOG(RDK_LOG_INFO, LOG_RFCMGR, "[%s][%d] ConfigChangeTime: %s\n", __FUNCTION__,__LINE__,ConfigChangeTime.c_str()); |
There was a problem hiding this comment.
Coverity issue no longer present as of: undefined
Show issue
Coverity Issue - Using a moved object
"ConfigChangeTime" is used after it has been already moved.
High Impact, CWE-457
USE_AFTER_MOVE
Merge and rebase
rebase and merge
Remove std::move() from string variables that are used in subsequent log statements to fix 4 USE_AFTER_MOVE defects: - ConfigChangeTime at line 1300 - ClearDBEndKey at line 1374 - BootstrapClearDBEndKey at line 1375 - reloadCacheKey at line 1376 These const string literal assignments don't benefit from move semantics and accessing them after move causes undefined behavior.
Remove extra space in XconfHandler constructor to address code review feedback.
| // Attempt to remove the file - if it fails (e.g., already removed), it's not critical | ||
| (void)remove(DIRECT_BLOCK_FILENAME); |
There was a problem hiding this comment.
The TOCTOU fix is correct in removing the race condition between stat() and remove(). However, silently ignoring all remove() failures (via void cast) may hide legitimate errors like permission issues. Consider logging at DEBUG level if remove() fails, checking errno to distinguish between "file not found" (expected race condition) and other errors like EACCES (permission denied).
There was a problem hiding this comment.
@copilot open a new pull request to apply changes based on this feedback
| RDK_LOG(RDK_LOG_INFO, LOG_RFCMGR, "[%s][%d] Clearing DB Value\n", __FUNCTION__,__LINE__); | ||
| RDK_LOG(RDK_LOG_INFO, LOG_RFCMGR, "[%s][%d] Bootstrap Clearing DB Value\n", __FUNCTION__,__LINE__); |
There was a problem hiding this comment.
The logging statements were updated to remove the string values because the variables were moved on lines 1298-1299. However, these log statements are now less informative. Consider either: 1) keeping the original code without std::move() for these variables since the performance gain is minimal for short-lived local variables, or 2) logging the values before the move operations.
There was a problem hiding this comment.
@copilot open a new pull request to apply changes based on this feedback
There was a problem hiding this comment.
@copilot open a new pull request to apply changes based on this feedback
rfcMgr/rfc_xconf_handler.cpp
Outdated
| set_RFCProperty(name, std::move(ConfigChangeTimeKey), std::move(ConfigChangeTime)); | ||
|
|
||
| RDK_LOG(RDK_LOG_INFO, LOG_RFCMGR, "[%s][%d] Clearing DB Value: %s\n", __FUNCTION__,__LINE__,ClearDB.c_str()); | ||
| RDK_LOG(RDK_LOG_INFO, LOG_RFCMGR, "[%s][%d] Bootstrap Clearing DB Value: %s\n", __FUNCTION__,__LINE__,BootstrapClearDB.c_str()); | ||
| RDK_LOG(RDK_LOG_INFO, LOG_RFCMGR, "[%s][%d] Clearing DB Value\n", __FUNCTION__,__LINE__); | ||
| RDK_LOG(RDK_LOG_INFO, LOG_RFCMGR, "[%s][%d] Bootstrap Clearing DB Value\n", __FUNCTION__,__LINE__); | ||
| RDK_LOG(RDK_LOG_INFO, LOG_RFCMGR, "[%s][%d] ConfigChangeTime: %s\n", __FUNCTION__,__LINE__,ConfigChangeTime.c_str()); |
There was a problem hiding this comment.
Use-after-move bug: The variable ConfigChangeTime is moved on line 1300, but then used again in the logging statement on line 1304 via .c_str(). After a string is moved, its contents are in an undefined state and accessing it leads to undefined behavior. Either remove std::move() from this variable or remove the logging statement that uses it.
There was a problem hiding this comment.
@copilot open a new pull request to apply changes based on this feedback
|
@Vismalskumar0 I've opened a new pull request, #153, to work on those changes. Once the pull request is ready, I'll request review from you. |
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
|
@Vismalskumar0 I've opened a new pull request, #154, to work on those changes. Once the pull request is ready, I'll request review from you. |
|
@Vismalskumar0 I've opened a new pull request, #155, to work on those changes. Once the pull request is ready, I'll request review from you. |
|
@Vismalskumar0 I've opened a new pull request, #156, to work on those changes. Once the pull request is ready, I'll request review from you. |
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 2 out of 3 changed files in this pull request and generated 5 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| { | ||
| _xconf_server_url.clear(); | ||
| _xconf_server_url = XconfUrl; | ||
| _xconf_server_url = std::move(XconfUrl); |
There was a problem hiding this comment.
Using std::move on a local variable (XconfUrl) to assign to a member variable (_xconf_server_url) prevents copy elision and doesn't provide any benefit here since the local variable is going out of scope anyway. Consider removing std::move and letting the compiler optimize the assignment.
| _xconf_server_url = std::move(XconfUrl); | |
| _xconf_server_url = XconfUrl; |
| @@ -1,3 +1,4 @@ | |||
|
|
|||
There was a problem hiding this comment.
An unnecessary blank line was added at the beginning of the file. This appears to be unintentional and should be removed to maintain code consistency.
| std::string name = "rfc"; | ||
|
|
||
| WDMP_STATUS status = set_RFCProperty(name, RFC_ACCOUNT_ID_KEY_STR, stashAccountId); | ||
| WDMP_STATUS status = set_RFCProperty(name, RFC_ACCOUNT_ID_KEY_STR, std::move(stashAccountId)); |
There was a problem hiding this comment.
After moving stashAccountId into the set_RFCProperty function at line 1345, the variable is in a valid but unspecified state. The assignment at line 1356 (_accountId = stashAccountId) will assign this unspecified value to _accountId, which is incorrect. The std::move should be removed from line 1345, or the assignment at line 1356 should use the value before it was moved.
| WDMP_STATUS status = set_RFCProperty(name, RFC_ACCOUNT_ID_KEY_STR, std::move(stashAccountId)); | |
| WDMP_STATUS status = set_RFCProperty(name, RFC_ACCOUNT_ID_KEY_STR, stashAccountId); |
| else | ||
| { | ||
| _valid_accountId = value; | ||
| _valid_accountId = std::move(value); |
There was a problem hiding this comment.
Using std::move on a local variable (value) to assign to a member variable (_valid_accountId) prevents copy elision and doesn't provide any benefit here since the local variable is going out of scope anyway. Additionally, if value is moved and later accessed in the logging or comparisons that follow, it would be in an undefined state. In this case, the move appears safe since value is not used after the assignment, but it's unnecessary and could be confusing. Consider removing std::move and letting the compiler optimize the assignment.
| _valid_accountId = std::move(value); | |
| _valid_accountId = value; |
| else | ||
| { | ||
| _valid_partnerId = value; | ||
| _valid_partnerId = std::move(value); |
There was a problem hiding this comment.
Using std::move on a local variable (value) to assign to a member variable (_valid_partnerId) prevents copy elision and doesn't provide any benefit here since the local variable is going out of scope anyway. Additionally, if value is moved and later accessed in logging or comparisons that follow, it would be in an undefined state. In this case, the move appears safe since value is not used after the assignment, but it's unnecessary and could be confusing. Consider removing std::move and letting the compiler optimize the assignment.
| _valid_partnerId = std::move(value); | |
| _valid_partnerId = value; |
Coverity Issue - Using a moved object"configSetHash" is used after it has been already moved. High Impact, CWE-457 Issue locationThis issue was discovered outside the diff for this Pull Request. You can find it at: |
RDK-60308-[tr69hostif, RFC] RDK Coverity Defect Resolution for Device Management
These changes improve code performance through move semantics, eliminate potential
memory leaks, and fix race conditions and uninitialized variable issues.