Fix codeql errors (project-chip#34248)

jlatusek · web-flow · commit 4c6a6120c2b8 · 2024-07-12T04:37:20.000Z
* Fix error with not checking results of snprintf

* Fix codeql errors
diff --git a/examples/common/tracing/decoder/logging/ToCertificateString.cpp b/examples/common/tracing/decoder/logging/ToCertificateString.cpp
@@ -35,7 +35,7 @@ const char * ToCertificate(const chip::ByteSpan & source, chip::MutableCharSpan
 {
     // Reset the buffer
     memset(destination.data(), '\0', destination.size());
-
+    int snprintf_len = 0;
     if (source.size() == 0)
     {
         return destination.data();
@@ -70,7 +70,8 @@ const char * ToCertificate(const chip::ByteSpan & source, chip::MutableCharSpan
             ChipLogError(DataManagement, "Certificate size is greater than 400 bytes");
         }
 
-        snprintf(destination.data(), destination.size(), "%s", str.Get());
+        snprintf_len = snprintf(destination.data(), destination.size(), "%s", str.Get());
+        VerifyOrExit(snprintf_len >= 0, ChipLogError(DataManagement, "Failed to write certificate"););
     }
     else
     {
@@ -83,15 +84,23 @@ const char * ToCertificate(const chip::ByteSpan & source, chip::MutableCharSpan
         size_t inIndex  = 0;
         size_t outIndex = strlen(header) + 1;
 
-        snprintf(destination.data(), destination.size(), "%s\n", header);
+        snprintf_len = snprintf(destination.data(), destination.size(), "%s\n", header);
+        VerifyOrExit(snprintf_len >= 0, ChipLogError(DataManagement, "Failed to write header"););
         for (; inIndex < base64DataLen; inIndex += 64)
         {
-            auto charsPrinted = snprintf(&destination.data()[outIndex], destination.size() - outIndex, "%.64s\n", &str[inIndex]);
-            outIndex += static_cast<size_t>(charsPrinted);
+            snprintf_len = snprintf(&destination.data()[outIndex], destination.size() - outIndex, "%.64s\n", &str[inIndex]);
+            VerifyOrExit(snprintf_len >= 0, ChipLogError(DataManagement, "Failed to write certificate"););
+
+            outIndex += static_cast<size_t>(snprintf_len);
         }
-        snprintf(&destination.data()[outIndex], destination.size() - outIndex, "%s", footer);
+        snprintf_len = snprintf(&destination.data()[outIndex], destination.size() - outIndex, "%s", footer);
+        VerifyOrExit(snprintf_len >= 0, ChipLogError(DataManagement, "Failed to write footer"););
+    }
+exit:
+    if (snprintf_len < 0)
+    {
+        memset(destination.data(), '\0', destination.size());
     }
-
     return destination.data();
 }
 
diff --git a/src/app/WriteClient.h b/src/app/WriteClient.h
@@ -178,7 +178,7 @@ class WriteClient : public Messaging::ExchangeDelegate
         ReturnErrorOnFailure(EncodeSingleAttributeDataIB(path, DataModel::List<uint8_t>()));
 
         path.mListOp = ConcreteDataAttributePath::ListOperation::AppendItem;
-        for (ListIndex i = 0; i < value.size(); i++)
+        for (size_t i = 0; i < value.size(); i++)
         {
             ReturnErrorOnFailure(EncodeSingleAttributeDataIB(path, value.data()[i]));
         }
diff --git a/src/app/tests/TestBufferedReadCallback.cpp b/src/app/tests/TestBufferedReadCallback.cpp
@@ -235,11 +235,11 @@ void DataSeriesValidator::OnAttributeData(const ConcreteDataAttributePath & aPat
 
         auto iter = value.begin();
 
-        uint8_t index = 0;
+        uint32_t index = 0;
         while (iter.Next() && index < expectedListLength)
         {
             auto & iterValue = iter.GetValue();
-            EXPECT_EQ(iterValue, (index));
+            EXPECT_EQ(iterValue, (index % 256));
             index++;
         }
 
diff --git a/src/lib/shell/commands/Config.cpp b/src/lib/shell/commands/Config.cpp
@@ -142,7 +142,7 @@ static CHIP_ERROR ConfigSetSetupDiscriminator(char * argv)
     }
     else
     {
-        streamer_printf(sout, "Setup discriminator setting failed with code: %d\r\n", error);
+        streamer_printf(sout, "Setup discriminator setting failed with code: %d\r\n", error.AsInteger());
     }
 
     return error;
diff --git a/src/lib/shell/commands/Dns.cpp b/src/lib/shell/commands/Dns.cpp
@@ -122,18 +122,18 @@ class DnsShellResolverDelegate : public Dnssd::DiscoverNodeDelegate, public Addr
         auto retryInterval = nodeData.GetMrpRetryIntervalIdle();
 
         if (retryInterval.has_value())
-            streamer_printf(streamer_get(), "   MRP retry interval (idle): %" PRIu32 "ms\r\n", *retryInterval);
+            streamer_printf(streamer_get(), "   MRP retry interval (idle): %" PRIu32 "ms\r\n", retryInterval->count());
 
         retryInterval = nodeData.GetMrpRetryIntervalActive();
 
         if (retryInterval.has_value())
-            streamer_printf(streamer_get(), "   MRP retry interval (active): %" PRIu32 "ms\r\n", *retryInterval);
+            streamer_printf(streamer_get(), "   MRP retry interval (active): %" PRIu32 "ms\r\n", retryInterval->count());
 
         auto activeThreshold = nodeData.GetMrpRetryActiveThreshold();
 
         if (activeThreshold.has_value())
         {
-            streamer_printf(streamer_get(), "   MRP retry active threshold time: %" PRIu32 "ms\r\n", *activeThreshold);
+            streamer_printf(streamer_get(), "   MRP retry active threshold time: %" PRIu32 "ms\r\n", activeThreshold->count());
         }
 
         streamer_printf(streamer_get(), "   Supports TCP Client: %s\r\n", nodeData.supportsTcpClient ? "yes" : "no");

Original file line number	Diff line number	Diff line change
`@@ -35,7 +35,7 @@ const char * ToCertificate(const chip::ByteSpan & source, chip::MutableCharSpan`
`35`	`35`	`{`
`36`	`36`	`// Reset the buffer`
`37`	`37`	`memset(destination.data(), '\0', destination.size());`
`38`		`-`
	`38`	`+ int snprintf_len = 0;`
`39`	`39`	`if (source.size() == 0)`
`40`	`40`	`{`
`41`	`41`	`return destination.data();`
`@@ -70,7 +70,8 @@ const char * ToCertificate(const chip::ByteSpan & source, chip::MutableCharSpan`
`70`	`70`	`ChipLogError(DataManagement, "Certificate size is greater than 400 bytes");`
`71`	`71`	`}`
`72`	`72`
`73`		`- snprintf(destination.data(), destination.size(), "%s", str.Get());`
	`73`	`+ snprintf_len = snprintf(destination.data(), destination.size(), "%s", str.Get());`
	`74`	`+ VerifyOrExit(snprintf_len >= 0, ChipLogError(DataManagement, "Failed to write certificate"););`
`74`	`75`	`}`
`75`	`76`	`else`
`76`	`77`	`{`
`@@ -83,15 +84,23 @@ const char * ToCertificate(const chip::ByteSpan & source, chip::MutableCharSpan`
`83`	`84`	`size_t inIndex = 0;`
`84`	`85`	`size_t outIndex = strlen(header) + 1;`
`85`	`86`
`86`		`- snprintf(destination.data(), destination.size(), "%s\n", header);`
	`87`	`+ snprintf_len = snprintf(destination.data(), destination.size(), "%s\n", header);`
	`88`	`+ VerifyOrExit(snprintf_len >= 0, ChipLogError(DataManagement, "Failed to write header"););`
`87`	`89`	`for (; inIndex < base64DataLen; inIndex += 64)`
`88`	`90`	`{`
`89`		`- auto charsPrinted = snprintf(&destination.data()[outIndex], destination.size() - outIndex, "%.64s\n", &str[inIndex]);`
`90`		`- outIndex += static_cast<size_t>(charsPrinted);`
	`91`	`+ snprintf_len = snprintf(&destination.data()[outIndex], destination.size() - outIndex, "%.64s\n", &str[inIndex]);`
	`92`	`+ VerifyOrExit(snprintf_len >= 0, ChipLogError(DataManagement, "Failed to write certificate"););`
	`93`	`+`
	`94`	`+ outIndex += static_cast<size_t>(snprintf_len);`
`91`	`95`	`}`
`92`		`- snprintf(&destination.data()[outIndex], destination.size() - outIndex, "%s", footer);`
	`96`	`+ snprintf_len = snprintf(&destination.data()[outIndex], destination.size() - outIndex, "%s", footer);`
	`97`	`+ VerifyOrExit(snprintf_len >= 0, ChipLogError(DataManagement, "Failed to write footer"););`
	`98`	`+ }`
	`99`	`+exit:`
	`100`	`+ if (snprintf_len < 0)`
	`101`	`+ {`
	`102`	`+ memset(destination.data(), '\0', destination.size());`
`93`	`103`	`}`
`94`		`-`
`95`	`104`	`return destination.data();`
`96`	`105`	`}`
`97`	`106`
Original file line number	Diff line number	Diff line change
`@@ -178,7 +178,7 @@ class WriteClient : public Messaging::ExchangeDelegate`
`178`	`178`	`ReturnErrorOnFailure(EncodeSingleAttributeDataIB(path, DataModel::List<uint8_t>()));`
`179`	`179`
`180`	`180`	`path.mListOp = ConcreteDataAttributePath::ListOperation::AppendItem;`
`181`		`- for (ListIndex i = 0; i < value.size(); i++)`
	`181`	`+ for (size_t i = 0; i < value.size(); i++)`
`182`	`182`	`{`
`183`	`183`	`ReturnErrorOnFailure(EncodeSingleAttributeDataIB(path, value.data()[i]));`
`184`	`184`	`}`
Original file line number	Diff line number	Diff line change
`@@ -235,11 +235,11 @@ void DataSeriesValidator::OnAttributeData(const ConcreteDataAttributePath & aPat`
`235`	`235`
`236`	`236`	`auto iter = value.begin();`
`237`	`237`
`238`		`- uint8_t index = 0;`
	`238`	`+ uint32_t index = 0;`
`239`	`239`	`while (iter.Next() && index < expectedListLength)`
`240`	`240`	`{`
`241`	`241`	`auto & iterValue = iter.GetValue();`
`242`		`- EXPECT_EQ(iterValue, (index));`
	`242`	`+ EXPECT_EQ(iterValue, (index % 256));`
`243`	`243`	`index++;`
`244`	`244`	`}`
`245`	`245`
Original file line number	Diff line number	Diff line change
`@@ -142,7 +142,7 @@ static CHIP_ERROR ConfigSetSetupDiscriminator(char * argv)`
`142`	`142`	`}`
`143`	`143`	`else`
`144`	`144`	`{`
`145`		`- streamer_printf(sout, "Setup discriminator setting failed with code: %d\r\n", error);`
	`145`	`+ streamer_printf(sout, "Setup discriminator setting failed with code: %d\r\n", error.AsInteger());`
`146`	`146`	`}`
`147`	`147`
`148`	`148`	`return error;`