[master] Merged trac5004 (commandReader & other Coverity reports)

src/lib/config/command_mgr.cc

@@ -1,4 +1,4 @@
-// Copyright (C) 2015 Internet Systems Consortium, Inc. ("ISC")
+// Copyright (C) 2015-2016 Internet Systems Consortium, Inc. ("ISC")
 //
 // This Source Code Form is subject to the terms of the Mozilla Public
 // License, v. 2.0. If a copy of the MPL was not distributed with this
@@ -151,7 +151,8 @@ CommandMgr::commandReader(int sockfd) {
     try {
 
         // Try to interpret it as JSON.
-        cmd = Element::fromJSON(std::string(buf), true);
+        std::string sbuf(buf, static_cast<size_t>(rval));
+        cmd = Element::fromJSON(sbuf, true);
 
         // If successful, then process it as a command.
         rsp = CommandMgr::instance().processCommand(cmd);

src/lib/eval/tests/token_unittest.cc

@@ -293,10 +293,11 @@ public:
         // Now let's add specified number of data tuples
         OpaqueDataTuple::LengthFieldType len = (u == Option::V4?OpaqueDataTuple::LENGTH_1_BYTE:
                                                 OpaqueDataTuple::LENGTH_2_BYTES);
-        const char * content[] = { "alpha", "beta", "delta", "gamma", "epsilon",
-                                 "zeta", "eta", "theta", "iota", "kappa" };
-        ASSERT_TRUE(tuples_size < sizeof(content));
-        for (int i = 0; i < tuples_size; i++) {
+        const char* content[] = { "alpha", "beta", "delta", "gamma", "epsilon",
+                                  "zeta", "eta", "theta", "iota", "kappa" };
+        const size_t nb_content = sizeof(content) / sizeof(char*);
+        ASSERT_TRUE(tuples_size < nb_content);
+        for (size_t i = 0; i < tuples_size; ++i) {
             OpaqueDataTuple tuple(len);
             tuple.assign(string(content[i]));
             if (u == Option::V4 && i == 0) {

src/lib/util/tests/socketsession_unittest.cc

@@ -532,18 +532,18 @@ ForwardTest::checkPushAndPop(int family, int type, int protocol,
     // reliable.  Instead we impose some reasonably large upper time limit of
     // blocking (normally it shouldn't even block at all; the limit is to
     // force the test to stop even if there's some bug and recv fails).
-    char recvbuf[sizeof(TEST_DATA)];
+    char recvbuf[sizeof(TEST_DATA) + 1] = { };
     sockaddr_storage ss;
     socklen_t sa_len = sizeof(ss);
     if (protocol == IPPROTO_UDP) {
-        EXPECT_EQ(sizeof(recvbuf),
-                  recvfrom(fwd_fd, recvbuf, sizeof(recvbuf),
+        EXPECT_EQ(sizeof(TEST_DATA),
+                  recvfrom(fwd_fd, recvbuf, sizeof(TEST_DATA),
                            setRecvDelay(fwd_fd), convertSockAddr(&ss),
                            &sa_len));
     } else {
         setNonBlock(client_sock.fd, false);
-        EXPECT_EQ(sizeof(recvbuf),
-                  recv(client_sock.fd, recvbuf, sizeof(recvbuf),
+        EXPECT_EQ(sizeof(TEST_DATA),
+                  recv(client_sock.fd, recvbuf, sizeof(TEST_DATA),
                        setRecvDelay(client_sock.fd)));
     }
     EXPECT_EQ(string(TEST_DATA), string(recvbuf));