From 6f7d3cce3206bd760267691c10893bfc0d29707f Mon Sep 17 00:00:00 2001
From: Shreenidhi Shedi <sshedi@vmware.com>
Date: Thu, 3 Dec 2020 20:53:22 +0530
Subject: [PATCH] Further fixes based on coverty scan report

Signed-off-by: Shreenidhi Shedi <sshedi@vmware.com>
---
 client/repo.c      | 7 ++++++-
 client/repoutils.c | 9 ++++++++-
 solv/includes.h    | 2 ++
 solv/tdnfrepo.c    | 4 ++++
 tools/cli/main.c   | 2 +-
 5 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/client/repo.c b/client/repo.c
index 17817e6..a850207 100644
--- a/client/repo.c
+++ b/client/repo.c
@@ -197,12 +197,12 @@ TDNFInitCmdLineRepo(
     BAIL_ON_TDNF_ERROR(dwError);
 
     pRepo = repo_create(pPool, "@cmdline");
-
     if (!pRepo)
     {
         dwError = ERROR_TDNF_INVALID_PARAMETER;
         BAIL_ON_TDNF_ERROR(dwError);
     }
+
     pSolvRepoInfo->pRepo = pRepo;
     pRepo->appdata = pSolvRepoInfo;
 
@@ -214,6 +214,11 @@ cleanup:
     TDNF_SAFE_FREE_MEMORY(pSolvRepoInfo);
     return dwError;
 error:
+    /*
+     * coverty scan throws below warning
+     * Execution cannot reach this statement: "repo_free(pRepo, 1);"
+     * Ignoring this because it's good to have this condition check
+     */
     if(pRepo)
     {
         repo_free(pRepo, 1);
diff --git a/client/repoutils.c b/client/repoutils.c
index 08cf0d1..e8fe0fb 100644
--- a/client/repoutils.c
+++ b/client/repoutils.c
@@ -458,7 +458,14 @@ cleanup:
     }
     if (!IsNullOrEmptyString(pszRpmCacheDir))
     {
-        rmdir(pszRpmCacheDir);
+        if (rmdir(pszRpmCacheDir))
+        {
+            /*
+             * Not using BAIL_ON_TDNF_SYSTEM_ERROR here to prevent infinite loop
+             * Also it makes easy to read the code
+             */
+            dwError = ERROR_TDNF_SYSTEM_BASE + errno;
+        }
     }
     TDNF_SAFE_FREE_MEMORY(pszFilePath);
     TDNF_SAFE_FREE_MEMORY(pszRpmCacheDir);
diff --git a/solv/includes.h b/solv/includes.h
index ea7f010..94e080b 100644
--- a/solv/includes.h
+++ b/solv/includes.h
@@ -9,6 +9,8 @@
 #include <sys/stat.h>
 #include <unistd.h>
 #include <stdbool.h>
+#include <sys/types.h>
+#include <sys/stat.h>
 
 // libsolv
 #include <solv/evr.h>
diff --git a/solv/tdnfrepo.c b/solv/tdnfrepo.c
index ddce4cc..9ff7935 100644
--- a/solv/tdnfrepo.c
+++ b/solv/tdnfrepo.c
@@ -508,6 +508,7 @@ SolvCreateMetaDataCache(
     char *pszSolvCacheDir = NULL;
     char *pszTempSolvFile = NULL;
     char *pszCacheFilePath = NULL;
+    mode_t mask = 0;
 
     if (!pSack || !pSolvRepoInfo|| !pSolvRepoInfo->nCookieSet)
     {
@@ -539,7 +540,10 @@ SolvCreateMetaDataCache(
         }
         BAIL_ON_TDNF_LIBSOLV_ERROR(dwError);
     }
+
     pszTempSolvFile = solv_dupjoin(pszSolvCacheDir, "/", ".newsolv-XXXXXX");
+    mask = umask(S_IRUSR | S_IWUSR | S_IRWXG);
+    umask(mask);
     fd = mkstemp(pszTempSolvFile);
     if (fd < 0)
     {
diff --git a/tools/cli/main.c b/tools/cli/main.c
index fdef708..7e7c869 100644
--- a/tools/cli/main.c
+++ b/tools/cli/main.c
@@ -222,7 +222,7 @@ static bool IsTdnfAlreadyRunning(void)
 {
     bool ret = false;
 
-    glockfd = open(TDNF_INSTANCE_LOCK_FILE, O_CREAT);
+    glockfd = open(TDNF_INSTANCE_LOCK_FILE, O_CREAT | O_RDONLY);
     if (glockfd < 0)
     {
         fprintf(stderr, "ERROR: failed to create instance lock file\n");