alpine 3.9
obsolete weakness #544

1

Weakness Breakdown


Definition:

An obsolete weakness occurs when someone uses deprecated or obsolete functions when building a system. As a programming language evolves, some functions occasionally become obsolete.

Warning code(s):

This C routine is considered obsolete.

File Name:

cdparanoia/src/cdparanoia-III-10.2/interface/scan_devices.c

Context:

The highlighted line of code below is the trigger point of this particular Alpine 3.9 obsolete weakness.

     goto matchfail;
  }

  /* go through most likely /dev nodes for a match */
  for(i=0;i<25;i++){
    for(j=0;j<2;j++){
      int pattern=0;
      int matchf, k;
      
      while(prefixes[pattern]!=NULL){
	switch(j){
	case 0:
	  /* number */
	  sprintf(buffer,"%s%d",prefixes[pattern],i);
	  break;
	case 1:
	  /* number */
	  sprintf(buffer,"%s%c",prefixes[pattern],i+'a');
	  break;
	}
	
	matchf=open(buffer,O_RDONLY|O_NONBLOCK);
	for (k = 0; (k<10) && (matchf==-1); k++) {
	  fprintf(stderr, "Error trying to open %s exclusively (%s). retrying in 1 second.\n", buffer, strerror(errno));
	  usleep(1000000 + 100000.0 * rand()/(RAND_MAX+1.0));
	  matchf=open(buffer,O_RDONLY|O_NONBLOCK);
	}

	if(matchf!=-1){
	  if(get_scsi_id(matchf,&b)==0){
	    if(a.bus==b.bus && a.id==b.id && a.lun==b.lun){
	      close(matchf);
	      close(dev);
	      return(strdup(buffer));
	    }
	  }
	  close(matchf);
	}
	pattern++;
      }
    }
  } 

  idmessage(messagedest,messages,prompt,device);

matchfail:

  if(dev!=-1)close(dev);
  return(NULL);
} 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.