alpine 3.9
obsolete weakness #548

1

Weakness Breakdown


Definition:

An obsolete weakness occurs when someone uses deprecated or obsolete functions when building a system. As a programming language evolves, some functions occasionally become obsolete.

Warning code(s):

This C routine is considered obsolete.

File Name:

cdparanoia/src/cdparanoia-III-10.2/interface/scan_devices.c

Context:

The highlighted line of code below is the trigger point of this particular Alpine 3.9 obsolete weakness.

 
/* slightly wasteful, but a clean abstraction */
static char *scsi_match(const char *device,char **prefixes,
			char *devfs_test,
			char *devfs_other,
			char *prompt,int messagedest,char **messages){
  int dev=open(device,O_RDONLY|O_NONBLOCK);
  scsiid a,b;

  int i,j;
  char buffer[200];

  /* if we're running under /devfs, build the device name from the
     device we already have */
  if(!strncmp(device,devfs_test,strlen(devfs_test))){
    char *pos;
    strcpy(buffer,device);
    pos=strrchr(buffer,'/');
    if(pos){
      int matchf;
      sprintf(pos,"/%s",devfs_other);
      matchf=open(buffer,O_RDONLY|O_NONBLOCK);
      for (i = 0; (i<10) && (matchf==-1); i++) {
        fprintf(stderr, "Error trying to open %s exclusively (%s). retrying in 1 seconds.\n", buffer, strerror(errno));
        usleep(1000000 + 100000.0 * rand()/(RAND_MAX+1.0));
        matchf = open(buffer,O_RDONLY|O_NONBLOCK);
      }
      if(matchf!=-1){
	close(matchf);
	close(dev);
	return(strdup(buffer));
      }
    }
  }	

  /* get the host/id/lun */
  if(dev==-1){
    idperror(messagedest,messages,"\t\tCould not access device %s",
	     device);
    
    goto matchfail;
  }
  if(get_scsi_id(dev,&a)){
    idperror(messagedest,messages,"\t\tDevice %s could not perform ioctl()",
	     device);

    goto matchfail;
  }

  /* go through most likely /dev nodes for a match */ 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.