rpms / libreport

Clone
Source Code
GIT

Blame SOURCES/0268-Shut-Coverity-up.patch

c4 c5 c6 c7-beta c8 c8-beta
  1.   4b6aa89f77b9acb1808f8da8b0d41e1380ee0c6f
  2.   SOURCES
  3.   0268-Shut-Coverity-up.patch
Blob History Raw
4b6aa8 
From 88c967f40857a0ebac6b2bde0209fbfbcf914d24 Mon Sep 17 00:00:00 2001
4b6aa8 
From: Ernestas Kulik <ekulik@redhat.com>
4b6aa8 
Date: Mon, 10 Jun 2019 14:09:44 +0200
4b6aa8 
Subject: [PATCH] Shut Coverity up
4b6aa8 
MIME-Version: 1.0
4b6aa8 
Content-Type: text/plain; charset=UTF-8
4b6aa8 
Content-Transfer-Encoding: 8bit
4b6aa8
4b6aa8 
In problem_report.c:
4b6aa8 
    alloc_strlen: Allocating insufficient memory for the terminating
4b6aa8 
null of the string.
4b6aa8
4b6aa8 
    That makes absolutely *no* sense in the context of fmemopen().
4b6aa8
4b6aa8 
In get_cmdline.c and problem_data.c:
4b6aa8 
    The functions called sanitize the input, so I think we’re in the
4b6aa8 
clear.
4b6aa8
4b6aa8 
In logging.c:
4b6aa8 
    The buffer is dynamically reallocated if the error string length
4b6aa8 
exceeds the initial size.
4b6aa8
4b6aa8 
Signed-off-by: Ernestas Kulik <ekulik@redhat.com>
4b6aa8
4b6aa8 
cov
4b6aa8 
---
4b6aa8 
 src/lib/get_cmdline.c    | 1 +
4b6aa8 
 src/lib/logging.c        | 1 +
4b6aa8 
 src/lib/problem_data.c   | 1 +
4b6aa8 
 src/lib/problem_report.c | 1 +
4b6aa8 
 4 files changed, 4 insertions(+)
4b6aa8
4b6aa8 
diff --git a/src/lib/get_cmdline.c b/src/lib/get_cmdline.c
4b6aa8 
index 9e83994..3ba6e32 100644
4b6aa8 
--- a/src/lib/get_cmdline.c
4b6aa8 
+++ b/src/lib/get_cmdline.c
4b6aa8 
@@ -111,6 +111,7 @@ static char* get_escaped(const char *path, char separator)
4b6aa8 
             while (1)
4b6aa8 
             {
4b6aa8 
                 /* escape till next NUL char */
4b6aa8 
+                /* coverity[tainted_data] */
4b6aa8 
                 char *d = append_escaped(dst, src);
4b6aa8 
                 total_esc_len += (d - dst);
4b6aa8 
                 dst = d;
4b6aa8 
diff --git a/src/lib/logging.c b/src/lib/logging.c
4b6aa8 
index 4b9dd87..be1a2e1 100644
4b6aa8 
--- a/src/lib/logging.c
4b6aa8 
+++ b/src/lib/logging.c
4b6aa8 
@@ -116,6 +116,7 @@ static void log_handler(int level,
4b6aa8 
             msg[used++] = ':';
4b6aa8 
             msg[used++] = ' ';
4b6aa8 
         }
4b6aa8 
+        /* coverity[fixed_size_dest] */
4b6aa8 
         strcpy(&msg[used], strerr);
4b6aa8 
         used += strerr_len;
4b6aa8 
     }
4b6aa8 
diff --git a/src/lib/problem_data.c b/src/lib/problem_data.c
4b6aa8 
index fdecc83..c2bbd65 100644
4b6aa8 
--- a/src/lib/problem_data.c
4b6aa8 
+++ b/src/lib/problem_data.c
4b6aa8 
@@ -469,6 +469,7 @@ void problem_data_load_from_dump_dir(problem_data_t *problem_data, struct dump_d
4b6aa8 
         /* Sanitize possibly corrupted utf8.
4b6aa8 
          * Of control chars, allow only tab and newline.
4b6aa8 
          */
4b6aa8 
+        /* coverity[tainted_data] */
4b6aa8 
         char *sanitized = sanitize_utf8(content,
4b6aa8 
                 (SANITIZE_ALL & ~SANITIZE_LF & ~SANITIZE_TAB)
4b6aa8 
         );
4b6aa8 
diff --git a/src/lib/problem_report.c b/src/lib/problem_report.c
4b6aa8 
index 2bf5530..dff4945 100644
4b6aa8 
--- a/src/lib/problem_report.c
4b6aa8 
+++ b/src/lib/problem_report.c
4b6aa8 
@@ -1124,6 +1124,7 @@ problem_formatter_load_string(problem_formatter_t *self, const char *fmt)
4b6aa8 
     const size_t len = strlen(fmt);
4b6aa8 
     if (len != 0)
4b6aa8 
     {
4b6aa8 
+        /* coverity[alloc_strlen] */
4b6aa8 
         FILE *fp = fmemopen((void *)fmt, len, "r");
4b6aa8 
         if (fp == NULL)
4b6aa8 
         {
4b6aa8 
--
4b6aa8 
2.21.0
4b6aa8

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation