rpms / libreport

Clone
Source Code
GIT

Blame SOURCES/0268-Shut-Coverity-up.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   a0ef6f9e27cbaa9cf4af0ad842c14f8445519750
  2.   SOURCES
  3.   0268-Shut-Coverity-up.patch
Blob History Raw
28bab8 
From 88c967f40857a0ebac6b2bde0209fbfbcf914d24 Mon Sep 17 00:00:00 2001
28bab8 
From: Ernestas Kulik <ekulik@redhat.com>
28bab8 
Date: Mon, 10 Jun 2019 14:09:44 +0200
28bab8 
Subject: [PATCH] Shut Coverity up
28bab8 
MIME-Version: 1.0
28bab8 
Content-Type: text/plain; charset=UTF-8
28bab8 
Content-Transfer-Encoding: 8bit
28bab8
28bab8 
In problem_report.c:
28bab8 
    alloc_strlen: Allocating insufficient memory for the terminating
28bab8 
null of the string.
28bab8
28bab8 
    That makes absolutely *no* sense in the context of fmemopen().
28bab8
28bab8 
In get_cmdline.c and problem_data.c:
28bab8 
    The functions called sanitize the input, so I think we’re in the
28bab8 
clear.
28bab8
28bab8 
In logging.c:
28bab8 
    The buffer is dynamically reallocated if the error string length
28bab8 
exceeds the initial size.
28bab8
28bab8 
Signed-off-by: Ernestas Kulik <ekulik@redhat.com>
28bab8
28bab8 
cov
28bab8 
---
28bab8 
 src/lib/get_cmdline.c    | 1 +
28bab8 
 src/lib/logging.c        | 1 +
28bab8 
 src/lib/problem_data.c   | 1 +
28bab8 
 src/lib/problem_report.c | 1 +
28bab8 
 4 files changed, 4 insertions(+)
28bab8
28bab8 
diff --git a/src/lib/get_cmdline.c b/src/lib/get_cmdline.c
28bab8 
index 9e83994..3ba6e32 100644
28bab8 
--- a/src/lib/get_cmdline.c
28bab8 
+++ b/src/lib/get_cmdline.c
28bab8 
@@ -111,6 +111,7 @@ static char* get_escaped(const char *path, char separator)
28bab8 
             while (1)
28bab8 
             {
28bab8 
                 /* escape till next NUL char */
28bab8 
+                /* coverity[tainted_data] */
28bab8 
                 char *d = append_escaped(dst, src);
28bab8 
                 total_esc_len += (d - dst);
28bab8 
                 dst = d;
28bab8 
diff --git a/src/lib/logging.c b/src/lib/logging.c
28bab8 
index 4b9dd87..be1a2e1 100644
28bab8 
--- a/src/lib/logging.c
28bab8 
+++ b/src/lib/logging.c
28bab8 
@@ -116,6 +116,7 @@ static void log_handler(int level,
28bab8 
             msg[used++] = ':';
28bab8 
             msg[used++] = ' ';
28bab8 
         }
28bab8 
+        /* coverity[fixed_size_dest] */
28bab8 
         strcpy(&msg[used], strerr);
28bab8 
         used += strerr_len;
28bab8 
     }
28bab8 
diff --git a/src/lib/problem_data.c b/src/lib/problem_data.c
28bab8 
index fdecc83..c2bbd65 100644
28bab8 
--- a/src/lib/problem_data.c
28bab8 
+++ b/src/lib/problem_data.c
28bab8 
@@ -469,6 +469,7 @@ void problem_data_load_from_dump_dir(problem_data_t *problem_data, struct dump_d
28bab8 
         /* Sanitize possibly corrupted utf8.
28bab8 
          * Of control chars, allow only tab and newline.
28bab8 
          */
28bab8 
+        /* coverity[tainted_data] */
28bab8 
         char *sanitized = sanitize_utf8(content,
28bab8 
                 (SANITIZE_ALL & ~SANITIZE_LF & ~SANITIZE_TAB)
28bab8 
         );
28bab8 
diff --git a/src/lib/problem_report.c b/src/lib/problem_report.c
28bab8 
index 2bf5530..dff4945 100644
28bab8 
--- a/src/lib/problem_report.c
28bab8 
+++ b/src/lib/problem_report.c
28bab8 
@@ -1124,6 +1124,7 @@ problem_formatter_load_string(problem_formatter_t *self, const char *fmt)
28bab8 
     const size_t len = strlen(fmt);
28bab8 
     if (len != 0)
28bab8 
     {
28bab8 
+        /* coverity[alloc_strlen] */
28bab8 
         FILE *fp = fmemopen((void *)fmt, len, "r");
28bab8 
         if (fp == NULL)
28bab8 
         {
28bab8 
--
28bab8 
2.21.0
28bab8

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation