Coverity-updates archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
New Defects reported by Coverity Scan for NetBSD-i386-kernel
- To: undisclosed-recipients:;
- Subject: New Defects reported by Coverity Scan for NetBSD-i386-kernel
- From: scan-admin%coverity.com@localhost
- Date: Sun, 11 May 2014 17:48:25 -0700
Hi,
Please find the latest report on new defect(s) introduced to NetBSD-i386-kernel
found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1213745: Out-of-bounds access (OVERRUN)
/sys/dev/pcmcia/if_malo_pcmcia.c: 1036 in cmalo_tx()
________________________________________________________________________________________________________
*** CID 1213745: Out-of-bounds access (OVERRUN)
/sys/dev/pcmcia/if_malo_pcmcia.c: 1036 in cmalo_tx()
1030 psize = sizeof(*txdesc) + m->m_pkthdr.len;
1031 data = mtod(m, uint8_t *);
1032
1033 /* prepare TX descriptor */
1034 txdesc->pkgoffset = htole32(sizeof(*txdesc));
1035 txdesc->pkglen = htole16(m->m_pkthdr.len);
>>> CID 1213745: Out-of-bounds access (OVERRUN)
>>> Overrunning array "txdesc->dstaddrhigh" of 2 bytes by passing it to a
>>> function which accesses it at byte offset 5 using argument "6U".
1036 memcpy(txdesc->dstaddrhigh, data, ETHER_ADDR_LEN);
1037
1038 /* copy mbuf data to the buffer */
1039 m_copydata(m, 0, m->m_pkthdr.len, sc->sc_data +
sizeof(*txdesc));
1040 m_freem(m);
1041
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit,
http://scan.coverity.com/projects/1450?tab=Overview
To unsubscribe from the email notification for new defects,
http://scan5.coverity.com/cgi-bin/unsubscribe.py
Home |
Main Index |
Thread Index |
Old Index