New Defects reported by Coverity Scan for NetBSD-amd64-user

To: coverity-updates%netbsd.org@localhost
Subject: New Defects reported by Coverity Scan for NetBSD-amd64-user
From: scan-admin%coverity.com@localhost
Date: Mon, 29 Jun 2015 19:06:01 -0700

Hi,

Please find the latest report on new defect(s) introduced to NetBSD-amd64-user found with Coverity Scan.

4 new defect(s) introduced to NetBSD-amd64-user found with Coverity Scan.
5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 975185:  Error handling issues  (CHECKED_RETURN)
/sys/dev/dm/dm_pdev.c: 122 in dm_pdev_insert()


________________________________________________________________________________________________________
*** CID 975185:  Error handling issues  (CHECKED_RETURN)
/sys/dev/dm/dm_pdev.c: 122 in dm_pdev_insert()
116     	if (error) {
117     		aprint_debug("dk_lookup on device: %s failed with error %d!\n",
118     		    dev_name, error);
119     		kmem_free(dmp, sizeof(dm_pdev_t));
120     		return NULL;
121     	}
>>>     CID 975185:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "getdisksize" without checking return value (as is done elsewhere 12 out of 13 times).
122     	getdisksize(dmp->pdev_vnode, &dmp->pdev_numsec, &dmp->pdev_secsize);
123     	dmp->ref_cnt = 1;
124     
125     	mutex_enter(&dm_pdev_mutex);
126     	SLIST_INSERT_HEAD(&dm_pdev_list, dmp, next_pdev);
127     	mutex_exit(&dm_pdev_mutex);

** CID 1308957:  Incorrect expression  (SIZEOF_MISMATCH)
/sys/miscfs/specfs/spec_vnops.c: 1100 in spec_reclaim()


________________________________________________________________________________________________________
*** CID 1308957:  Incorrect expression  (SIZEOF_MISMATCH)
/sys/miscfs/specfs/spec_vnops.c: 1100 in spec_reclaim()
1094     	struct vop_reclaim_args /* {
1095     		struct vnode *a_vp;
1096     	} */ *ap = v;
1097     	struct vnode *vp = ap->a_vp;
1098     
1099     	KASSERT(vp->v_mount == dead_rootmount);
>>>     CID 1308957:  Incorrect expression  (SIZEOF_MISMATCH)
>>>     Passing argument "vp" of type "struct vnode *" and argument "8UL /* sizeof (vp) */" to function "vcache_remove" is suspicious.
1100     	vcache_remove(vp->v_mount, vp, sizeof(vp));
1101     	return 0;
1102     }
1103     
1104     /*
1105      * This is a noop, simply returning what one has been given.

** CID 1308958:  Uninitialized variables  (UNINIT)
/sys/kern/sys_mqueue.c: 622 in sys_mq_open()


________________________________________________________________________________________________________
*** CID 1308958:  Uninitialized variables  (UNINIT)
/sys/kern/sys_mqueue.c: 622 in sys_mq_open()
616     		syscallarg(struct mq_attr) attr;
617     	} */
618     	struct mq_attr *attr = NULL, a;
619     	int error;
620     
621     	if ((SCARG(uap, oflag) & O_CREAT) && (SCARG(uap,attr) != NULL)) {
>>>     CID 1308958:  Uninitialized variables  (UNINIT)
>>>     Using uninitialized value "a". Field "a.mq_flags" is uninitialized when calling "copyin". [Note: The source code implementation of the function has been overridden by a builtin model.]
622     		error = copyin(&a, SCARG(uap,attr), sizeof(a));
623     		if (error)
624     			return error;
625     		attr = &a;
626     	}
627     

** CID 1308959:  Insecure data handling  (TAINTED_SCALAR)
/usr.bin/xinstall/xinstall.c: 1057 in strip()


________________________________________________________________________________________________________
*** CID 1308959:  Insecure data handling  (TAINTED_SCALAR)
/usr.bin/xinstall/xinstall.c: 1057 in strip()
1051      */
1052     static void
1053     strip(const char *to_name)
1054     {
1055     	const char *stripprog;
1056     
>>>     CID 1308959:  Insecure data handling  (TAINTED_SCALAR)
>>>     Assigning: "stripprog" = "getenv", which taints "stripprog".
1057     	if ((stripprog = getenv("STRIP")) == NULL || *stripprog == '\0') {
1058     #ifdef TARGET_STRIP
1059     		stripprog = TARGET_STRIP;
1060     #else
1061     		stripprog = _PATH_STRIP;
1062     #endif


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/1449?tab=overview

To manage Coverity Scan email notifications for "coverity-updates%netbsd.org@localhost", click https://scan.coverity.com/subscriptions/edit?email=coverity-updates%40netbsd.org&token=487286ca1a9a4f4bd485d16f66b5e782

Prev by Date: New Defects reported by Coverity Scan for NetBSD-amd64-kernel
Next by Date: New Defects reported by Coverity Scan for NetBSD-i386-user
Previous by Thread: New Defects reported by Coverity Scan for NetBSD-amd64-user
Next by Thread: New Defects reported by Coverity Scan for NetBSD-amd64-user
Indexes:

Home | Main Index | Thread Index | Old Index