New Defects reported by Coverity Scan for NetBSD-amd64-user

To: coverity-updates%netbsd.org@localhost
Subject: New Defects reported by Coverity Scan for NetBSD-amd64-user
From: scan-admin%coverity.com@localhost
Date: Mon, 23 Nov 2015 21:03:51 -0800

Hi,

Please find the latest report on new defect(s) introduced to NetBSD-amd64-user found with Coverity Scan.

2 new defect(s) introduced to NetBSD-amd64-user found with Coverity Scan.
11 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1340063:  Security best practices violations  (TOCTOU)
/sbin/cgdconfig/params.c: 633 in params_cget()


________________________________________________________________________________________________________
*** CID 1340063:  Security best practices violations  (TOCTOU)
/sbin/cgdconfig/params.c: 633 in params_cget()
627     	if (fn[0] != '/' && stat(fn, &st) == -1 && errno == ENOENT) {
628     		snprintf(filename, sizeof(filename), "%s/%s",
629     		    CGDCONFIG_DIR, fn);
630     		fn = filename;
631     	}
632     
>>>     CID 1340063:  Security best practices violations  (TOCTOU)
>>>     Calling function "fopen" that uses "fn" after a check function. This can cause a time-of-check, time-of-use race condition.
633     	if ((f = fopen(fn, "r")) == NULL) {
634     		warn("failed to open params file \"%s\"", fn);
635     		return NULL;
636     	}
637     	p = params_fget(f);
638     	(void)fclose(f);

** CID 1340078:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
/sys/external/bsd/common/include/linux/kernel.h: 166 in kstrtol()


________________________________________________________________________________________________________
*** CID 1340078:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
/sys/external/bsd/common/include/linux/kernel.h: 166 in kstrtol()
160     static inline int
161     kstrtol(const char *s, unsigned base, long *vp)
162     {
163     	long long v;
164     
165     	v = strtoll(s, NULL, base);
>>>     CID 1340078:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
>>>     "v < -9223372036854775808LL /* -9223372036854775807L - 1 */" is always false regardless of the values of its operands. This occurs as the logical first operand of '||'.
166     	if (v < LONG_MIN || LONG_MAX < v)
167     		return -ERANGE;
168     	*vp = v;
169     	return 0;
170     }
171     


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/netbsd-amd64-user?tab=overview

To manage Coverity Scan email notifications for "coverity-updates%netbsd.org@localhost", click https://scan.coverity.com/subscriptions/edit?email=coverity-updates%40netbsd.org&token=487286ca1a9a4f4bd485d16f66b5e782

Prev by Date: New Defects reported by Coverity Scan for NetBSD-amd64-kernel
Next by Date: New Defects reported by Coverity Scan for NetBSD-i386-kernel
Previous by Thread: New Defects reported by Coverity Scan for NetBSD-amd64-user
Next by Thread: New Defects reported by Coverity Scan for NetBSD-amd64-user
Indexes:

Home | Main Index | Thread Index | Old Index