Coverity-updates archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
New Defects reported by Coverity Scan for NetBSD-amd64-kernel
Hi,
Please find the latest report on new defect(s) introduced to NetBSD-amd64-kernel found with Coverity Scan.
6 new defect(s) introduced to NetBSD-amd64-kernel found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 6 of 6 defect(s)
** CID 1362902: Null pointer dereferences (FORWARD_NULL)
/sys/dev/dksubr.c: 686 in dk_ioctl()
________________________________________________________________________________________________________
*** CID 1362902: Null pointer dereferences (FORWARD_NULL)
/sys/dev/dksubr.c: 686 in dk_ioctl()
680 error = bufq_alloc(&new, dks->dks_name,
681 BUFQ_EXACT|BUFQ_SORT_RAWBLOCK);
682 if (error) {
683 return error;
684 }
685 mutex_enter(&dksc->sc_iolock);
>>> CID 1362902: Null pointer dereferences (FORWARD_NULL)
>>> Assigning: "old" = "dksc->sc_bufq".
686 old = dksc->sc_bufq;
687 bufq_move(new, old);
688 dksc->sc_bufq = new;
689 mutex_exit(&dksc->sc_iolock);
690 bufq_free(old);
691 }
** CID 1362905: Memory - illegal accesses (UNINIT)
/sys/netinet6/ip6_output.c: 166 in ip6_output()
________________________________________________________________________________________________________
*** CID 1362905: Memory - illegal accesses (UNINIT)
/sys/netinet6/ip6_output.c: 166 in ip6_output()
160 struct ip6_moptions *im6o,
161 struct socket *so,
162 struct ifnet **ifpp /* XXX: just for statistics */
163 )
164 {
165 struct ip6_hdr *ip6, *mhip6;
>>> CID 1362905: Memory - illegal accesses (UNINIT)
>>> Declaring variable "ifp" without initializer.
166 struct ifnet *ifp, *origifp = NULL;
167 struct mbuf *m = m0;
168 int hlen, tlen, len, off;
169 bool tso;
170 struct route ip6route;
171 struct rtentry *rt = NULL;
** CID 1362906: Code maintainability issues (UNUSED_VALUE)
/sys/dev/dksubr.c: 665 in dk_ioctl()
________________________________________________________________________________________________________
*** CID 1362906: Code maintainability issues (UNUSED_VALUE)
/sys/dev/dksubr.c: 665 in dk_ioctl()
659
660 mutex_enter(&dksc->sc_iolock);
661 if (dksc->sc_bufq != NULL)
662 strlcpy(dks->dks_name, bufq_getstrategyname(dksc->sc_bufq),
663 sizeof(dks->dks_name));
664 else
>>> CID 1362906: Code maintainability issues (UNUSED_VALUE)
>>> Assigning value "22" to "error" here, but that stored value is overwritten before it can be used.
665 error = EINVAL;
666 mutex_exit(&dksc->sc_iolock);
667 dks->dks_paramlen = 0;
668 }
669
670 case DIOCSSTRATEGY:
** CID 1362931: Insecure data handling (INTEGER_OVERFLOW)
/sys/kern/core_elf32.c: 439 in coredump_note_auxv()
________________________________________________________________________________________________________
*** CID 1362931: Insecure data handling (INTEGER_OVERFLOW)
/sys/kern/core_elf32.c: 439 in coredump_note_auxv()
433 if (error == 0) {
434 ELFNAMEEND(coredump_savenote)(ns, ELF_NOTE_NETBSD_CORE_AUXV,
435 ELF_NOTE_NETBSD_CORE_NAME, kauxv, len);
436 }
437
438 kmem_free(kauxv, len);
>>> CID 1362931: Insecure data handling (INTEGER_OVERFLOW)
>>> Overflowed or truncated value (or a value computed from an overflowed or truncated value) "error" used as return value.
439 return error;
440 }
441
442 static int
443 ELFNAMEEND(coredump_notes)(struct lwp *l, struct note_state *ns)
444 {
** CID 1362932: Control flow issues (MISSING_BREAK)
/sys/dev/dksubr.c: 670 in dk_ioctl()
________________________________________________________________________________________________________
*** CID 1362932: Control flow issues (MISSING_BREAK)
/sys/dev/dksubr.c: 670 in dk_ioctl()
664 else
665 error = EINVAL;
666 mutex_exit(&dksc->sc_iolock);
667 dks->dks_paramlen = 0;
668 }
669
>>> CID 1362932: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
670 case DIOCSSTRATEGY:
671 {
672 struct disk_strategy *dks = (void *)data;
673 struct bufq_state *new;
674 struct bufq_state *old;
675
** CID 1362933: Control flow issues (MISSING_BREAK)
/sys/dev/dksubr.c: 693 in dk_ioctl()
________________________________________________________________________________________________________
*** CID 1362933: Control flow issues (MISSING_BREAK)
/sys/dev/dksubr.c: 693 in dk_ioctl()
687 bufq_move(new, old);
688 dksc->sc_bufq = new;
689 mutex_exit(&dksc->sc_iolock);
690 bufq_free(old);
691 }
692
>>> CID 1362933: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
693 default:
694 error = ENOTTY;
695 }
696
697 return error;
698 }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/netbsd-amd64-kernel?tab=overview
To manage Coverity Scan email notifications for "coverity-updates%netbsd.org@localhost", click https://scan.coverity.com/subscriptions/edit?email=coverity-updates%40netbsd.org&token=487286ca1a9a4f4bd485d16f66b5e782
Home |
Main Index |
Thread Index |
Old Index