New Defects reported by Coverity Scan for NetBSD-amd64-kernel

To: coverity-updates%netbsd.org@localhost
Subject: New Defects reported by Coverity Scan for NetBSD-amd64-kernel
From: scan-admin%coverity.com@localhost
Date: Thu, 04 Aug 2016 21:24:44 -0700

Hi,

Please find the latest report on new defect(s) introduced to NetBSD-amd64-kernel found with Coverity Scan.

3 new defect(s) introduced to NetBSD-amd64-kernel found with Coverity Scan.
6 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)


** CID 1364757:  Incorrect expression  (IDENTICAL_BRANCHES)
/sys/netinet6/in6.c: 488 in in6_control1()


________________________________________________________________________________________________________
*** CID 1364757:  Incorrect expression  (IDENTICAL_BRANCHES)
/sys/netinet6/in6.c: 488 in in6_control1()
482     	}
483     
484     	switch (cmd) {
485     
486     	case SIOCGIFADDR_IN6:
487     		ifr->ifr_addr = ia->ia_addr;
>>>     CID 1364757:  Incorrect expression  (IDENTICAL_BRANCHES)
>>>     The same code is executed when the condition "(error = sa6_recoverscope(&ifr->ifr_ifru.ifru_addr)) != 0" is true or false, because the code in the if-then branch and after the if statement is identical. Should the if statement be removed?
488     		if ((error = sa6_recoverscope(&ifr->ifr_addr)) != 0)
489     			break;
490     		break;
491     
492     	case SIOCGIFDSTADDR_IN6:
493     		if ((ifp->if_flags & IFF_POINTOPOINT) == 0) {

** CID 1364758:  Integer handling issues  (SIGN_EXTENSION)
/sys/dev/ata/wd.c: 397 in wdattach()


________________________________________________________________________________________________________
*** CID 1364758:  Integer handling issues  (SIGN_EXTENSION)
/sys/dev/ata/wd.c: 397 in wdattach()
391     		    wd->sc_params.atap_heads *
392     		    wd->sc_params.atap_sectors;
393     	}
394     	if ((wd->sc_params.atap_secsz & ATA_SECSZ_VALID_MASK) == ATA_SECSZ_VALID
395     	    && ((wd->sc_params.atap_secsz & ATA_SECSZ_LLS) != 0)) {
396     		wd->sc_blksize = 2ULL *
>>>     CID 1364758:  Integer handling issues  (SIGN_EXTENSION)
>>>     Suspicious implicit sign extension: "wd->sc_params.atap_lls_secsz[1]" with type "unsigned short" (16 bits, unsigned) is promoted in "(wd->sc_params.atap_lls_secsz[1] << 16) | (wd->sc_params.atap_lls_secsz[0] << 0)" to type "int" (32 bits, signed), then sign-extended to type "unsigned long long" (64 bits, unsigned).  If "(wd->sc_params.atap_lls_secsz[1] << 16) | (wd->sc_params.atap_lls_secsz[0] << 0)" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.
397     		    (wd->sc_params.atap_lls_secsz[1] << 16 |
398     		     wd->sc_params.atap_lls_secsz[0] <<  0);
399     	} else {
400     		wd->sc_blksize = 512;
401     	}
402     	wd->sc_capacity512 = (wd->sc_capacity * wd->sc_blksize) / DEV_BSIZE;

** CID 1364759:  Memory - illegal accesses  (UNINIT)
/sys/net/route.c: 781 in rt_getifa()


________________________________________________________________________________________________________
*** CID 1364759:  Memory - illegal accesses  (UNINIT)
/sys/net/route.c: 781 in rt_getifa()
775     	if (sa != NULL && info->rti_ifp != NULL)
776     		ifa = ifaof_ifpforaddr_psref(sa, info->rti_ifp, psref);
777     	else if (dst != NULL && gateway != NULL)
778     		ifa = ifa_ifwithroute_psref(flags, dst, gateway, psref);
779     	else if (sa != NULL)
780     		ifa = ifa_ifwithroute_psref(flags, sa, sa, psref);
>>>     CID 1364759:  Memory - illegal accesses  (UNINIT)
>>>     Using uninitialized value "ifa".
781     	if (ifa == NULL)
782     		return NULL;
783     got:
784     	if (ifa->ifa_getifa != NULL) {
785     		/* FIXME NOMPSAFE */
786     		ifa = (*ifa->ifa_getifa)(ifa, dst);


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRb2JZfDAOAZcqzsy8LMBKBj0qtSICo2DZNjmmsVjYof54PahgUQ7xLRwU5wjlAON3Q-3D_XWm3CUIFU8ffmjzuNhQ8cIHoQgXzXkm61Fmjr59D05UuE5QNxUHluW6pkRn2x0jSEqITEkXGEKwZC6pENBelsk86c0Kqejtl-2BrTPEA-2FbT4Al7R0qdvoflwCFwSHFbztoJ9Fwi8oxFzbzEBufgjinLPs6q0kRSqIXE6BHNO82VnpeAbyVS33YvMQNkb80tCCFBcAmaJkMhNzHPgRgwFAAf4rg-2F7OfetnKKg1Ym318ALA-3D

To manage Coverity Scan email notifications for "coverity-updates%netbsd.org@localhost", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4m7U7Yoel-2F6MYPxol7ToiLwYIjoNbVQOCAwEeTNJofEDwTlN0JRhKMyijhpnAObR-2FlLVG-2Fr3EBKWgiICNdX1HPA6Ws0-2F1wHBf2tG9AnMDB8g-3D_XWm3CUIFU8ffmjzuNhQ8cIHoQgXzXkm61Fmjr59D05UuE5QNxUHluW6pkRn2x0jSEqITEkXGEKwZC6pENBelshr-2FHux1nPqw56azubyw5-2BoDt5Ad8SyTITShM4kxCyQiez4vQHnQEUrJYe4VO1CQv03qdEwng8wuLlGJ9bz6EkriPDzjQM8R-2BrG2JV9g1BdOoDZEKA48P72q-2Bb0E7nEJ4utOf3A9WxqZh90j-2BRcHOsU-3D

Prev by Date: New Defects reported by Coverity Scan for NetBSD-i386-kernel
Next by Date: New Defects reported by Coverity Scan for NetBSD-amd64-user
Previous by Thread: New Defects reported by Coverity Scan for NetBSD-amd64-kernel
Next by Thread: New Defects reported by Coverity Scan for NetBSD-amd64-kernel
Indexes:

Home | Main Index | Thread Index | Old Index