On Wed, Dec 17, 2014 at 02:26:55AM -0500, Krishnan Parthasarathi wrote: > I was looking into a Coverity issue (CID 1228603) in GlusterFS. > I sent a patch[1] before I fully understood why this was an issue. > After searching around in the internet for explanations, I identified that > the core issue was that a character buffer, storing parts of a file (external I/O), > was marked tainted. This taint spread wherever the buffer was used. This seems > acceptable in the context of static analysis. How do we indicate to Coverity that > the 'taint' would cause no harm as speculated? > > [1] - Coverity fix attempt: http://review.gluster.org/#/c/9286/ > [2] - CID 1228603: Use of untrusted scalar value (TAINTED_SCALAR): > glusterd-utils.c: 2131 in glusterd_readin_file() If you visit https://scan.coverity.com/projects/987 you can request an account and make yourself owner of this CID (enter it in the upper right corner after clicking 'view defects'). I agree that this is safe usage. Please mark this as 'intentional'. Thanks, Niels
Attachment:
pgpkmyt6QDHev.pgp
Description: PGP signature
_______________________________________________ Gluster-devel mailing list Gluster-devel@xxxxxxxxxxx http://supercolony.gluster.org/mailman/listinfo/gluster-devel
