Re: Fwd: New Defects reported by Coverity Scan for gluster/glusterfs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Jul 21, 2016 at 02:44:35PM +0530, Muthu Vigneshwaran wrote:
> Hi Atin,
> 
> I am willing to fix all the coverity issues listed in the mail.

Note that I've send a fix for the md-cache issue already:
  http://review.gluster.org/14971

There are many more Coverity issues found. This email only lists the
newly introduced ones... They are all listed here:
  https://scan.coverity.com/projects/987

Thanks,
Niels


> 
> --
> Thanks and regards,
> Muthu Vigneshwaran
> 
> On Thu, Jul 21, 2016 at 10:12 AM, Atin Mukherjee <atin.mukherjee83@xxxxxxxxx
> > wrote:
> 
> >
> >
> >
> >
> > Hi,
> >
> > Please find the latest report on new defect(s) introduced to
> > gluster/glusterfs found with Coverity Scan.
> >
> > 22 new defect(s) introduced to gluster/glusterfs found with Coverity Scan.
> > 27 defect(s), reported by Coverity Scan earlier, were marked fixed in the
> > recent build analyzed by Coverity Scan.
> >
> > New defect(s) Reported-by: Coverity Scan Showing 20 of 22 defect(s)
> >
> > ** CID 1357876: Memory – illegal accesses (USE_AFTER_FREE)
> > /home/vijay/workspace/glusterfs/glusterfs/rpc/rpc-lib/src/rpc-transport.c:
> > 680 in rpc_transport_inet_options_build()
> >
> >
> > *_____________________________________________________________________________________________________*_
> > *** CID 1357876: Memory – illegal accesses (USE_AFTER_FREE)
> > /home/vijay/workspace/glusterfs/glusterfs/rpc/rpc-lib/src/rpc-transport.c:
> > 680 in rpc_transport_inet_options_build() 674 goto out; 675 } 676 677 ret =
> > dict_set_dynstr (dict, “remote-host”, host); 678 if (ret) { 679 GF_FREE
> > (host);
> >
> > CID 1357876: Memory – illegal accesses (USE_AFTER_FREE) Passing freed
> > pointer “host” as an argument to “_gf_log”.
> >
> > 680 gf_log (THIS->name, GF_LOG_WARNING, 681 “failed to set remote-host
> > with %s”, host); 682 goto out; 683 } 684 685 ret = dict_set_int32 (dict,
> > “remote-port”, port);
> >
> > ** CID 1357875: Code maintainability issues (UNUSED_VALUE)
> > /xlators/experimental/jbr-server/src/jbr-cg.c: 667 in
> > jbr_lk_perform_local_op()
> >
> >
> > *_____________________________________________________________________________________________________*_
> > *** CID 1357875: Code maintainability issues (UNUSED_VALUE)
> > /xlators/experimental/jbr-server/src/jbr-cg.c: 667 in
> > jbr_lk_perform_local_op() 661 goto out; 662 } else { 663
> > list_add_tail(&local->qlinks, &ictx->aqueue); 664 ++(ictx->active); 665 }
> > 666 UNLOCK(&ictx->lock);
> >
> > CID 1357875: Code maintainability issues (UNUSED_VALUE) Assigning value
> > from “jbr_perform_lk_on_leader(frame, this, fd, cmd, flock, xdata)” to
> > “ret” here, but that stored value is overwritten before it can be used.
> >
> > 667 ret = jbr_perform_lk_on_leader (frame, this, fd, cmd, 668 flock,
> > xdata); 669 } 670 671 ret = 0; 672 out:
> >
> > ** CID 1357874: Insecure data handling (TAINTED_SCALAR)
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:
> > 819 in _fcbk_statustostruct()
> >
> >
> > *_____________________________________________________________________________________________________*_
> > *** CID 1357874: Insecure data handling (TAINTED_SCALAR)
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:
> > 819 in _fcbk_statustostruct() 813 while (isspace (*v)) 814 v++; 815 v =
> > gf_strdup (v); 816 if (!v) 817 return -1; 818
> >
> > CID 1357874: Insecure data handling (TAINTED_SCALAR) Assigning: “k” =
> > “gf_strdup”, which taints “k”.
> >
> > 819 k = gf_strdup (resbuf); 820 if (!k) { 821 GF_FREE (v); 822 return -1;
> > 823 } 824
> >
> > ** CID 1357873: Security best practices violations (STRING_OVERFLOW)
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:
> > 2159 in glusterd_op_create_volume()
> >
> >
> > *_____________________________________________________________________________________________________*_
> > *** CID 1357873: Security best practices violations (STRING_OVERFLOW)
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:
> > 2159 in glusterd_op_create_volume() 2153 if (ret) { 2154 gf_msg
> > (this->name, GF_LOG_ERROR, 0, 2155 GD_MSG_DICT_GET_FAILED, "Unable to get
> > volume name"); 2156 goto out; 2157 } 2158
> >
> > CID 1357873: Security best practices violations (STRING_OVERFLOW) You
> > might overrun the 261 byte fixed-size string “volinfo->volname” by copying
> > “volname” without checking the length.
> >
> > 2159 strncpy (volinfo->volname, volname, strlen (volname)); 2160 GF_ASSERT
> > (volinfo->volname); 2161 2162 ret = dict_get_int32 (dict, “type”,
> > &volinfo->type); 2163 if (ret) { 2164 gf_msg (this->name, GF_LOG_ERROR, 0,
> >
> > ** CID 1357872: Security best practices violations (STRING_OVERFLOW)
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/mgmt/glusterd/src/glusterd-utils.c:
> > 3454 in glusterd_import_volinfo()
> >
> >
> > *_____________________________________________________________________________________________________*_
> > *** CID 1357872: Security best practices violations (STRING_OVERFLOW)
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/mgmt/glusterd/src/glusterd-utils.c:
> > 3454 in glusterd_import_volinfo() 3448 goto out; 3449 } 3450 3451 ret =
> > glusterd_volinfo_new (&new_volinfo); 3452 if (ret) 3453 goto out;
> >
> > CID 1357872: Security best practices violations (STRING_OVERFLOW) You
> > might overrun the 261 byte fixed-size string “new_volinfo->volname” by
> > copying “volname” without checking the length.
> >
> > 3454 strncpy (new_volinfo->volname, volname, strlen (volname)); 3455 3456
> > memset (key, 0, sizeof (key)); 3457 snprintf (key, sizeof (key),
> > “%s%d.type”, prefix, count); 3458 ret = dict_get_int32 (peer_data, key,
> > &new_volinfo->type); 3459 if (ret) {
> >
> > ** CID 1357871: (RESOURCE_LEAK)
> > /xlators/experimental/jbr-server/src/jbr-cg.c: 10664 in jbr_open_term()
> > /xlators/experimental/jbr-server/src/jbr-cg.c: 10668 in jbr_open_term()
> >
> >
> > *_____________________________________________________________________________________________________*_
> > *** CID 1357871: (RESOURCE_LEAK)
> > /xlators/experimental/jbr-server/src/jbr-cg.c: 10664 in jbr_open_term()
> > 10658 goto err; 10659 } 10660 priv->term_read = 0; 10661 10662 /* Success!
> > */ 10663 STACK_UNWIND_STRICT (ipc, frame, 0, 0, NULL);
> >
> > CID 1357871: (RESOURCE_LEAK) Variable “path” going out of scope leaks the
> > storage it points to.
> >
> > 10664 return; 10665 10666 err: 10667 STACK_UNWIND_STRICT (ipc, frame, -1,
> > op_errno, NULL); 10668 } 10669
> > /xlators/experimental/jbr-server/src/jbr-cg.c: 10668 in jbr_open_term()
> > 10662 /* Success! */ 10663 STACK_UNWIND_STRICT (ipc, frame, 0, 0, NULL);
> > 10664 return; 10665 10666 err: 10667 STACK_UNWIND_STRICT (ipc, frame, -1,
> > op_errno, NULL);
> >
> > CID 1357871: (RESOURCE_LEAK) Variable “path” going out of scope leaks the
> > storage it points to.
> >
> > 10668 } 10669 10670 10671 void 10672 jbr_next_entry (call_frame_t *frame,
> > xlator_t *this) 10673 {
> >
> > ** CID 1357870: Resource leaks (RESOURCE_LEAK)
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/mgmt/glusterd/src/glusterd-handler.c:
> > 2490 in __glusterd_handle_cluster_unlock()
> >
> >
> > *_____________________________________________________________________________________________________*_
> > *** CID 1357870: Resource leaks (RESOURCE_LEAK)
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/mgmt/glusterd/src/glusterd-handler.c:
> > 2490 in __glusterd_handle_cluster_unlock() 2484 ret =
> > glusterd_op_sm_inject_event (GD_OP_EVENT_UNLOCK, txn_id, ctx); 2485 2486
> > out: 2487 glusterd_friend_sm (); 2488 glusterd_op_sm (); 2489
> >
> > CID 1357870: Resource leaks (RESOURCE_LEAK) Variable “ctx” going out of
> > scope leaks the storage it points to.
> >
> > 2490 return ret; 2491 } 2492 2493 int 2494 glusterd_handle_cluster_unlock
> > (rpcsvc_request_t *req) 2495 {
> >
> > ** CID 1357869: Resource leaks (RESOURCE_LEAK)
> > /xlators/experimental/jbr-server/src/jbr-cg.c: 10568 in jbr_get_terms()
> >
> >
> > *_____________________________________________________________________________________________________*_
> > *** CID 1357869: Resource leaks (RESOURCE_LEAK)
> > /xlators/experimental/jbr-server/src/jbr-cg.c: 10568 in jbr_get_terms()
> > 10562 (void) sys_closedir (fp); 10563 } 10564 if (my_xdata) { 10565
> > dict_unref(my_xdata); 10566 } 10567 STACK_UNWIND_STRICT (ipc, frame, -1,
> > op_errno, NULL);
> >
> > CID 1357869: Resource leaks (RESOURCE_LEAK) Variable “probe_str” going out
> > of scope leaks the storage it points to.
> >
> > 10568 } 10569 10570 10571 long 10572 get_entry_count (xlator_t *this, int
> > fd) 10573 {
> >
> > ** CID 1357868: Null pointer dereferences (NULL_RETURNS)
> > /home/vijay/workspace/glusterfs/glusterfs/libglusterfs/src/iobuf.c: 704 in
> > iobuf_get_page_aligned()
> >
> >
> > *_____________________________________________________________________________________________________*_
> > *** CID 1357868: Null pointer dereferences (NULL_RETURNS)
> > /home/vijay/workspace/glusterfs/glusterfs/libglusterfs/src/iobuf.c: 704 in
> > iobuf_get_page_aligned() 698 * arenas, then we use iobuf->free_ptr to store
> > the original 699 * pointer to the offset into the mmap'd block of memory
> > and in turn 700 * reuse iobuf->ptr to hold the page-aligned address. And
> > finally, in 701 * iobuf_put(), we copy iobuf->free_ptr into iobuf->ptr –
> > back to where 702 * it was originally when __iobuf_get() returned this
> > iobuf. 703 */
> >
> > CID 1357868: Null pointer dereferences (NULL_RETURNS) Dereferencing a null
> > pointer “iobuf”.
> >
> > 704 if (!iobuf->free_ptr) 705 iobuf->free_ptr = iobuf->ptr; 706 iobuf->ptr
> > = GF_ALIGN_BUF (iobuf->ptr, align_size); 707 708 return iobuf; 709 }
> >
> > ** CID 1357867: Control flow issues (NESTING_INDENT_MISMATCH)
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/performance/md-cache/src/md-cache.c:
> > 2568 in notify()
> >
> >
> > *_____________________________________________________________________________________________________*_
> > *** CID 1357867: Control flow issues (NESTING_INDENT_MISMATCH)
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/performance/md-cache/src/md-cache.c:
> > 2568 in notify() 2562 mdc_update_child_down_time (this, &now); 2563 ret =
> > default_notify (this, event, data); 2564 break; 2565 case GF_EVENT_UPCALL:
> > 2566 if (conf->mdc_invalidation) 2567 ret = mdc_invalidate (this, data);
> >
> > CID 1357867: Control flow issues (NESTING_INDENT_MISMATCH) This ‘if’
> > statement is indented to column 25, as if it were nested within the
> > preceding parent statement, but it is not.
> >
> > 2568 if (default_notify (this, event, data) != 0) 2569 ret = -1; 2570
> > break; 2571 default: 2572 ret = default_notify (this, event, data); 2573
> > break;
> >
> > ** CID 1357866: Control flow issues (DEADCODE)
> > /home/vijay/workspace/glusterfs/glusterfs/rpc/xdr/src/glusterfs3.h: 375 in
> > gf_proto_cache_invalidation_from_upcall()
> >
> >
> > *_____________________________________________________________________________________________________*_
> > *** CID 1357866: Control flow issues (DEADCODE)
> > /home/vijay/workspace/glusterfs/glusterfs/rpc/xdr/src/glusterfs3.h: 375 in
> > gf_proto_cache_invalidation_from_upcall() 369 gf_stat_from_iatt
> > (&gf_c_req->oldparent_stat, &gf_c_data->oldp_stat); 370 371 ret = 0; 372
> > GF_PROTOCOL_DICT_SERIALIZE (this, gf_c_data->dict,
> > &(gf_c_req->xdata).xdata_val, 373 (gf_c_req->xdata).xdata_len, ret, out);
> > 374 if (ret > 0)
> >
> > CID 1357866: Control flow issues (DEADCODE) Execution cannot reach this
> > statement: “ret = -ret;”.
> >
> > 375 ret = -ret; 376 out: 377 return ret; 378 } 379 380 static inline int
> >
> > ** CID 1357865: Control flow issues (DEADCODE)
> > /home/vijay/workspace/glusterfs/glusterfs/cli/src/cli-cmd-parser.c: 2712 in
> > cli_cmd_gsync_set_parse()
> >
> >
> > *_____________________________________________________________________________________________________*_
> > *** CID 1357865: Control flow issues (DEADCODE)
> > /home/vijay/workspace/glusterfs/glusterfs/cli/src/cli-cmd-parser.c: 2712 in
> > cli_cmd_gsync_set_parse() 2706 !strcmp ((char *)words[wordcount-1],
> > "reset-sync-time")) { 2707 if (strcmp ((char *)words[wordcount-2],
> > "delete")) { 2708 ret = -1; 2709 goto out; 2710 } 2711 if (!slavei ||
> > !masteri) {
> >
> > CID 1357865: Control flow issues (DEADCODE) Execution cannot reach this
> > statement: “ret = -1;”.
> >
> > 2712 ret = -1; 2713 goto out; 2714 } 2715 ret = dict_set_uint32 (dict,
> > “reset-sync-time”, _gf_true); 2716 if (ret) 2717 goto out;
> >
> > ** CID 1357864: Security best practices violations (DC.WEAK_CRYPTO)
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/features/locks/src/common.c:
> > 1131 in pl_does_monkey_want_stuck_lock()
> >
> >
> > *_____________________________________________________________________________________________________*_
> > *** CID 1357864: Security best practices violations (DC.WEAK_CRYPTO)
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/features/locks/src/common.c:
> > 1131 in pl_does_monkey_want_stuck_lock() 1125 gf_boolean_t 1126
> > pl_does_monkey_want_stuck_lock() 1127 { 1128 long int monkey_unlock_rand =
> > 0; 1129 long int monkey_unlock_rand_rem = 0; 1130
> >
> > CID 1357864: Security best practices violations (DC.WEAK_CRYPTO) “random”
> > should not be used for security related applications, as linear
> > congruential algorithms are too easy to break.
> >
> > 1131 monkey_unlock_rand = random (); 1132 monkey_unlock_rand_rem =
> > monkey_unlock_rand % 100; 1133 if (monkey_unlock_rand_rem == 0) 1134 return
> > _gf_true; 1135 return _gf_false;
> >
> > ** CID 1357863: Memory – illegal accesses (BUFFER_SIZE_WARNING)
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/features/changetimerecorder/src/changetimerecorder.c:
> > 129 in ctr_lookup_wind()
> >
> >
> > *_____________________________________________________________________________________________________*_
> > *** CID 1357863: Memory – illegal accesses (BUFFER_SIZE_WARNING)
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/features/changetimerecorder/src/changetimerecorder.c:
> > 129 in ctr_lookup_wind() 123 CTR_DB_REC(ctr_local).gfdb_fop_path =
> > ctr_inode_cx->fop_path; 124 CTR_DB_REC(ctr_local).gfdb_fop_type =
> > ctr_inode_cx->fop_type; 125 126 /* Copy hard link info*/ 127 gf_uuid_copy
> > (CTR_DB_REC(ctr_local).pargfid, 128
> > *((NEW_LINK_CX(ctr_inode_cx))->pargfid));
> >
> > CID 1357863: Memory – illegal accesses (BUFFER_SIZE_WARNING) Calling
> > strncpy with a maximum size argument of 256 bytes on destination array
> > “ctr_local->gfdb_db_record.file_name” of size 256 bytes might leave the
> > destination string unterminated.
> >
> > 129 strncpy (CTR_DB_REC(ctr_local).file_name, 130
> > NEW_LINK_CX(ctr_inode_cx)->basename, 131
> > sizeof(CTR_DB_REC(ctr_local).file_name)); 132 133 /* Since we are in lookup
> > we can ignore errors while 134 * Inserting in the DB, because there may be
> > many
> >
> > ** CID 1357862: Error handling issues (CHECKED_RETURN)
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/performance/io-cache/src/io-cache.c:
> > 218 in ioc_lookup_cbk()
> >
> >
> > *_____________________________________________________________________________________________________*_
> > *** CID 1357862: Error handling issues (CHECKED_RETURN)
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/performance/io-cache/src/io-cache.c:
> > 218 in ioc_lookup_cbk() 212 if (!ioc_inode) { 213 weight = ioc_get_priority
> > (table, path); 214 215 ioc_inode = ioc_inode_update (table, inode, 216
> > weight); 217
> >
> > CID 1357862: Error handling issues (CHECKED_RETURN) Calling
> > “__inode_ctx_put” without checking return value (as is done elsewhere 7 out
> > of 8 times).
> >
> > 218 __inode_ctx_put (inode, this, 219 (uint64_t)(long)ioc_inode); 220 }
> > 221 } 222 UNLOCK (&inode->lock); 223
> >
> > ** CID 1357861: (BUFFER_SIZE_WARNING)
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/storage/posix/src/posix.c:
> > 4172 in posix_get_ancestry_non_directory()
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/storage/posix/src/posix.c:
> > 4179 in posix_get_ancestry_non_directory()
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/storage/posix/src/posix.c:
> > 4154 in posix_get_ancestry_non_directory()
> >
> >
> > *_____________________________________________________________________________________________________*_
> > *** CID 1357861: (BUFFER_SIZE_WARNING)
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/storage/posix/src/posix.c:
> > 4172 in posix_get_ancestry_non_directory() 4166 "%s: key = %s ", leaf_path,
> > key); 4167 goto out; 4168 } 4169 4170 nlink_samepgfid = ntoh32
> > (nlink_samepgfid); 4171
> >
> > CID 1357861: (BUFFER_SIZE_WARNING) Calling strncpy with a maximum size
> > argument of 37 bytes on destination array “pgfidstr” of size 37 bytes might
> > leave the destination string unterminated.
> >
> > 4172 strncpy (pgfidstr, key + strlen(PGFID_XATTR_KEY_PREFIX), 4173
> > sizeof(pgfidstr)); 4174 gf_uuid_parse (pgfidstr, pgfid); 4175 4176
> > handle_size = POSIX_GFID_HANDLE_SIZE(priv->base_path_length); 4177
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/storage/posix/src/posix.c:
> > 4179 in posix_get_ancestry_non_directory() 4173 sizeof(pgfidstr)); 4174
> > gf_uuid_parse (pgfidstr, pgfid); 4175 4176 handle_size =
> > POSIX_GFID_HANDLE_SIZE(priv->base_path_length); 4177 4178 /* constructing
> > the absolute real path of parent dir */
> >
> > CID 1357861: (BUFFER_SIZE_WARNING) Calling strncpy with a maximum size
> > argument of 4096 bytes on destination array “dirpath” of size 4096 bytes
> > might leave the destination string unterminated.
> >
> > 4179 strncpy (dirpath, priv->base_path, sizeof(dirpath)); 4180 pathlen =
> > PATH_MAX + 1 – priv->base_path_length; 4181 4182 op_ret =
> > posix_make_ancestryfromgfid (this, 4183 dirpath + priv->base_path_length,
> > 4184 pathlen,
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/storage/posix/src/posix.c:
> > 4154 in posix_get_ancestry_non_directory() 4148 gf_msg (this->name,
> > GF_LOG_WARNING, errno, P_MSG_LSTAT_FAILED, 4149 “lstat failed on %s”,
> > leaf_path); 4150 goto out; 4151 } 4152 4153 while (remaining_size > 0) {
> >
> > CID 1357861: (BUFFER_SIZE_WARNING) Calling strncpy with a maximum size
> > argument of 4096 bytes on destination array “key” of size 4096 bytes might
> > leave the destination string unterminated.
> >
> > 4154 strncpy (key, list + list_offset, sizeof(key)); 4155 if (strncmp
> > (key, PGFID_XATTR_KEY_PREFIX, 4156 strlen (PGFID_XATTR_KEY_PREFIX)) != 0)
> > 4157 goto next; 4158 4159 op_ret = sys_lgetxattr (leaf_path, key,
> >
> > ** CID 1357860: Memory – illegal accesses (BUFFER_SIZE_WARNING)
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:
> > 1829 in glusterd_op_verify_gsync_start_options()
> >
> >
> > *_____________________________________________________________________________________________________*_
> > *** CID 1357860: Memory – illegal accesses (BUFFER_SIZE_WARNING)
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:
> > 1829 in glusterd_op_verify_gsync_start_options() 1823 “before “GEOREP”
> > start”, volinfo->volname); 1824 goto out; 1825 } 1826 1827 /* check session
> > directory as statefile may not present 1828 * during upgrade */
> >
> > CID 1357860: Memory – illegal accesses (BUFFER_SIZE_WARNING) Calling
> > strncpy with a maximum size argument of 4096 bytes on destination array
> > “statefiledir” of size 4096 bytes might leave the destination string
> > unterminated.
> >
> > 1829 strncpy (statefiledir, statefile, sizeof(statefiledir)); 1830
> > statedir = dirname (statefiledir); 1831 1832 ret = sys_lstat (statedir,
> > &stbuf); 1833 if (ret) { 1834 snprintf (msg, sizeof (msg), “Session between
> > %s and %s has”
> >
> > ** CID 1357859: (BUFFER_SIZE_WARNING)
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/storage/posix/src/posix.c:
> > 4501 in posix_getxattr()
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/storage/posix/src/posix.c:
> > 4605 in posix_getxattr()
> >
> >
> > *_____________________________________________________________________________________________________*_
> > *** CID 1357859: (BUFFER_SIZE_WARNING)
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/storage/posix/src/posix.c:
> > 4501 in posix_getxattr() 4495 } 4496 4497 goto done; 4498 } 4499 4500 if
> > (name) {
> >
> > CID 1357859: (BUFFER_SIZE_WARNING) Calling strncpy with a maximum size
> > argument of 4096 bytes on destination array “keybuffer” of size 4096 bytes
> > might leave the destination string unterminated.
> >
> > 4501 strncpy (keybuffer, name, sizeof(keybuffer)); 4502 char *key =
> > keybuffer; 4503 #if defined(GF_DARWIN_HOST_OS_DISABLED) 4504 if
> > (priv->xattr_user_namespace == XATTR_STRIP) { 4505 if (strncmp(key,
> > "user.",5) == 0) { 4506 key += 5;
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/storage/posix/src/posix.c:
> > 4605 in posix_getxattr() 4599 goto out; 4600 } 4601 4602 remaining_size =
> > size; 4603 list_offset = 0; 4604 while (remaining_size > 0) {
> >
> > CID 1357859: (BUFFER_SIZE_WARNING) Calling strncpy with a maximum size
> > argument of 4096 bytes on destination array “keybuffer” of size 4096 bytes
> > might leave the destination string unterminated.
> >
> > 4605 strncpy (keybuffer, list + list_offset, sizeof(keybuffer)); 4606 if
> > (frame->root->pid != GF_CLIENT_PID_GSYNCD && 4607 fnmatch
> > ("*.glusterfs.*.stime", keybuffer, FNM_PERIOD) == 0) 4608 goto ignore; 4609
> > 4610 size = sys_lgetxattr (real_path, keybuffer, NULL, 0);
> >
> > ** CID 1357858: Memory – corruptions (BUFFER_SIZE)
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/mgmt/glusterd/src/glusterd-volgen.c:
> > 3731 in volume_volgen_graph_build_clusters()
> >
> >
> > *_____________________________________________________________________________________________________*_
> > *** CID 1357858: Memory – corruptions (BUFFER_SIZE)
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/mgmt/glusterd/src/glusterd-volgen.c:
> > 3731 in volume_volgen_graph_build_clusters() 3725 dist_count =
> > volinfo->brick_count / volinfo->dist_leaf_count; 3726 if (!dist_count) {
> > 3727 ret = -1; 3728 goto out; 3729 } 3730 if
> > (volinfo->tier_info.hot_brick_count) {
> >
> > CID 1357858: Memory – corruptions (BUFFER_SIZE) You might overrun the 256
> > byte destination string “tmp_volname” by writing the maximum 260 bytes from
> > “volinfo->volname”.
> >
> > 3731 strncpy (tmp_volname, volinfo->volname, 3732 strlen
> > (volinfo->volname)); 3733 if (volinfo->tier_info.cur_tier_hot) 3734 strcat
> > (volinfo->volname, "-hot"); 3735 else 3736 strcat (volinfo->volname,
> > "-cold");
> >
> > ** CID 1351683: Resource leaks (RESOURCE_LEAK)
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/mgmt/glusterd/src/glusterd-volgen.c:
> > 3563 in set_afr_pending_xattrs_option()
> >
> >
> > *_____________________________________________________________________________________________________*_
> > *** CID 1351683: Resource leaks (RESOURCE_LEAK)
> > /home/vijay/workspace/glusterfs/glusterfs/xlators/mgmt/glusterd/src/glusterd-volgen.c:
> > 3563 in set_afr_pending_xattrs_option() 3557 strncat (ptr, brick->brick_id,
> > strlen(brick->brick_id)); 3558 if (i == volinfo->replica_count) { 3559 ret
> > = xlator_set_option (afr_xlators_list[index++], 3560 “afr-pending-xattr”,
> > 3561 afr_xattrs_list); 3562 if (ret)
> >
> > CID 1351683: Resource leaks (RESOURCE_LEAK) Variable “afr_xlators_list”
> > going out of scope leaks the storage it points to.
> >
> > 3563 return ret; 3564 memset (afr_xattrs_list, 0, list_size); 3565 ptr =
> > afr_xattrs_list; 3566 i = 1; 3567 continue; 3568 }
> >
> >
> > *_____________________________________________________________________________________________________*_
> > To view the defects in Coverity Scan visit,
> > https://scan.coverity.com/projects/gluster-glusterfs?tab=overview
> > <https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZBK54bFWohdObZ6wlkeK264nDC24cnLwH4MTOSDXRjQcO27-2F6DmQXPB4g4Mz-2BEJJ0-3D_MGdSxOtVesORpvKsy8XkEUz8gK23WuwInCh-2FVRcDCRGBE-2F3TR3IOKi8oYByYaJKFWH29l24rf2-2Bt9oJ0-2BSGes9zIlWtqOEFQxHndbblS9YkMRU7DhD5fjEd9SfzVzR0ytt5-2B1Oe2zAYFWEWs2TpA7r7hhAvcZBTgecfyfkLbQCWue4TI159MKdJrXKuQK8DHpBVSyX4uxXIJVPNkFMLq8-2FXztFS7n2mjR1EiYjz-2BFgo-3D>
> >
> > To manage Coverity Scan email notifications for “
> > atin.mukherjee83@xxxxxxxxx”, click
> > https://scan.coverity.com/subscriptions/edit?email=atin.mukherjee83%40gmail.com&token=24e0fdee18fec699fd7c10fcd0d2a27e
> > <https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4F4Na18V6TzekbRgLfnxbftCtNrSI0AdVE2H7Oze59ZO0QossEy3LBj8V8EoFBmLcCGWfAfPSpkvjpvSyEnHW4SE-2Fd5u6fIUaVdSUke9RseU-3D_MGdSxOtVesORpvKsy8XkEUz8gK23WuwInCh-2FVRcDCRGBE-2F3TR3IOKi8oYByYaJKFWH29l24rf2-2Bt9oJ0-2BSGesxcG8qOHhREVqSn8S4O-2B0w53NuXhPDnom46-2BCg2Z0OnXewRHaru1sN8I-2FdHYO7RrUnyR2ORbAOutoWyPtuqEZWeTXEvG-2BxR1o61yxmZ56j0dv6uA8A7oqSMDLLJqRr9YamypQny-2BGOm7k64flahA8RM-3D>
> >
> >
> > _______________________________________________
> > Gluster-devel mailing list
> > Gluster-devel@xxxxxxxxxxx
> > http://www.gluster.org/mailman/listinfo/gluster-devel
> >

> _______________________________________________
> Gluster-devel mailing list
> Gluster-devel@xxxxxxxxxxx
> http://www.gluster.org/mailman/listinfo/gluster-devel

Attachment: signature.asc
Description: PGP signature

_______________________________________________
Gluster-devel mailing list
Gluster-devel@xxxxxxxxxxx
http://www.gluster.org/mailman/listinfo/gluster-devel

[Index of Archives]     [Gluster Users]     [Ceph Users]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux