Hi, I was attempting to fix a class of "Insecure data handling" defects in coverity around GF_FREE accessing tainted strings. Below is a short writeup of the same (pasted into the notes for each issue as well). Notifying the list of the same. (attempted annotation) Fix: https://review.gluster.org/c/glusterfs/+/21422 The fix was to annotate the pointer coming into GF_FREE (or really __gf_free) as not tainted, based on the reasoning below. This coverity annotation is applied incorrectly in the code, as we need to annotate a function that on exit marks the string as taint free. IOW, see https://community.synopsys.com/s/article/From-Case-Clearing-TAINTED-STRING On attempting to write such alternative functions and testing with an in house coverity run, the taint was still not cleared. As a result, I am marking this/these issues as "False positive"+"Ignore". The reason to treat this as a false positive is as follows, - The allocation function returns a pointer past the header, where the actual usage starts - The free function accesses the header information to check if the trailer is overwritten to detect memory region overwrites - When these pointers are used for IO with external sources the entire pointer is tainted As we are detecting a similar corruption, using the region before the returned pointer (and some after), and not checking regions that were passed to the respective external IO sources, the regions need not be sanitized before accessing the same. As a result, these instances are marked as false positives An older thread discussing this from Xavi can be found here: https://lists.gluster.org/pipermail/gluster-devel/2014-December/043314.html Shyam On 11/02/2018 01:07 PM, Sunny Kumar wrote: > Hello folks, > > The current status of static analyser is below: > > Coverity scan status: > Last week we started from 135 and now its 116 (2nd Nov scan) > Contributors - Sunny (1 patch containing 7 fixes) and > Varsha (1 patch containing 1 fix). > > As you all are aware we are marking few features as deprecated in gluster [1]. > Few coverity defects eliminated due to this activity. (from tier and stripe) > [1]. https://lists.gluster.org/pipermail/gluster-users/2018-July/034400.html > > Clang-scan status: > Last week we started from 90 and today its 84 (build #503). > Contributors- Harpreet (2 patches), Shwetha and Amar(1 patch each). > > If you want to contribute in fixing coverity and clang-scan fixes > please follow these instruction: > * for coverity scan fixes: > https://lists.gluster.org/pipermail/gluster-devel/2018-August/055155.html > * for clang-scan: > https://lists.gluster.org/pipermail/gluster-devel/2018-August/055338.html > > > Regards, > Sunny kumar > _______________________________________________ > Gluster-devel mailing list > Gluster-devel@xxxxxxxxxxx > https://lists.gluster.org/mailman/listinfo/gluster-devel > _______________________________________________ Gluster-devel mailing list Gluster-devel@xxxxxxxxxxx https://lists.gluster.org/mailman/listinfo/gluster-devel
