On 11/06/2018 02:08 PM, Shyam Ranganathan wrote: > Hi, > > I was attempting to fix a class of "Insecure data handling" defects in > coverity around GF_FREE accessing tainted strings. Below is a short > writeup of the same (pasted into the notes for each issue as well). > Notifying the list of the same. > > (attempted annotation) Fix: https://review.gluster.org/c/glusterfs/+/21422 Posted a new patch after using another system to check various coverity runs and annotations. This one works, and once merged should auto-ignore this pattern of issues. https://review.gluster.org/c/glusterfs/+/21584 > > The fix was to annotate the pointer coming into GF_FREE (or really > __gf_free) as not tainted, based on the reasoning below. This coverity > annotation is applied incorrectly in the code, as we need to annotate a > function that on exit marks the string as taint free. IOW, see > https://community.synopsys.com/s/article/From-Case-Clearing-TAINTED-STRING > > On attempting to write such alternative functions and testing with an in > house coverity run, the taint was still not cleared. As a result, I am > marking this/these issues as "False positive"+"Ignore". > > The reason to treat this as a false positive is as follows, > - The allocation function returns a pointer past the header, where the > actual usage starts > - The free function accesses the header information to check if the > trailer is overwritten to detect memory region overwrites > - When these pointers are used for IO with external sources the entire > pointer is tainted > > As we are detecting a similar corruption, using the region before the > returned pointer (and some after), and not checking regions that were > passed to the respective external IO sources, the regions need not be > sanitized before accessing the same. As a result, these instances are > marked as false positives > > An older thread discussing this from Xavi can be found here: > https://lists.gluster.org/pipermail/gluster-devel/2014-December/043314.html > > Shyam > On 11/02/2018 01:07 PM, Sunny Kumar wrote: >> Hello folks, >> >> The current status of static analyser is below: >> >> Coverity scan status: >> Last week we started from 135 and now its 116 (2nd Nov scan) >> Contributors - Sunny (1 patch containing 7 fixes) and >> Varsha (1 patch containing 1 fix). >> >> As you all are aware we are marking few features as deprecated in gluster [1]. >> Few coverity defects eliminated due to this activity. (from tier and stripe) >> [1]. https://lists.gluster.org/pipermail/gluster-users/2018-July/034400.html >> >> Clang-scan status: >> Last week we started from 90 and today its 84 (build #503). >> Contributors- Harpreet (2 patches), Shwetha and Amar(1 patch each). >> >> If you want to contribute in fixing coverity and clang-scan fixes >> please follow these instruction: >> * for coverity scan fixes: >> https://lists.gluster.org/pipermail/gluster-devel/2018-August/055155.html >> * for clang-scan: >> https://lists.gluster.org/pipermail/gluster-devel/2018-August/055338.html >> >> >> Regards, >> Sunny kumar >> _______________________________________________ >> Gluster-devel mailing list >> Gluster-devel@xxxxxxxxxxx >> https://lists.gluster.org/mailman/listinfo/gluster-devel >> _______________________________________________ Gluster-devel mailing list Gluster-devel@xxxxxxxxxxx https://lists.gluster.org/mailman/listinfo/gluster-devel
