Hi,
Please find the latest report on new defect(s) introduced to alfred found with Coverity Scan.
3 new defect(s) introduced to alfred found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan Showing 3 of 3 defect(s)
** CID 500192: Control flow issues (UNREACHABLE) /server.c: 519 in alfred_server()
________________________________________________________________________________________________________ *** CID 500192: Control flow issues (UNREACHABLE) /server.c: 519 in alfred_server() 513 514 while (1) { 515 netsock_reopen(globals); 516 process_events(globals); 517 } 518
CID 500192: Control flow issues (UNREACHABLE) This code cannot be reached: "netsock_close_all(globals);".
519 netsock_close_all(globals); 520 unix_sock_close(globals); 521 unix_sock_events_close_all(globals); 522 return 0;
** CID 500191: (INTEGER_OVERFLOW) /gpsd/alfred-gpsd.c: 315 in gpsd_read_gpsd() /gpsd/alfred-gpsd.c: 324 in gpsd_read_gpsd() /gpsd/alfred-gpsd.c: 331 in gpsd_read_gpsd()
________________________________________________________________________________________________________ *** CID 500191: (INTEGER_OVERFLOW) /gpsd/alfred-gpsd.c: 315 in gpsd_read_gpsd() 309 sizeof(*globals->push) - 310 sizeof(struct alfred_data) - 311 sizeof(*globals->gpsd_data); 312 313 cnt = 0; 314 do {
CID 500191: (INTEGER_OVERFLOW) "cnt", which might have underflowed, is passed to "buf[cnt]".
315 ret = read(globals->gpsdata.gps_fd, &buf[cnt], 1); 316 if (ret != 1) { 317 gps_close(&globals->gpsdata); 318 globals->gpsdata.gps_fd = -1; 319 return; 320 } /gpsd/alfred-gpsd.c: 324 in gpsd_read_gpsd() 318 globals->gpsdata.gps_fd = -1; 319 return; 320 } 321 322 switch (buf[cnt]) { 323 case '\r':
CID 500191: (INTEGER_OVERFLOW) Expression "cnt--", which is equal to 18446744073709551615, where "cnt" is known to be equal to 0, underflows the type that receives it, an unsigned integer 64 bits wide.
324 cnt--; 325 break; 326 case '\n': 327 eol = true; 328 buf[cnt] = '\0'; 329 break; /gpsd/alfred-gpsd.c: 331 in gpsd_read_gpsd() 325 break; 326 case '\n': 327 eol = true; 328 buf[cnt] = '\0'; 329 break; 330 }
CID 500191: (INTEGER_OVERFLOW) Expression "cnt++", which is equal to 0, where "cnt" is known to be equal to 18446744073709551615, overflows the type that receives it, an unsigned integer 64 bits wide.
331 } while (cnt++ < sizeof(buf) - 1 && !eol); 332 333 if (!eol) { 334 gps_close(&globals->gpsdata); 335 globals->gpsdata.gps_fd = -1; 336 return;
** CID 500190: Insecure data handling (INTEGER_OVERFLOW) /unix_sock.c: 239 in unix_sock_req_data_reply()
________________________________________________________________________________________________________ *** CID 500190: Insecure data handling (INTEGER_OVERFLOW) /unix_sock.c: 239 in unix_sock_req_data_reply() 233 234 len = dataset->data.header.length + sizeof(*data); 235 len += sizeof(*push) - sizeof(push->header); 236 push->header.length = htons(len); 237 push->tx.seqno = htons(seqno++); 238
CID 500190: Insecure data handling (INTEGER_OVERFLOW) "4UL + len", which might have underflowed, is passed to "write(client_sock, buf, 4UL + len)".
239 if (write(client_sock, buf, sizeof(push->header) + len) < 0) { 240 ret = -1; 241 hash_iterate_free(hashit); 242 break; 243 } 244 }
________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2B...