[prev in list] [next in list] [prev in thread] [next in thread]
List: libreswan-dev
Subject: [Swan-dev] New Defects reported by Coverity Scan for antonyantony/libreswan
From: scan-admin () coverity ! com
Date: 2021-11-20 11:09:38
Message-ID: 6198d7725d2a4_32acde2aff4a7a99a4245 () prd-scan-dashboard-0 ! mail
[Download RAW message or body]
Hi,
Please find the latest report on new defect(s) introduced to antonyantony/libreswan \
found with Coverity Scan.
1 new defect(s) introduced to antonyantony/libreswan found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build \
analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1510142: (OVERRUN)
________________________________________________________________________________________________________
*** CID 1510142: (OVERRUN)
/programs/pluto/kernel_xfrm.c: 886 in xfrm_raw_policy()
880 * Presumably this is trying to also delete earlier
881 * SNAFUs.
882 */
883 dbg("xfrm: %s() deleting policy forward (even when there may not be one)",
884 __func__);
885 req.u.id.dir = XFRM_POLICY_FWD;
> > > CID 1510142: (OVERRUN)
> > > Overrunning struct type nlmsghdr of 16 bytes by passing it to a function which \
> > > accesses it at byte offset 4199 using argument "req.n.nlmsg_len" (which \
> > > evaluates to 4200).
886 ok &= sendrecv_xfrm_policy(&req.n, IGNORE_FWD_INBOUND,
887 policy_name, "(fwd)", logger);
888 break;
889 case KP_ADD_INBOUND:
890 if (!ok) {
891 break;
/programs/pluto/kernel_xfrm.c: 861 in xfrm_raw_policy()
855 uctx->ctx_alg = XFRM_SC_ALG_SELINUX;
856 uctx->ctx_len = sec_label.len;
857 memcpy(uctx + 1, sec_label.ptr, sec_label.len);
858 req.n.nlmsg_len += attr->rta_len;
859 }
860
> > > CID 1510142: (OVERRUN)
> > > Overrunning struct type nlmsghdr of 16 bytes by passing it to a function which \
> > > accesses it at byte offset 4199 using argument "req.n.nlmsg_len" (which \
> > > evaluates to 4200).
861 bool ok = sendrecv_xfrm_policy(&req.n, what_about_inbound, policy_name,
862 ((op & KERNEL_POLICY_OUTBOUND) ? "(out)" : "(in)"),
863 logger);
864
865 /*
866 * ??? deal with any forwarding policy.
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, \
https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31O \
Yv50yq8aBKViEpsZ9KPFMeJd7kKMDjyzu82COVFw1h1aYx-2FtFrefiPxkohPqZgI7DsTRPR5L954NuJuE0J6c \
4ee-2B5kYFk9o_Cir5ZFqEb-2Fpy-2FZDdTxjwNXxDWd37ZfwlkdBT1REyQ38RWPW9392tGOG7UGBGjrtfyJ1x \
LG25fqQXb9CmH-2BowUmKPvSpbonpKzF64yPF-2BJkYv6mfoZayQcYDhooXpq3Y8gkmFtW6oIhgnnA4iCk-2Ff \
rv64ZYFEsCNWT7qXTD-2FsRiCIaCRGE5m3dF876Hwc4jnhkXuxbzh2OepoTgxVE7Ud94rTYxt34DIoZNYSWKKvoFU-3D
To manage Coverity Scan email notifications for "swan-dev@lists.libreswan.org", \
click https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxC \
bhZ31OYv50yped04pjJnmXOsUBtKYNIXxUzCfl-2FUi6sRJtnGH1-2FWXEIl9xkb2JliKiAkqgdujeIgWYvUCI \
HO1g-2Ba8I-2B0nANYHmrw9-2B13a9hJ7YOPZRdlHcEQfoMvDvjqsfrRNzFQ8lscduvXP5RLkPig71dIKudxiz \
l9J_Cir5ZFqEb-2Fpy-2FZDdTxjwNXxDWd37ZfwlkdBT1REyQ38RWPW9392tGOG7UGBGjrtfyJ1xLG25fqQXb9 \
CmH-2BowUj-2BH8XmZUKgTT-2B5O7npJjtodoqP2HZiaIomZmgC8j4BSDWQjptWxEfRea-2F6bsmks6pgvcqRd \
Gyco6igrx2yH3RY5nehtjkrHuplXOA4dAYmoDHBveoyaPml1h4Ph8j9LlDRaM6SlOSUZB-2F9pIMmyzJw-3D
_______________________________________________
Swan-dev mailing list
Swan-dev@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-dev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic