-
Caolán McNamara yazdı
by using a byte-swapping pattern that coverity doesn't detect as such tested as a scratch coverity attempt with a smaller project which has a far higher allocation of coverity attempts per week :-) unsigned int readTaintedUINT32(const char* buffer) { unsigned int v = ( (buffer[0] << 24) | (buffer[1] << 16) | (buffer[2] << 8) | (buffer[3] << 0) ); return v; } unsigned int readUntaintedUINT32(const char* p) { unsigned int v = *p++; v <<= 8; v |= *p++; v <<= 8; v |= *p++; v <<= 8; return v | *p; } void foo(char *buffer) { char *pOne = new char[readTaintedUINT32(buffer)]; // ^ coverity only reports this delete [] pOne; char *pTwo = new char[readUntaintedUINT32(buffer)]; // ^ and not this delete [] pTwo; } should silence coverity#1213371 Untrusted value as argument coverity#1213372 Untrusted value as argument coverity#1213373 Use of untrusted scalar value coverity#1213374 Use of untrusted scalar value coverity#1213376 Untrusted loop bound coverity#1213388 Use of untrusted scalar value coverity#1213389 Use of untrusted scalar value coverity#1213390 Use of untrusted scalar value coverity#1213423 Untrusted value as argument coverity#1213424 Untrusted value as argument coverity#1213425 Untrusted value as argument coverity#1213432 Untrusted value as argument coverity#1215304 Untrusted loop bound Change-Id: Ib8c7fc9a8e8b36ca227c76577d991c10df7dcd5a6484bf5f
| Adı |
Son kayıt (commit)
|
Son güncelleme |
|---|---|---|
| .. | ||
| source | ||
| test | ||
| tools | ||
| workben | ||
| Executable_regcompare.mk | ||
| Executable_regmerge.mk | ||
| Executable_regview.mk | ||
| Library_reg.mk | ||
| Makefile | ||
| Module_registry.mk | ||
| README | ||
| StaticLibrary_registry_helper.mk |