<div dir="auto"><div><br><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Jul 15, 2021, 9:09 AM Gedare Bloom <<a href="mailto:gedare@rtems.org">gedare@rtems.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">I think we have been excluding testsuites. The setting appears to<br>
still be there:<br>
Tests */testsuites/* Ignored=Yes<br>
<br>
I think maybe the pattern needs to be updated to put a dot before each<br>
asterisk: .*/testsuites/.*<br></blockquote></div></div><div dir="auto"><br></div><div dir="auto">No idea why this broke after years though.</div><div dir="auto"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
However, these could probably be fixed mostly without trouble.<br></blockquote></div></div><div dir="auto"><br></div><div dir="auto">That's what I thought. At.keast one looked like a real bug.</div><div dir="auto"><br></div><div dir="auto">--joel</div><div dir="auto"><br></div><div dir="auto"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
On Thu, Jul 15, 2021 at 7:24 AM Joel Sherrill <<a href="mailto:joel@rtems.org" target="_blank" rel="noreferrer">joel@rtems.org</a>> wrote:<br>
><br>
> I am not sure why these popped up now but some indicate logic errors<br>
> in the code cited.<br>
><br>
> --joel<br>
><br>
> ---------- Forwarded message ---------<br>
> From: <<a href="mailto:scan-admin@coverity.com" target="_blank" rel="noreferrer">scan-admin@coverity.com</a>><br>
> Date: Thu, Jul 15, 2021 at 12:26 AM<br>
> Subject: New Defects reported by Coverity Scan for RTEMS<br>
> To: <<a href="mailto:build@rtems.org" target="_blank" rel="noreferrer">build@rtems.org</a>><br>
><br>
><br>
> Hi,<br>
><br>
> Please find the latest report on new defect(s) introduced to RTEMS<br>
> found with Coverity Scan.<br>
><br>
> 9 new defect(s) introduced to RTEMS found with Coverity Scan.<br>
><br>
><br>
> New defect(s) Reported-by: Coverity Scan<br>
> Showing 9 of 9 defect(s)<br>
><br>
><br>
> ** CID 1468693: Insecure data handling (TAINTED_SCALAR)<br>
><br>
><br>
> ________________________________________________________________________________________________________<br>
> *** CID 1468693: Insecure data handling (TAINTED_SCALAR)<br>
> /testsuites/samples/fileio/init.c: 992 in fileio_read_file()<br>
> 986 */<br>
> 987 if (!failed) {<br>
> 988 printf("use suffix K for Kbytes, M for Mbytes or no suffix<br>
> for bytes:\n"<br>
> 989 "Enter block size to use for read calls ==>");<br>
> 990 fflush(stdout);<br>
> 991 fgets(tmp_str,sizeof(tmp_str)-1,stdin);<br>
> >>> CID 1468693: Insecure data handling (TAINTED_SCALAR)<br>
> >>> Passing tainted expression "tmp_str" to "fileio_str2size", which uses it as an offset.<br>
> 992 failed = fileio_str2size(tmp_str,&buf_size);<br>
> 993 if (failed) {<br>
> 994 printf("*** illegal block size, aborted\n");<br>
> 995 }<br>
> 996 }<br>
> 997<br>
><br>
> ** CID 1468692: Integer handling issues (DIVIDE_BY_ZERO)<br>
> /testsuites/samples/fileio/init.c: 401 in create_ramdisk()<br>
><br>
><br>
> ________________________________________________________________________________________________________<br>
> *** CID 1468692: Integer handling issues (DIVIDE_BY_ZERO)<br>
> /testsuites/samples/fileio/init.c: 401 in create_ramdisk()<br>
> 395 printf ("error: invalid option: %s\n", argv[arg]);<br>
> 396 return 1;<br>
> 397 }<br>
> 398 }<br>
> 399 }<br>
> 400<br>
> >>> CID 1468692: Integer handling issues (DIVIDE_BY_ZERO)<br>
> >>> In expression "size / block_size", division by expression "block_size" which may be zero has undefined behavior.<br>
> 401 block_count = size / block_size;<br>
> 402<br>
> 403 /*<br>
> 404 * Register the RAM Disk driver.<br>
> 405 */<br>
> 406 printf ("Register RAM Disk Driver [blocks=%" PRIu32 \<br>
><br>
> ** CID 1468691: Resource leaks (RESOURCE_LEAK)<br>
> /testsuites/samples/fileio/init.c: 209 in shell_nvdisk_erase()<br>
><br>
><br>
> ________________________________________________________________________________________________________<br>
> *** CID 1468691: Resource leaks (RESOURCE_LEAK)<br>
> /testsuites/samples/fileio/init.c: 209 in shell_nvdisk_erase()<br>
> 203 return 1;<br>
> 204 }<br>
> 205<br>
> 206 if (ioctl (fd, RTEMS_NVDISK_IOCTL_ERASE_DISK) < 0)<br>
> 207 {<br>
> 208 printf ("error: nvdisk driver erase failed: %s\n",<br>
> strerror (errno));<br>
> >>> CID 1468691: Resource leaks (RESOURCE_LEAK)<br>
> >>> Handle variable "fd" going out of scope leaks the handle.<br>
> 209 return 1;<br>
> 210 }<br>
> 211<br>
> 212 close (fd);<br>
> 213<br>
> 214 printf ("nvdisk erased successful\n");<br>
><br>
> ** CID 1468689: (TAINTED_SCALAR)<br>
><br>
><br>
> ________________________________________________________________________________________________________<br>
> *** CID 1468689: (TAINTED_SCALAR)<br>
> /testsuites/samples/fileio/init.c: 846 in fileio_write_file()<br>
> 840 */<br>
> 841 if (!failed) {<br>
> 842 printf("use suffix K for Kbytes, M for Mbytes or no suffix<br>
> for bytes:\n"<br>
> 843 "Enter block size to use for write calls ==>");<br>
> 844 fflush(stdout);<br>
> 845 fgets(tmp_str,sizeof(tmp_str)-1,stdin);<br>
> >>> CID 1468689: (TAINTED_SCALAR)<br>
> >>> Passing tainted expression "tmp_str" to "fileio_str2size", which uses it as an offset.<br>
> 846 failed = fileio_str2size(tmp_str,&buf_size);<br>
> 847 if (failed) {<br>
> 848 printf("*** illegal block size, aborted\n");<br>
> 849 }<br>
> 850 }<br>
> 851<br>
> /testsuites/samples/fileio/init.c: 833 in fileio_write_file()<br>
> 827 */<br>
> 828 if (!failed) {<br>
> 829 printf("use suffix K for Kbytes, M for Mbytes or no suffix<br>
> for bytes:\n"<br>
> 830 "Enter filesize to write ==>");<br>
> 831 fflush(stdout);<br>
> 832 fgets(tmp_str,sizeof(tmp_str)-1,stdin);<br>
> >>> CID 1468689: (TAINTED_SCALAR)<br>
> >>> Passing tainted expression "tmp_str" to "fileio_str2size", which uses it as an offset.<br>
> 833 failed = fileio_str2size(tmp_str,&file_size);<br>
> 834 if (failed) {<br>
> 835 printf("*** illegal file size, aborted\n");<br>
> 836 }<br>
> 837 }<br>
> 838 /*<br>
><br>
> ** CID 1468687: Incorrect expression (COPY_PASTE_ERROR)<br>
> /testsuites/samples/paranoia/paranoia.c: 584 in paranoia()<br>
><br>
><br>
> ________________________________________________________________________________________________________<br>
> *** CID 1468687: Incorrect expression (COPY_PASTE_ERROR)<br>
> /testsuites/samples/paranoia/paranoia.c: 584 in paranoia()<br>
> 578 Precision = Y;<br>
> 579 }<br>
> 580 if ((Precision != FLOOR (Precision)) || (Radix == One)) {<br>
> 581 printf ("Precision cannot be characterized by an<br>
> Integer number\n");<br>
> 582 printf ("of significant digits but, by itself, this is<br>
> a minor flaw.\n");<br>
> 583 }<br>
> >>> CID 1468687: Incorrect expression (COPY_PASTE_ERROR)<br>
> >>> "Radix" in "Radix == One" looks like a copy-paste error.<br>
> 584 if (Radix == One)<br>
> 585 printf ("logarithmic encoding has precision<br>
> characterized solely by U1.\n");<br>
> 586 else<br>
> 587 printf ("The number of significant digits of the Radix<br>
> is %f .\n",<br>
> 588 Precision);<br>
> 589 TstCond (Serious, U2 * Nine * Nine * TwoForty < One,<br>
><br>
> ** CID 1468686: Control flow issues (DEADCODE)<br>
> /testsuites/samples/fileio/init.c: 392 in create_ramdisk()<br>
><br>
><br>
> ________________________________________________________________________________________________________<br>
> *** CID 1468686: Control flow issues (DEADCODE)<br>
> /testsuites/samples/fileio/init.c: 392 in create_ramdisk()<br>
> 386 {<br>
> 387 printf ("error: -b needs a size\n");<br>
> 388 return 1;<br>
> 389 }<br>
> 390 block_size = parse_size_arg (argv[arg]);<br>
> 391 if (size == 0)<br>
> >>> CID 1468686: Control flow issues (DEADCODE)<br>
> >>> Execution cannot reach this statement: "return 1;".<br>
> 392 return 1;<br>
> 393 break;<br>
> 394 default:<br>
> 395 printf ("error: invalid option: %s\n", argv[arg]);<br>
> 396 return 1;<br>
> 397 }<br>
><br>
> ** CID 1468685: Resource leaks (RESOURCE_LEAK)<br>
> /testsuites/samples/fileio/init.c: 163 in shell_nvdisk_trace()<br>
><br>
><br>
> ________________________________________________________________________________________________________<br>
> *** CID 1468685: Resource leaks (RESOURCE_LEAK)<br>
> /testsuites/samples/fileio/init.c: 163 in shell_nvdisk_trace()<br>
> 157 return 1;<br>
> 158 }<br>
> 159<br>
> 160 if (ioctl (fd, RTEMS_NVDISK_IOCTL_INFO_LEVEL, level) < 0)<br>
> 161 {<br>
> 162 printf ("error: driver set level failed: %s\n", strerror (errno));<br>
> >>> CID 1468685: Resource leaks (RESOURCE_LEAK)<br>
> >>> Handle variable "fd" going out of scope leaks the handle.<br>
> 163 return 1;<br>
> 164 }<br>
> 165<br>
> 166 close (fd);<br>
> 167<br>
> 168 return 0;<br>
><br>
> ** CID 1468679: Incorrect expression (NO_EFFECT)<br>
> /testsuites/samples/paranoia/paranoia.c: 1492 in paranoia()<br>
><br>
><br>
> ________________________________________________________________________________________________________<br>
> *** CID 1468679: Incorrect expression (NO_EFFECT)<br>
> /testsuites/samples/paranoia/paranoia.c: 1492 in paranoia()<br>
> 1486 printf ("print out as Q = %.17e, Y = %.17e .\n", Q, Y2);<br>
> 1487 printf ("|Q - Y| = %.17e .\n", FABS (Q - Y2));<br>
> 1488 UfThold = Q;<br>
> 1489 break;<br>
> 1490<br>
> 1491 case 3:<br>
> >>> CID 1468679: Incorrect expression (NO_EFFECT)<br>
> >>> Assigning "X" to itself has no effect.<br>
> 1492 X = X;<br>
> 1493 break;<br>
> 1494<br>
> 1495 case 4:<br>
> 1496 if ((Q == UfThold) && (E1 == E0)<br>
> 1497 && (FABS (UfThold - E1 / E9) <= E1)) {<br>
><br>
> ** CID 1468677: Uninitialized variables (UNINIT)<br>
> /testsuites/samples/capture/test1.c: 78 in capture_CT1b()<br>
><br>
><br>
> ________________________________________________________________________________________________________<br>
> *** CID 1468677: Uninitialized variables (UNINIT)<br>
> /testsuites/samples/capture/test1.c: 78 in capture_CT1b()<br>
> 72 static void<br>
> 73 capture_CT1b (rtems_task_argument arg)<br>
> 74 {<br>
> 75 volatile int i;<br>
> 76<br>
> 77 while (!capture_CT1c_deleted)<br>
> >>> CID 1468677: Uninitialized variables (UNINIT)<br>
> >>> Using uninitialized value "i".<br>
> 78 i++;<br>
> 79<br>
> 80 capture_CT1b_deleted = 1;<br>
> 81<br>
> 82 rtems_task_exit();<br>
> 83 }<br>
><br>
><br>
> ________________________________________________________________________________________________________<br>
> To view the defects in Coverity Scan visit,<br>
> <a href="https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50ypUUzi-2FdSNmuyRB7BEFT8xQ4-2B8hpujh0hTgQljRGId4Dg-3D-3DhaSM_EU3W9teASMK00lBXX9WT4lsogDrkCcNZLvg-2FVxwAXMoyD0JEs4cQVPs7yModO9iS3KZmOTMtFerKpWJTESZ9XSy9bw2fNvjKFGKtVfArZIqrPcBx6KD5m2cYyPfuBRUlwl84oo0u5GaEKs-2FEiV5-2BOPirAYHmPdhb88irmeK9V0lU3GUWr0Z8zNQlCYoFZw1Rqng5dhEax-2FWHTiswmaiSJQ-3D-3D" rel="noreferrer noreferrer" target="_blank">https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50ypUUzi-2FdSNmuyRB7BEFT8xQ4-2B8hpujh0hTgQljRGId4Dg-3D-3DhaSM_EU3W9teASMK00lBXX9WT4lsogDrkCcNZLvg-2FVxwAXMoyD0JEs4cQVPs7yModO9iS3KZmOTMtFerKpWJTESZ9XSy9bw2fNvjKFGKtVfArZIqrPcBx6KD5m2cYyPfuBRUlwl84oo0u5GaEKs-2FEiV5-2BOPirAYHmPdhb88irmeK9V0lU3GUWr0Z8zNQlCYoFZw1Rqng5dhEax-2FWHTiswmaiSJQ-3D-3D</a><br>
><br>
> _______________________________________________<br>
> build mailing list<br>
> <a href="mailto:build@rtems.org" target="_blank" rel="noreferrer">build@rtems.org</a><br>
> <a href="http://lists.rtems.org/mailman/listinfo/build" rel="noreferrer noreferrer" target="_blank">http://lists.rtems.org/mailman/listinfo/build</a><br>
> _______________________________________________<br>
> devel mailing list<br>
> <a href="mailto:devel@rtems.org" target="_blank" rel="noreferrer">devel@rtems.org</a><br>
> <a href="http://lists.rtems.org/mailman/listinfo/devel" rel="noreferrer noreferrer" target="_blank">http://lists.rtems.org/mailman/listinfo/devel</a><br>
</blockquote></div></div></div>