[RTEMS Project] #4425: GcovFunctionData.cc: Copy into fixed size buffer errors spotted by Coverity
RTEMS trac
trac at rtems.org
Mon May 17 21:57:02 UTC 2021
#4425: GcovFunctionData.cc: Copy into fixed size buffer errors spotted by Coverity
-----------------------+---------------------
Reporter: Ryan Long | Owner: (none)
Type: defect | Status: new
Priority: normal | Milestone: 6.1
Component: tool | Version: 6
Severity: normal | Resolution:
Keywords: | Blocked By:
Blocking: |
-----------------------+---------------------
Comment (by Ryan Long):
Replying to [ticket:4425 Ryan Long]:
> CID 1063892: Copy into fixed size buffer in addBlock().
CID is actually 1399613
> {{{
> CID 1399613 (#1 of 1): Copy into fixed size buffer
(STRING_OVERFLOW)1. fixed_size_dest: You might overrun the 256-character
fixed-size string block.sourceFileName by copying sourceFileName without
checking the length.
> 2. parameter_as_source: Note: This defect has an elevated risk
because the source argument is a parameter of the current function.
> 184 strcpy (block.sourceFileName, sourceFileName);
> }}}
>
> CID 1399616: Copy into fixed size buffer in setBlockFileName().
> {{{
> CID 1399616 (#1 of 1): Copy into fixed size buffer
(STRING_OVERFLOW)1. fixed_size_dest: You might overrun the 256-character
fixed-size string block->sourceFileName by copying fileName without
checking the length.
> 2. parameter_as_source: Note: This defect has an elevated risk
because the source argument is a parameter of the current function.
> 298 strcpy(block->sourceFileName, fileName);
> }}}
--
Ticket URL: <http://devel.rtems.org/ticket/4425#comment:1>
RTEMS Project <http://www.rtems.org/>
RTEMS Project
More information about the bugs
mailing list