New Defects reported by Coverity Scan for RTEMS-Tools

scan-admin at coverity.com scan-admin at coverity.com
Wed Aug 4 17:22:28 UTC 2021


Hi,

Please find the latest report on new defect(s) introduced to RTEMS-Tools found with Coverity Scan.

10 new defect(s) introduced to RTEMS-Tools found with Coverity Scan.
14 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 10 of 10 defect(s)


** CID 1506210:  Uninitialized members  (UNINIT_CTOR)
/tester/covoar/ObjdumpProcessor.cc: 131 in Coverage::ObjdumpProcessor::ObjdumpProcessor(Coverage::DesiredSymbols &, std::shared_ptr<Target::TargetBase> &)()


________________________________________________________________________________________________________
*** CID 1506210:  Uninitialized members  (UNINIT_CTOR)
/tester/covoar/ObjdumpProcessor.cc: 131 in Coverage::ObjdumpProcessor::ObjdumpProcessor(Coverage::DesiredSymbols &, std::shared_ptr<Target::TargetBase> &)()
125       ObjdumpProcessor::ObjdumpProcessor(
126         DesiredSymbols&     symbolsToAnalyze,
127         std::shared_ptr<Target::TargetBase>& targetInfo
128       ): symbolsToAnalyze_m( symbolsToAnalyze ),
129          targetInfo_m( targetInfo )
130       {
>>>     CID 1506210:  Uninitialized members  (UNINIT_CTOR)
>>>     Non-static class member "inputBuffer_m" is not initialized in this constructor nor in any functions that it calls.
131       }
132     
133       ObjdumpProcessor::~ObjdumpProcessor()
134       {
135       }
136     

** CID 1506209:  Memory - corruptions  (OVERRUN)
/tester/covoar/GcovData.cc: 400 in Gcov::GcovData::readFilePreamble(Gcov::gcov_preamble *, std::basic_ifstream<char, std::char_traits<char>> &, unsigned int)()


________________________________________________________________________________________________________
*** CID 1506209:  Memory - corruptions  (OVERRUN)
/tester/covoar/GcovData.cc: 400 in Gcov::GcovData::readFilePreamble(Gcov::gcov_preamble *, std::basic_ifstream<char, std::char_traits<char>> &, unsigned int)()
394          uint32_t        desiredMagic
395       )
396       {
397         int          length;
398     
399         length = sizeof( gcov_preamble );
>>>     CID 1506209:  Memory - corruptions  (OVERRUN)
>>>     Overrunning buffer pointed to by "(char *)&preamble" of 8 bytes by passing it to a function which accesses it at byte offset 47 using argument "48L".
400         gcovFile.read( (char *) &preamble, 4 * sizeof( gcov_preamble ) );
401         if ( gcovFile.gcount() != 4 * sizeof( gcov_preamble ) ) {
402           std::cerr << "Error while reading file preamble" << std::endl;
403           return -1;
404         }
405     

** CID 1506208:  Memory - corruptions  (OVERRUN)
/tester/covoar/GcovData.cc: 132 in Gcov::GcovData::writeGcdaFile()()


________________________________________________________________________________________________________
*** CID 1506208:  Memory - corruptions  (OVERRUN)
/tester/covoar/GcovData.cc: 132 in Gcov::GcovData::writeGcdaFile()()
126         //Form preamble
127         preamble.magic  = GCDA_MAGIC;
128         preamble.version  = gcnoPreamble.version;
129         preamble.timestamp  = gcnoPreamble.timestamp;
130     
131         //Write preamble
>>>     CID 1506208:  Memory - corruptions  (OVERRUN)
>>>     Overrunning struct type _ZN4Gcov13gcov_preambleE of 12 bytes by passing it to a function which accesses it at byte offset 47 using argument "48L".
132         gcdaFile.write( (char *) &preamble , 4 * sizeof( preamble ) );
133         if ( gcdaFile.fail() ) {
134           std::cerr << "Error while writing gcda preamble to a file "
135                     << gcdaFileName << std::endl;
136         }
137     

** CID 1506207:  Memory - illegal accesses  (BUFFER_SIZE)
/tester/covoar/TraceWriterQEMU.cc: 109 in Trace::TraceWriterQEMU::writeFile(const char *, Trace::TraceReaderBase *, bool)()


________________________________________________________________________________________________________
*** CID 1506207:  Memory - illegal accesses  (BUFFER_SIZE)
/tester/covoar/TraceWriterQEMU.cc: 109 in Trace::TraceWriterQEMU::writeFile(const char *, Trace::TraceReaderBase *, bool)()
103           return false;
104         }
105     
106         //
107         //  Write the Header to the file
108         //
>>>     CID 1506207:  Memory - illegal accesses  (BUFFER_SIZE)
>>>     Calling "strncpy" with a source string whose length (12 chars) is greater than or equal to the size argument (12) will fail to null-terminate "header.magic".
109         strncpy( header.magic, QEMU_TRACE_MAGIC, sizeof(header.magic) );
110         header.version = QEMU_TRACE_VERSION;
111         header.kind    = QEMU_TRACE_KIND_RAW;  // XXX ??
112         header.sizeof_target_pc = 32;
113         header.big_endian = false;
114         header.machine[0] = 0; // XXX ??

** CID 1506206:  Uninitialized members  (UNINIT_CTOR)
/tester/covoar/GcovData.cc: 26 in Gcov::GcovData::GcovData(Coverage::DesiredSymbols &)()


________________________________________________________________________________________________________
*** CID 1506206:  Uninitialized members  (UNINIT_CTOR)
/tester/covoar/GcovData.cc: 26 in Gcov::GcovData::GcovData(Coverage::DesiredSymbols &)()
20     namespace Gcov {
21     
22       GcovData::GcovData( Coverage::DesiredSymbols& symbolsToAnalyze ):
23         numberOfFunctions( 0 ),
24         symbolsToAnalyze_m( symbolsToAnalyze )
25       {
>>>     CID 1506206:  Uninitialized members  (UNINIT_CTOR)
>>>     Non-static class member "gcnoPreamble.timestamp" is not initialized in this constructor nor in any functions that it calls.
26       }
27     
28       GcovData::~GcovData()
29       {
30       }
31     

** CID 1506205:  API usage errors  (STREAM_FORMAT_STATE)
/tester/covoar/GcovFunctionData.cc: 372 in Gcov::GcovFunctionData::printBlockInfo(std::basic_ofstream<char, std::char_traits<char>> &, std::_List_iterator<Gcov::gcov_block_info>)()


________________________________________________________________________________________________________
*** CID 1506205:  API usage errors  (STREAM_FORMAT_STATE)
/tester/covoar/GcovFunctionData.cc: 372 in Gcov::GcovFunctionData::printBlockInfo(std::basic_ofstream<char, std::char_traits<char>> &, std::_List_iterator<Gcov::gcov_block_info>)()
366         if ( !block->lines.empty() )
367           for ( line = block->lines.begin(); line != block->lines.end(); line++ ) {
368             textFile << *line << ", ";
369           }
370     
371         textFile << std::endl;
>>>     CID 1506205:  API usage errors  (STREAM_FORMAT_STATE)
>>>     Changing format state of stream "textFile" for category basefield without later restoring it.
372       }
373     
374       bool GcovFunctionData::processFunctionCounters( void ) {
375     
376         uint32_t               baseAddress = 0;
377         uint32_t               currentAddress = 0;

** CID 1506204:  Uninitialized variables  (UNINIT)
/tester/covoar/TraceWriterQEMU.cc: 116 in Trace::TraceWriterQEMU::writeFile(const char *, Trace::TraceReaderBase *, bool)()


________________________________________________________________________________________________________
*** CID 1506204:  Uninitialized variables  (UNINIT)
/tester/covoar/TraceWriterQEMU.cc: 116 in Trace::TraceWriterQEMU::writeFile(const char *, Trace::TraceReaderBase *, bool)()
110         header.version = QEMU_TRACE_VERSION;
111         header.kind    = QEMU_TRACE_KIND_RAW;  // XXX ??
112         header.sizeof_target_pc = 32;
113         header.big_endian = false;
114         header.machine[0] = 0; // XXX ??
115         header.machine[1] = 0; // XXX ??
>>>     CID 1506204:  Uninitialized variables  (UNINIT)
>>>     Using uninitialized value "header". Field "header._pad" is uninitialized when calling "fwrite".
116         status = ::fwrite( &header, sizeof(trace_header), 1, traceFile );
117         if (status != 1) {
118           std::cerr << "Unable to write header to " << file << std::endl;
119           ::fclose( traceFile );
120           return false;
121         }

** CID 1506203:  Memory - illegal accesses  (STRING_NULL)
/tester/covoar/TraceWriterQEMU.cc: 124 in Trace::TraceWriterQEMU::writeFile(const char *, Trace::TraceReaderBase *, bool)()


________________________________________________________________________________________________________
*** CID 1506203:  Memory - illegal accesses  (STRING_NULL)
/tester/covoar/TraceWriterQEMU.cc: 124 in Trace::TraceWriterQEMU::writeFile(const char *, Trace::TraceReaderBase *, bool)()
118           std::cerr << "Unable to write header to " << file << std::endl;
119           ::fclose( traceFile );
120           return false;
121         }
122     
123         if (verbose)
>>>     CID 1506203:  Memory - illegal accesses  (STRING_NULL)
>>>     Passing unterminated string "header.magic" to "operator <<", which expects a null-terminated string. [Note: The source code implementation of the function has been overridden by a builtin model.]
124           std::cerr << "magic = " << header.magic << std::endl
125                     << "version = " << header.version << std::endl
126                     << "kind = " << header.kind << std::endl
127                     << "sizeof_target_pc = " << header.sizeof_target_pc << std::endl
128                     << "big_endian = " << header.big_endian << std::endl
129                     << std::hex << std::setfill('0')

** CID 1506202:  API usage errors  (STREAM_FORMAT_STATE)
/tester/covoar/GcovData.cc: 410 in Gcov::GcovData::readFilePreamble(Gcov::gcov_preamble *, std::basic_ifstream<char, std::char_traits<char>> &, unsigned int)()


________________________________________________________________________________________________________
*** CID 1506202:  API usage errors  (STREAM_FORMAT_STATE)
/tester/covoar/GcovData.cc: 410 in Gcov::GcovData::readFilePreamble(Gcov::gcov_preamble *, std::basic_ifstream<char, std::char_traits<char>> &, unsigned int)()
404         }
405     
406         if ( preamble->magic != GCNO_MAGIC ) {
407           std::cerr << "File is not a valid *.gcno output (magic: 0x"
408                     << std::hex << std::setw( 4 ) << preamble->magic
409                     << ")" << std::endl;
>>>     CID 1506202:  API usage errors  (STREAM_FORMAT_STATE)
>>>     Changing format state of stream "std::cerr" for category basefield without later restoring it.
410           return -1;
411         }
412     
413         return length / 4;
414       }
415     

** CID 1506201:  Security best practices violations  (TOCTOU)
/tester/covoar/TraceReaderLogQEMU.cc: 109 in Trace::TraceReaderLogQEMU::processFile(const char *, Coverage::ObjdumpProcessor &)()


________________________________________________________________________________________________________
*** CID 1506201:  Security best practices violations  (TOCTOU)
/tester/covoar/TraceReaderLogQEMU.cc: 109 in Trace::TraceReaderLogQEMU::processFile(const char *, Coverage::ObjdumpProcessor &)()
103         char                inputBuffer[MAX_LINE_LENGTH];
104     
105         //
106         // Verify that the log file has a non-zero size.
107         //
108         // NOTE: We prefer stat64 because some of the coverage files are HUGE!
>>>     CID 1506201:  Security best practices violations  (TOCTOU)
>>>     Calling function "stat" to perform check on "file".
109         status = STAT( file, &statbuf );
110         if (status == -1) {
111           fprintf( stderr, "Unable to stat %s\n", file );
112           return false;
113         }
114     


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50ypUUzi-2FdSNmuyRB7BEFT8xQi8c7-2B1U0roIV5G3HXifs2odF2CS2aZ-2FK5CtfMSQ5p34-3DSJO7_EU3W9teASMK00lBXX9WT4lsogDrkCcNZLvg-2FVxwAXMrfLSVh7XTO2wDB7bLcSBmaf0x2WqX7xBsNbn25nKmdtkp1a4ddb6pVZkYTsp2IeuN9Q9q6fEkKnH0rHZF3NELOM5MNi7oCQamA6rIC-2B3YKyC6KSfH4FxzEVC4-2FteKZ8pfsSh2qw196fHH57Y8G16lmrItMXlh-2FFJVa2UY-2Bko2W4g-3D-3D



More information about the build mailing list