Coverity untar Issue 1255358

Joel Sherrill joel.sherrill at oarcorp.com
Tue Nov 25 19:51:59 UTC 2014


Hi

There are two Coverity Issues with untar.c but this one seems
especially odd to me.

My reading of the following code is that if the creat() of the
filename in the tar image fails, then the code reads the contents
of the tar image and throws it away to skip it.

What would be wrong with replacing the throw away read loop
with "lseek(fd, SEEK_CUR, 512 * nblocks)"?

339         /******************************************************************
340          * Read out the data.  There are nblocks of data where nblocks
341          * is the size rounded to the nearest 512-byte boundary.
342          *****************************************************************/
343         nblocks = (((size) + 511) & ~511) / 512;
344
   
CID 26151: Use of untrusted string value (TAINTED_STRING) [select issue
<https://scan5.coverity.com:8443/defectInstanceId=19808182&fileInstanceId=64729753&mergedDefectId=26151>]
345         if ((out_fd = creat(fname, 0644)) == -1)
346         {
347            for (i=0; i<nblocks; i++)
348            {
   
CID 1255358 (#1 of 1): Unused value (UNUSED_VALUE)returned_value: Value
from read(fd, bufr, 512U) is assigned to n here, but that stored value
is not used before it is overwritten.
349               n = read(fd, bufr, 512);
350            }
351         }
352         else
353         {
354            for (i=0; i<nblocks; i++)
355            {
   
value_overwrite: Value from read(fd, bufr, 512U) is overwritten with
value from read(fd, bufr, 512U).


-- 
Joel Sherrill, Ph.D.             Director of Research & Development
joel.sherrill at OARcorp.com        On-Line Applications Research
Ask me about RTEMS: a free RTOS  Huntsville AL 35805
Support Available                (256) 722-9985

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rtems.org/pipermail/devel/attachments/20141125/87c16eea/attachment-0001.html>


More information about the devel mailing list