[Gluster-devel] Help needed with Coverity - How to remove tainted_data_argument?
Krishnan Parthasarathi
kparthas at redhat.com
Wed Dec 17 07:26:55 UTC 2014
I was looking into a Coverity issue (CID 1228603) in GlusterFS.
I sent a patch[1] before I fully understood why this was an issue.
After searching around in the internet for explanations, I identified that
the core issue was that a character buffer, storing parts of a file (external I/O),
was marked tainted. This taint spread wherever the buffer was used. This seems
acceptable in the context of static analysis. How do we indicate to Coverity that
the 'taint' would cause no harm as speculated?
[1] - Coverity fix attempt: http://review.gluster.org/#/c/9286/
[2] - CID 1228603: Use of untrusted scalar value (TAINTED_SCALAR):
glusterd-utils.c: 2131 in glusterd_readin_file()
thanks,
kp
More information about the Gluster-devel
mailing list