[Gluster-devel] Help needed with Coverity - How to remove tainted_data_argument?
Niels de Vos
ndevos at redhat.com
Wed Dec 17 08:26:56 UTC 2014
On Wed, Dec 17, 2014 at 02:26:55AM -0500, Krishnan Parthasarathi wrote:
> I was looking into a Coverity issue (CID 1228603) in GlusterFS.
> I sent a patch[1] before I fully understood why this was an issue.
> After searching around in the internet for explanations, I identified that
> the core issue was that a character buffer, storing parts of a file (external I/O),
> was marked tainted. This taint spread wherever the buffer was used. This seems
> acceptable in the context of static analysis. How do we indicate to Coverity that
> the 'taint' would cause no harm as speculated?
>
> [1] - Coverity fix attempt: http://review.gluster.org/#/c/9286/
> [2] - CID 1228603: Use of untrusted scalar value (TAINTED_SCALAR):
> glusterd-utils.c: 2131 in glusterd_readin_file()
If you visit https://scan.coverity.com/projects/987 you can request an
account and make yourself owner of this CID (enter it in the upper right
corner after clicking 'view defects').
I agree that this is safe usage. Please mark this as 'intentional'.
Thanks,
Niels
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <http://supercolony.gluster.org/pipermail/gluster-devel/attachments/20141217/72e8d987/attachment.sig>
More information about the Gluster-devel
mailing list