[Gluster-devel] New Defects reported by Coverity Scan for gluster/glusterfs

Thu Mar 19 08:03:09 UTC 2015

Hi,

Please find the latest report on new defect(s) introduced to gluster/glusterfs found with Coverity Scan.

65 new defect(s) introduced to gluster/glusterfs found with Coverity Scan.
12 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 20 of 65 defect(s)

** CID 1288778:    (STRING_OVERFLOW)
/xlators/features/trash/src/trash.c: 1863 in trash_ftruncate_mkdir_cbk()
/xlators/features/trash/src/trash.c: 1880 in trash_ftruncate_mkdir_cbk()
/xlators/features/trash/src/trash.c: 1934 in trash_ftruncate_mkdir_cbk()

________________________________________________________________________________________________________
*** CID 1288778:    (STRING_OVERFLOW)
/xlators/features/trash/src/trash.c: 1863 in trash_ftruncate_mkdir_cbk()
1857                     tmp_loc.path = gf_strdup (tmp_path);
1858                     if (!tmp_loc.path) {
1859                             gf_log (this->name, GF_LOG_DEBUG, "out of memory");
1860                             ret = ENOMEM;
1861                             goto out;
1862                     }
>>>     CID 1288778:    (STRING_OVERFLOW)
>>>     You might overrun the 4096 byte fixed-size string "real_path" by copying "priv->brick_path" without checking the length.
1863                     strcpy (real_path, priv->brick_path);
1864                     remove_trash_path (tmp_path, (frame->root->pid < 0), tmp_stat);
1865                     if (tmp_stat)
1866                             strcat (real_path, tmp_stat);
1867                     STACK_WIND_COOKIE (frame, trash_ftruncate_mkdir_cbk,
1868                                        tmp_path, FIRST_CHILD(this),
/xlators/features/trash/src/trash.c: 1880 in trash_ftruncate_mkdir_cbk()
1874             }
1875     
1876             if (op_ret == 0) {
1877                     dir_name = dirname (tmp_str);
1878                     if (strcmp ((char *)cookie, dir_name) == 0) {
1879                             flags = O_CREAT|O_EXCL|O_WRONLY;
>>>     CID 1288778:    (STRING_OVERFLOW)
>>>     You might overrun the 4096 byte fixed-size string "real_path" by copying "priv->brick_path" without checking the length.
1880                             strcpy (real_path, priv->brick_path);
1881                             strcat (real_path, local->origpath);
1882                             /* Call create again once directory structure
1883                                is created. */
1884                             STACK_WIND (frame, trash_ftruncate_create_cbk,
1885                                         FIRST_CHILD(this),
/xlators/features/trash/src/trash.c: 1934 in trash_ftruncate_mkdir_cbk()
1928             if (!tmp_loc.name) {
1929                     gf_log (this->name, GF_LOG_DEBUG, "out of memory");
1930                     ret = ENOMEM;
1931                     goto out;
1932             }
1933     
>>>     CID 1288778:    (STRING_OVERFLOW)
>>>     You might overrun the 4096 byte fixed-size string "real_path" by copying "priv->brick_path" without checking the length.
1934             strcpy (real_path, priv->brick_path);
1935             remove_trash_path (tmp_path, (frame->root->pid < 0), tmp_stat);
1936             if (tmp_stat)
1937                     strcat (real_path, tmp_stat);
1938             STACK_WIND_COOKIE (frame, trash_ftruncate_mkdir_cbk, tmp_path,
1939                                FIRST_CHILD(this),

________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/987?tab=overview

To manage Coverity Scan email notifications for "gluster-devel at gluster.org", click https://scan.coverity.com/subscriptions/edit?email=gluster-devel%40gluster.org&token=7dffab14bc5a7180e75b0d047539f148 .