Uploaded image for project: 'WiredTiger'
  1. WiredTiger
  2. WT-4720

Coverity complaint #111697: handle tiny sizes in block manager reads

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor - P4
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: WT3.2.0, 4.1.11
    • Component/s: None
    • Labels:
      None
    • Story Points:
      2
    • Sprint:
      Storage Engines 2019-04-22

      Description

      Coverity complaint #111697 Untrusted value as argument

      250        }
         	6. Condition (__ret = __wt_buf_init(session, buf, bufsize)) != 0, taking false branch.
      251        WT_RET(__wt_buf_init(session, buf, bufsize));
         	7. tainted_data_argument: Calling function __wt_read taints argument buf->mem. [show details]
         	8. Condition (__ret = __wt_read(session, block->fh, offset, size, buf->mem)) != 0, taking false branch.
      252        WT_RET(__wt_read(session, block->fh, offset, size, buf->mem));
      253        buf->size = size;
      254
      255        /*
      256         * We incrementally read through the structure before doing a checksum,
      257         * do little- to big-endian handling early on, and then select from the
      258         * original or swapped structure as needed.
      259         */
      260        blk = WT_BLOCK_HEADER_REF(buf->mem);
      261        __wt_block_header_byteswap_copy(blk, &swap);
         	9. Condition swap.checksum == checksum, taking true branch.
      262        if (swap.checksum == checksum) {
      263                blk->checksum = 0;
         	10. Condition (swap.flags & 1U) != 0, taking true branch.
         	
      CID 111697 (#1 of 1): Untrusted value as argument (TAINTED_SCALAR)
      11. tainted_data: Passing tainted variable buf->mem to a tainted sink. (The function pointer resolves to __wt_checksum_sw.) [show details]
      

        Attachments

          Activity

            People

            • Assignee:
              keith.bostic Keith Bostic
              Reporter:
              keith.bostic Keith Bostic
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: