[SERVER-47391] Coverity analysis defect 114099: Copy into fixed size buffer Created: 07/Apr/20  Updated: 29/Oct/23  Resolved: 02/Sep/20

Status: Closed
Project: Core Server
Component/s: JavaScript
Affects Version/s: None
Fix Version/s: 4.7.0

Type: Bug Priority: Major - P3
Reporter: Coverity Collector User Assignee: Claire Childs (Inactive)
Resolution: Fixed Votes: 0
Labels: coverity, neweng, qexec-team
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Problem/Incident
causes SERVER-57206 Compiler warnings in JSStringWrapper:... Closed
Related
related to SERVER-57371 ItoA should be able to write to a use... Backlog
Backwards Compatibility: Fully Compatible
Operating System: ALL
Sprint: Query 2020-09-07
Participants:

 Description   

A source buffer of statically unknown size is copied into a fixed-size destination buffer

Defect 114099 (STATIC_C)
Checker STRING_OVERFLOW (subcategory fixed_size_dest)
File: /src/mongo/scripting/mozjs/jsstringwrapper.cpp
Function mongo::mozjs::JSStringWrapper::JSStringWrapper(int)
/src/mongo/scripting/mozjs/jsstringwrapper.cpp, line: 47
You might overrun the 64-character fixed-size string "this->_buf" by copying the return value of "c_str" without checking the length.

        strcpy(_buf, formatted.c_str());



 Comments   
Comment by Eric Milkie [ 02/Sep/20 ]

David and I chatted; the new Defect we decided to ignore in Coverity, so there is no further work to be done and this ticket can be closed.

Comment by Eric Milkie [ 02/Sep/20 ]

This commit removed the previous defect but created a new one:
CID 116236 (#1 of 1): Buffer not null terminated (BUFFER_SIZE)
1. buffer_size_warning: Calling strncpy with a maximum size argument of 64 bytes on destination array this->_buf of size 64 bytes might leave the destination string unterminated.

Comment by Githook User [ 01/Sep/20 ]

Author:

{'name': 'c-childs', 'email': 'claire.childs@mongodb.com', 'username': 'c-childs'}

Message: SERVER-47391 convert strcpy to strncpy
Branch: master
https://github.com/mongodb/mongo/commit/609bf1ddf9a2702d3bdd711b8fd49efa281a2129

Generated at Thu Feb 08 05:14:02 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.