subject:"\[Dnsmasq\-discuss\] \[PATCH\] Static analysis minor issue fixes"

Re: [Dnsmasq-discuss] [PATCH] Static analysis minor issue fixes

2024-09-09 Thread Geert Stappers

On Thu, Jun 06, 2024 at 01:59:23PM +0200, Geert Stappers wrote:
> On Sat, Jun 01, 2024 at 12:36:49AM +0200, Petr Menšík wrote:
> > Hi!
> > 
> > As part of our review of dnsmasq code, our code scanning tools revealed few
> > warnings. Some of them are valid, although it does fix only more or less
> > cosmetic fixes. Potentially emitting warnings in tools like Coverity scan. 3
> > small changes attached.
> 
> 
> Most likely another reminder is needed. Upon "retransmit", please 
> CC ~stappers/dnsmasqm...@lists.sr.ht
> 

CC as 'Cc: ' in email headers.

The ' ~stappers/dnsmasqm...@lists.sr.ht ' is a valid email address.

Reason for this reminder
is https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q3/017723.html
which states that an un-applied patch from Petr is missing. (And this
email is prevent another "patch from Petr is missing".

Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] [PATCH] Static analysis minor issue fixes

2024-06-06 Thread Geert Stappers

On Sat, Jun 01, 2024 at 12:36:49AM +0200, Petr Menšík wrote:
> Hi!
> 
> As part of our review of dnsmasq code, our code scanning tools revealed few
> warnings. Some of them are valid, although it does fix only more or less
> cosmetic fixes. Potentially emitting warnings in tools like Coverity scan. 3
> small changes attached.


Most likely another reminder is needed. Upon "retransmit", please 
CC ~stappers/dnsmasqm...@lists.sr.ht



Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] [PATCH] Static analysis minor issue fixes

2024-05-31 Thread Petr Menšík


Hi!

As part of our review of dnsmasq code, our code scanning tools revealed 
few warnings. Some of them are valid, although it does fix only more or 
less cosmetic fixes. Potentially emitting warnings in tools like 
Coverity scan. 3 small changes attached.


Cheers,
Petr

--
Petr Menšík
Software Engineer, RHEL
Red Hat, https://www.redhat.com/
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB

From 4bce87819b8df79a1a25c9eb79a83c9ce81d2ad5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= 
Date: Thu, 28 Mar 2024 00:54:38 +0100
Subject: [PATCH 3/3] Error: Y2K38_SAFETY (CWE-197):

dnsmasq-2.85/src/dhcp6.c:624: store_truncates_time_t: A ""time_t"" value is stored in an integer with too few bits to accommodate it.  The expression ""*((time_t *)parm)"" is cast to ""u32"".
  622| PUTSHORT(1, p); /* DUID_LLT */
  623| PUTSHORT(type, p); /* address type */
  624|->   PUTLONG(*((time_t *)parm), p); /* time */
  625|   }
  626|

Resolves: https://issues.redhat.com/browse/RHEL-30809
---
 src/dhcp6.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/dhcp6.c b/src/dhcp6.c
index c9d54dc..6e96dae 100644
--- a/src/dhcp6.c
+++ b/src/dhcp6.c
@@ -633,7 +633,6 @@ static int make_duid1(int index, unsigned int type, char *mac, size_t maclen, vo
   
   unsigned char *p;
   (void)index;
-  (void)parm;
   time_t newnow = *((time_t *)parm);
   
   if (type >= 256)
@@ -652,7 +651,8 @@ static int make_duid1(int index, unsigned int type, char *mac, size_t maclen, vo
   daemon->duid_len = maclen + 8;
   PUTSHORT(1, p); /* DUID_LLT */
   PUTSHORT(type, p); /* address type */
-  PUTLONG(*((time_t *)parm), p); /* time */
+  /* avoid warnings with 64bit time_t */
+  PUTLONG((newnow & 0xu), p); /* time */
 }
   
   memcpy(p, mac, maclen);
-- 
2.45.0

From 60a7c4a88c8ffd2b9818ae26289544b62a798747 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= 
Date: Wed, 27 Mar 2024 01:46:59 +0100
Subject: [PATCH 2/3] Error: UNINIT (CWE-457):

dnsmasq-2.85/src/edns0.c:272: var_decl: Declaring variable "encode" without initializer.
dnsmasq-2.85/src/edns0.c:289: uninit_use_in_call: Using uninitialized value "*encode" when calling "strlen".
  287|   }
  288|
  289|->   return add_pseudoheader(header, plen, limit, PACKETSZ, EDNS0_OPTION_NOMDEVICEID, (unsigned char *)encode, strlen(encode), 0, replace);
  290|   }

Resolves: https://issues.redhat.com/browse/RHEL-30804
---
 src/edns0.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/edns0.c b/src/edns0.c
index 598478f..93a5ce3 100644
--- a/src/edns0.c
+++ b/src/edns0.c
@@ -270,6 +270,7 @@ static size_t add_dns_client(struct dns_header *header, size_t plen, unsigned ch
   int replace = 0, maclen = 0;
   unsigned char mac[DHCP_CHADDR_MAX];
   char encode[18]; /* handle 6 byte MACs ONLY */
+  *encode = 0;
 
   if ((option_bool(OPT_MAC_B64) || option_bool(OPT_MAC_HEX)) && (maclen = find_mac(l3, mac, 1, now)) == 6)
 {
-- 
2.45.0

From 08728eefef7f70b5a7571e3c70050dee6e8265c5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= 
Date: Thu, 28 Mar 2024 00:42:08 +0100
Subject: [PATCH 1/3] Error: UNINIT (CWE-457):

dnsmasq-2.85/src/forward.c:65: var_decl: Declaring variable ""p"" without initializer.
dnsmasq-2.85/src/forward.c:69: uninit_use_in_call: Using uninitialized value ""p"". Field ""p.ipi_addr"" is uninitialized when calling ""memcpy"". [Note: The source code implementation of the function has been overridden by a builtin model.]
   67| p.ipi_spec_dst = source->addr4;
   68| msg.msg_controllen = CMSG_SPACE(sizeof(struct in_pktinfo));
   69|->   memcpy(CMSG_DATA(cmptr), &p, sizeof(p));
   70| cmptr->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
   71| cmptr->cmsg_level = IPPROTO_IP;

Resolves: https://issues.redhat.com/browse/RHEL-30809
---
 src/forward.c | 7 ---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/forward.c b/src/forward.c
index 10e7496..95e5ae8 100644
--- a/src/forward.c
+++ b/src/forward.c
@@ -68,9 +68,10 @@ int send_from(int fd, int nowild, char *packet, size_t len,
   if (to->sa.sa_family == AF_INET)
 	{
 #if defined(HAVE_LINUX_NETWORK)
-	  struct in_pktinfo p;
-	  p.ipi_ifindex = 0;
-	  p.ipi_spec_dst = source->addr4;
+	  struct in_pktinfo p = {
+	.ipi_ifindex = 0,
+	.ipi_spec_dst = source->addr4,
+	  };
 	  msg.msg_controllen = CMSG_SPACE(sizeof(struct in_pktinfo));
 	  memcpy(CMSG_DATA(cmptr), &p, sizeof(p));
 	  cmptr->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
-- 
2.45.0



OpenPGP_0x4931CA5B6C9FC5CB.asc
Description: OpenPGP public key


OpenPGP_signature.asc
Description: OpenPGP digital signature
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] [PATCH] Static analysis minor issue fixes

Re: [Dnsmasq-discuss] [PATCH] Static analysis minor issue fixes

[Dnsmasq-discuss] [PATCH] Static analysis minor issue fixes

3 matches

Site Navigation

Mail list logo

Footer information