[Swan-dev] New Defects reported by Coverity Scan for antonyantony/libreswan

scan-admin at coverity.com scan-admin at coverity.com
Fri Jul 30 10:09:45 UTC 2021 

Hi,

Please find the latest report on new defect(s) introduced to antonyantony/libreswan found with Coverity Scan.

1 new defect(s) introduced to antonyantony/libreswan found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1496114:  Memory - corruptions  (OVERRUN)
/programs/pluto/iface_udp.c: 276 in udp_read_packet()


________________________________________________________________________________________________________
*** CID 1496114:  Memory - corruptions  (OVERRUN)
/programs/pluto/iface_udp.c: 276 in udp_read_packet()
270     	 * The FROM.SA union is big enough to hold sockaddr,
271     	 * sockaddr_in and sockaddr_in6.
272     	 */
273     	ip_sockaddr from = {
274     		.len = sizeof(from.sa),
275     	};
>>>     CID 1496114:  Memory - corruptions  (OVERRUN)
>>>     Overrunning struct type sockaddr of 16 bytes by passing it to a function which accesses it at byte offset 27 using argument "from.len" (which evaluates to 28). [Note: The source code implementation of the function has been overridden by a builtin model.]
276     	packet->len = recvfrom(ifp->fd, packet->ptr, packet->len, /*flags*/ 0,
277     			       &from.sa.sa, &from.len);
278     	int packet_errno = errno; /* save!!! */
279     
280     	/*
281     	 * Try to decode the from address.


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yq8aBKViEpsZ9KPFMeJd7kKMDjyzu82COVFw1h1aYx-2FtFrefiPxkohPqZgI7DsTRPR5L954NuJuE0J6c4ee-2B5kYujDQ_Cir5ZFqEb-2Fpy-2FZDdTxjwNXxDWd37ZfwlkdBT1REyQ39I9tG-2FSzf56O7twWQ9Wv4j6TZF8PS5xLka-2B4mg12Jq1dWsemxlyMtDQSR49PvWxEySx9xN3lxDrhNO-2B-2FlIFjXKbLLFGSqrU9iXTTAMi7rRSokIr7kugWbFMKtO5g-2F-2FRL1M9cDSI5Q7JMVeZJb-2BWD7Hv2Clq2Q5OfMwk8oZyGbz-2FPB4Gt7ki6RKKE64n4BOZ94-3D

  To manage Coverity Scan email notifications for "swan-dev at lists.libreswan.org", click https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yped04pjJnmXOsUBtKYNIXxUzCfl-2FUi6sRJtnGH1-2FWXEIl9xkb2JliKiAkqgdujeIgWYvUCIHO1g-2Ba8I-2B0nANYHmrw9-2B13a9hJ7YOPZRdlHcEQfoMvDvjqsfrRNzFQ8lscduvXP5RLkPig71dIKudxi-S0O_Cir5ZFqEb-2Fpy-2FZDdTxjwNXxDWd37ZfwlkdBT1REyQ39I9tG-2FSzf56O7twWQ9Wv4j6TZF8PS5xLka-2B4mg12Jq1emlTzLhJwZ1B95y-2F-2F1kRSdcqfmLGZUd-2BinyaPjbvutrc4eC2xTDcnOnEr1CYW0J0RZ8vkASMSls6UTGCgo-2FFiIQb9fRAgwCpPQ4gHiczL0sz6qzUELlnTlTyvkYGik16jsvA1XX5WlY5hSdOgj8brw-3D

More information about the Swan-dev mailing list