[Swan-dev] New Defects reported by Coverity Scan for antonyantony/libreswan
scan-admin at coverity.com
scan-admin at coverity.com
Thu May 20 22:08:52 UTC 2021
Hi,
Please find the latest report on new defect(s) introduced to antonyantony/libreswan found with Coverity Scan.
1 new defect(s) introduced to antonyantony/libreswan found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1504902: Insecure data handling (TAINTED_SCALAR)
________________________________________________________________________________________________________
*** CID 1504902: Insecure data handling (TAINTED_SCALAR)
/programs/pluto/rcv_whack.c: 1108 in whack_handle()
1102 if (!unpack_whack_msg(&wp, whack_logger)) {
1103 /* already logged */
1104 return; /* don't shutdown */
1105 }
1106
1107 struct show *s = alloc_show(whack_logger);
>>> CID 1504902: Insecure data handling (TAINTED_SCALAR)
>>> Passing tainted expression "msg.nr_impairments" to "whack_process", which uses it as a loop boundary.
1108 whack_process(&msg, s);
1109 free_show(&s);
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yq8aBKViEpsZ9KPFMeJd7kKMDjyzu82COVFw1h1aYx-2FtFrefiPxkohPqZgI7DsTRPR5L954NuJuE0J6c4ee-2B5kYZS_Z_Cir5ZFqEb-2Fpy-2FZDdTxjwNXxDWd37ZfwlkdBT1REyQ3-2FeToKyNVuxGJc5Qr6YaHdfCl-2FHWDoIfb8d4qww4weDsvyIDFvTYO82gRCo0aTy14JwgJRDIs9q3bT4Ix-2B-2BnIoRBPeUzmd1f-2F-2F8YcK7E-2BWIJB6TrE5DtTz6KcABf1e1HoqHrKrKib9k322aItXV2ipsJWq0J8XSV5EUZKMa1WtEYDYYQK7ZYO5-2FUSXEFw1-2BUZo-3D
To manage Coverity Scan email notifications for "swan-dev at lists.libreswan.org", click https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yped04pjJnmXOsUBtKYNIXxUzCfl-2FUi6sRJtnGH1-2FWXEIl9xkb2JliKiAkqgdujeIgWYvUCIHO1g-2Ba8I-2B0nANYHmrw9-2B13a9hJ7YOPZRdlHcEQfoMvDvjqsfrRNzFQ8lscduvXP5RLkPig71dIKudxioWAa_Cir5ZFqEb-2Fpy-2FZDdTxjwNXxDWd37ZfwlkdBT1REyQ3-2FeToKyNVuxGJc5Qr6YaHdfCl-2FHWDoIfb8d4qww4weDshPVj6mJjEIGFCLiRqrsmifxtYBtGnDhZQlYBMYevZtGCsi9p20L8PVAFjjlpopXKdYmNF3N64wunEpFcdC7dXBQy74zlkq51MRaS4qesMJ3e84QKVMPeglIliwFKbJVLFvglpWU6l49-2BNG2YNVkCjw-3D
More information about the Swan-dev
mailing list