[Swan-dev] New Defects reported by Coverity Scan for antonyantony/libreswan

scan-admin at coverity.com scan-admin at coverity.com
Sat Nov 20 13:09:38 EET 2021


Hi,

Please find the latest report on new defect(s) introduced to antonyantony/libreswan found with Coverity Scan.

1 new defect(s) introduced to antonyantony/libreswan found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1510142:    (OVERRUN)


________________________________________________________________________________________________________
*** CID 1510142:    (OVERRUN)
/programs/pluto/kernel_xfrm.c: 886 in xfrm_raw_policy()
880     		 * Presumably this is trying to also delete earlier
881     		 * SNAFUs.
882     		 */
883     		dbg("xfrm: %s() deleting policy forward (even when there may not be one)",
884     		    __func__);
885     		req.u.id.dir = XFRM_POLICY_FWD;
>>>     CID 1510142:    (OVERRUN)
>>>     Overrunning struct type nlmsghdr of 16 bytes by passing it to a function which accesses it at byte offset 4199 using argument "req.n.nlmsg_len" (which evaluates to 4200).
886     		ok &= sendrecv_xfrm_policy(&req.n, IGNORE_FWD_INBOUND,
887     					   policy_name, "(fwd)", logger);
888     		break;
889     	case KP_ADD_INBOUND:
890     		if (!ok) {
891     			break;
/programs/pluto/kernel_xfrm.c: 861 in xfrm_raw_policy()
855     		uctx->ctx_alg = XFRM_SC_ALG_SELINUX;
856     		uctx->ctx_len = sec_label.len;
857     		memcpy(uctx + 1, sec_label.ptr, sec_label.len);
858     		req.n.nlmsg_len += attr->rta_len;
859     	}
860     
>>>     CID 1510142:    (OVERRUN)
>>>     Overrunning struct type nlmsghdr of 16 bytes by passing it to a function which accesses it at byte offset 4199 using argument "req.n.nlmsg_len" (which evaluates to 4200).
861     	bool ok = sendrecv_xfrm_policy(&req.n, what_about_inbound, policy_name,
862     				       ((op & KERNEL_POLICY_OUTBOUND) ? "(out)" : "(in)"),
863     				       logger);
864     
865     	/*
866     	 * ??? deal with any forwarding policy.


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yq8aBKViEpsZ9KPFMeJd7kKMDjyzu82COVFw1h1aYx-2FtFrefiPxkohPqZgI7DsTRPR5L954NuJuE0J6c4ee-2B5kYFk9o_Cir5ZFqEb-2Fpy-2FZDdTxjwNXxDWd37ZfwlkdBT1REyQ38RWPW9392tGOG7UGBGjrtfyJ1xLG25fqQXb9CmH-2BowUmKPvSpbonpKzF64yPF-2BJkYv6mfoZayQcYDhooXpq3Y8gkmFtW6oIhgnnA4iCk-2Ffrv64ZYFEsCNWT7qXTD-2FsRiCIaCRGE5m3dF876Hwc4jnhkXuxbzh2OepoTgxVE7Ud94rTYxt34DIoZNYSWKKvoFU-3D

  To manage Coverity Scan email notifications for "swan-dev at lists.libreswan.org", click https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yped04pjJnmXOsUBtKYNIXxUzCfl-2FUi6sRJtnGH1-2FWXEIl9xkb2JliKiAkqgdujeIgWYvUCIHO1g-2Ba8I-2B0nANYHmrw9-2B13a9hJ7YOPZRdlHcEQfoMvDvjqsfrRNzFQ8lscduvXP5RLkPig71dIKudxizl9J_Cir5ZFqEb-2Fpy-2FZDdTxjwNXxDWd37ZfwlkdBT1REyQ38RWPW9392tGOG7UGBGjrtfyJ1xLG25fqQXb9CmH-2BowUj-2BH8XmZUKgTT-2B5O7npJjtodoqP2HZiaIomZmgC8j4BSDWQjptWxEfRea-2F6bsmks6pgvcqRdGyco6igrx2yH3RY5nehtjkrHuplXOA4dAYmoDHBveoyaPml1h4Ph8j9LlDRaM6SlOSUZB-2F9pIMmyzJw-3D



More information about the Swan-dev mailing list