[Swan-dev] New Defects reported by Coverity Scan for antonyantony/libreswan

[scan-admin at coverity.com]

Hi,

Please find the latest report on new defect(s) introduced to antonyantony/libreswan found with Coverity Scan.

2 new defect(s) introduced to antonyantony/libreswan found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1511049:  Memory - corruptions  (OVERRUN)


________________________________________________________________________________________________________
*** CID 1511049:  Memory - corruptions  (OVERRUN)
/programs/pluto/kernel_xfrm.c: 1676 in xfrm_del_ipsec_spi()
1670     	req.id.family = addrtypeof(src_address);
1671     	req.id.proto = proto->ipproto;
1672     
1673     	req.n.nlmsg_len = NLMSG_ALIGN(NLMSG_LENGTH(sizeof(req.id)));
1674     
1675     	int recv_errno;
>>>     CID 1511049:  Memory - corruptions  (OVERRUN)
>>>     Overrunning struct type nlmsghdr of 16 bytes by passing it to a function which accesses it at byte offset 39 using argument "req.n.nlmsg_len" (which evaluates to 40).
1676     	return sendrecv_xfrm_msg(&req.n, NLMSG_NOOP, NULL,
1677     				 "Del SA", story,
1678     				 &recv_errno, logger);
1679     }
1680     
1681     /*

** CID 1511048:  Memory - corruptions  (OVERRUN)


________________________________________________________________________________________________________
*** CID 1511048:  Memory - corruptions  (OVERRUN)
/programs/pluto/kernel_xfrm.c: 2162 in xfrm_get_ipsec_spi()
2156     	req.n.nlmsg_len = NLMSG_ALIGN(NLMSG_LENGTH(sizeof(req.spi)));
2157     
2158     	req.spi.min = min;
2159     	req.spi.max = max;
2160     
2161     	int recv_errno;
>>>     CID 1511048:  Memory - corruptions  (OVERRUN)
>>>     Overrunning struct type nlmsghdr of 16 bytes by passing it to a function which accesses it at byte offset 247 using argument "req.n.nlmsg_len" (which evaluates to 248).
2162     	if (!sendrecv_xfrm_msg(&req.n, XFRM_MSG_NEWSA, &rsp,
2163     			       "Get SPI", story,
2164     			       &recv_errno, logger)) {
2165     		return 0;
2166     	}
2167     


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yq8aBKViEpsZ9KPFMeJd7kKMDjyzu82COVFw1h1aYx-2FtFrefiPxkohPqZgI7DsTRPR5L954NuJuE0J6c4ee-2B5kYpoZU_Cir5ZFqEb-2Fpy-2FZDdTxjwNXxDWd37ZfwlkdBT1REyQ38lXVlnG8JEorukgVAz-2BDv7Wf7osJgbZoq4D-2B768AH4xuWxTUadMCdiMfc0zEC8DuKfKTA5KG78QfddAjWgH15MHw4RfCh6kPqeOFDpoyFA-2FTVXvuuAgqFvmkb0KKewgAW1O55V6GmNbRJgGsyOU-2BP7GWOpJLdKKIua29IfScD-2B4vQqaVoA6HdkFMGyz-2F0NN5k-3D

  To manage Coverity Scan email notifications for "swan-dev at lists.libreswan.org", click https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yped04pjJnmXOsUBtKYNIXxUzCfl-2FUi6sRJtnGH1-2FWXEIl9xkb2JliKiAkqgdujeIgWYvUCIHO1g-2Ba8I-2B0nANYHmrw9-2B13a9hJ7YOPZRdlHcEQfoMvDvjqsfrRNzFQ8lscduvXP5RLkPig71dIKudxiS4MC_Cir5ZFqEb-2Fpy-2FZDdTxjwNXxDWd37ZfwlkdBT1REyQ38lXVlnG8JEorukgVAz-2BDv7Wf7osJgbZoq4D-2B768AH4xj-2BIjKYOti-2BsH59Cqth2ZXhilpRjmOWXJ44sJbAJnMt6kS1B-2BcsxkpQxou4RZ93F4w3iHZ7JuVjPAHC-2BJT9usZmK1XPgAO8BuykR-2Fx3R5ZZyhk9TqNdltLDSJcAinpo1pY25zQaGd3ilB4G0y5S4vT4-3D