[Swan-dev] New Defects reported by Coverity Scan for antonyantony/libreswan
scan-admin at coverity.com
scan-admin at coverity.com
Tue Jan 18 01:08:51 EET 2022
Hi,
Please find the latest report on new defect(s) introduced to antonyantony/libreswan found with Coverity Scan.
2 new defect(s) introduced to antonyantony/libreswan found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)
** CID 1511049: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1511049: Memory - corruptions (OVERRUN)
/programs/pluto/kernel_xfrm.c: 1676 in xfrm_del_ipsec_spi()
1670 req.id.family = addrtypeof(src_address);
1671 req.id.proto = proto->ipproto;
1672
1673 req.n.nlmsg_len = NLMSG_ALIGN(NLMSG_LENGTH(sizeof(req.id)));
1674
1675 int recv_errno;
>>> CID 1511049: Memory - corruptions (OVERRUN)
>>> Overrunning struct type nlmsghdr of 16 bytes by passing it to a function which accesses it at byte offset 39 using argument "req.n.nlmsg_len" (which evaluates to 40).
1676 return sendrecv_xfrm_msg(&req.n, NLMSG_NOOP, NULL,
1677 "Del SA", story,
1678 &recv_errno, logger);
1679 }
1680
1681 /*
** CID 1511048: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1511048: Memory - corruptions (OVERRUN)
/programs/pluto/kernel_xfrm.c: 2162 in xfrm_get_ipsec_spi()
2156 req.n.nlmsg_len = NLMSG_ALIGN(NLMSG_LENGTH(sizeof(req.spi)));
2157
2158 req.spi.min = min;
2159 req.spi.max = max;
2160
2161 int recv_errno;
>>> CID 1511048: Memory - corruptions (OVERRUN)
>>> Overrunning struct type nlmsghdr of 16 bytes by passing it to a function which accesses it at byte offset 247 using argument "req.n.nlmsg_len" (which evaluates to 248).
2162 if (!sendrecv_xfrm_msg(&req.n, XFRM_MSG_NEWSA, &rsp,
2163 "Get SPI", story,
2164 &recv_errno, logger)) {
2165 return 0;
2166 }
2167
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yq8aBKViEpsZ9KPFMeJd7kKMDjyzu82COVFw1h1aYx-2FtFrefiPxkohPqZgI7DsTRPR5L954NuJuE0J6c4ee-2B5kYpoZU_Cir5ZFqEb-2Fpy-2FZDdTxjwNXxDWd37ZfwlkdBT1REyQ38lXVlnG8JEorukgVAz-2BDv7Wf7osJgbZoq4D-2B768AH4xuWxTUadMCdiMfc0zEC8DuKfKTA5KG78QfddAjWgH15MHw4RfCh6kPqeOFDpoyFA-2FTVXvuuAgqFvmkb0KKewgAW1O55V6GmNbRJgGsyOU-2BP7GWOpJLdKKIua29IfScD-2B4vQqaVoA6HdkFMGyz-2F0NN5k-3D
To manage Coverity Scan email notifications for "swan-dev at lists.libreswan.org", click https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yped04pjJnmXOsUBtKYNIXxUzCfl-2FUi6sRJtnGH1-2FWXEIl9xkb2JliKiAkqgdujeIgWYvUCIHO1g-2Ba8I-2B0nANYHmrw9-2B13a9hJ7YOPZRdlHcEQfoMvDvjqsfrRNzFQ8lscduvXP5RLkPig71dIKudxiS4MC_Cir5ZFqEb-2Fpy-2FZDdTxjwNXxDWd37ZfwlkdBT1REyQ38lXVlnG8JEorukgVAz-2BDv7Wf7osJgbZoq4D-2B768AH4xj-2BIjKYOti-2BsH59Cqth2ZXhilpRjmOWXJ44sJbAJnMt6kS1B-2BcsxkpQxou4RZ93F4w3iHZ7JuVjPAHC-2BJT9usZmK1XPgAO8BuykR-2Fx3R5ZZyhk9TqNdltLDSJcAinpo1pY25zQaGd3ilB4G0y5S4vT4-3D
More information about the Swan-dev
mailing list