[Swan-dev] New Defects reported by Coverity Scan for antonyantony/libreswan
scan-admin at coverity.com
scan-admin at coverity.com
Mon Sep 19 13:51:05 EEST 2022
Hi,
Please find the latest report on new defect(s) introduced to antonyantony/libreswan found with Coverity Scan.
1 new defect(s) introduced to antonyantony/libreswan found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1445600: (UNINIT)
/programs/pluto/kernel_xfrm.c: 1483 in netlink_add_sa()
/programs/pluto/kernel_xfrm.c: 1466 in netlink_add_sa()
/programs/pluto/kernel_xfrm.c: 1441 in netlink_add_sa()
________________________________________________________________________________________________________
*** CID 1445600: (UNINIT)
/programs/pluto/kernel_xfrm.c: 1483 in netlink_add_sa()
1477 sizeof(algo.alg_name));
1478 algo.alg_key_len = sa->enckeylen * BITS_PER_BYTE;
1479
1480 attr->rta_type = XFRMA_ALG_CRYPT;
1481 attr->rta_len = RTA_LENGTH(sizeof(algo) + sa->enckeylen);
1482
>>> CID 1445600: (UNINIT)
>>> Using uninitialized value "algo". Field "algo.alg_key" is uninitialized when calling "memcpy". [Note: The source code implementation of the function has been overridden by a builtin model.]
1483 memcpy(RTA_DATA(attr), &algo, sizeof(algo));
1484 memcpy((char *)RTA_DATA(attr) + sizeof(algo),
1485 sa->enckey,
1486 sa->enckeylen);
1487
1488 req.n.nlmsg_len += attr->rta_len;
/programs/pluto/kernel_xfrm.c: 1466 in netlink_add_sa()
1460 algo.alg_key_len = sa->enckeylen * BITS_PER_BYTE;
1461 algo.alg_icv_len = sa->encrypt->aead_tag_size * BITS_PER_BYTE;
1462
1463 attr->rta_type = XFRMA_ALG_AEAD;
1464 attr->rta_len = RTA_LENGTH(sizeof(algo) + sa->enckeylen);
1465
>>> CID 1445600: (UNINIT)
>>> Using uninitialized value "algo". Field "algo.alg_key" is uninitialized when calling "memcpy". [Note: The source code implementation of the function has been overridden by a builtin model.]
1466 memcpy(RTA_DATA(attr), &algo, sizeof(algo));
1467 memcpy((char *)RTA_DATA(attr) + sizeof(algo),
1468 sa->enckey, sa->enckeylen);
1469
1470 req.n.nlmsg_len += attr->rta_len;
1471 attr = (struct rtattr *)((char *)attr + attr->rta_len);
/programs/pluto/kernel_xfrm.c: 1441 in netlink_add_sa()
1435 fill_and_terminate(algo.alg_name, calg_name, sizeof(algo.alg_name));
1436 algo.alg_key_len = 0;
1437
1438 /* append */
1439 attr->rta_type = XFRMA_ALG_COMP;
1440 attr->rta_len = RTA_LENGTH(sizeof(algo));
>>> CID 1445600: (UNINIT)
>>> Using uninitialized value "algo". Field "algo.alg_key" is uninitialized when calling "memcpy". [Note: The source code implementation of the function has been overridden by a builtin model.]
1441 memcpy(RTA_DATA(attr), &algo, sizeof(algo));
1442 req.n.nlmsg_len += attr->rta_len;
1443 attr = (struct rtattr *)((char *)attr + attr->rta_len);
1444
1445 } else if (sa->esatype == ET_ESP) {
1446 const char *name = sa->encrypt->encrypt_netlink_xfrm_name;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yq8aBKViEpsZ9KPFMeJd7kKMDjyzu82COVFw1h1aYx-2FtFrefiPxkohPqZgI7DsTRPR5L954NuJuE0J6c4ee-2B5kY28cD_Cir5ZFqEb-2Fpy-2FZDdTxjwNXxDWd37ZfwlkdBT1REyQ38tdcaNT1gv4aO-2FKCpzsPfn2piMDBVH2GYwr2U-2FtkbSpyRcOjCy42ikDD3lrtsRRrSy-2FuTR0rBts-2BvDEWal7tJ7rGgA5ciGBkKJyvuREVPNcrer7Vsu3v9Kh3eHsD9RAreS8bZJ-2FqcnGRhjEWZwS0ylpkzCl9KZzJ72mkvuogo6havua2Le-2F3W8iP9AtvRVbJw-3D
To manage Coverity Scan email notifications for "swan-dev at lists.libreswan.org", click https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yped04pjJnmXOsUBtKYNIXxUzCfl-2FUi6sRJtnGH1-2FWXEIl9xkb2JliKiAkqgdujeIgWYvUCIHO1g-2Ba8I-2B0nANYHmrw9-2B13a9hJ7YOPZRdlHcEQfoMvDvjqsfrRNzFQ8lscduvXP5RLkPig71dIKudxi7d0q_Cir5ZFqEb-2Fpy-2FZDdTxjwNXxDWd37ZfwlkdBT1REyQ38tdcaNT1gv4aO-2FKCpzsPfn2piMDBVH2GYwr2U-2FtkbSp6bMrgZOFfSz1Ch7SM-2FSGyFP1s2RP91QotrwL-2FM1Vk2qgPGJ8a-2FGkjaXbg3qJCwou0aAT-2BnyJgwQ9DEMPLRoXZfxAAYlelwS3UnHkkqCRivO6qXdEbFa8oBoEdMul1WZjLGXWIolxW9WF3EiTvbpldA-3D
More information about the Swan-dev
mailing list