<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<br>
<div class="moz-forward-container"><br>
To fix these Coverity issues , please check the below link for
guidelines:<br>
<br>
<a class="moz-txt-link-freetext"
href="http://www.gluster.org/community/documentation/index.php/Fixing_Issues_Reported_By_Tools_For_Static_Code_Analysis#Coverity">http://www.gluster.org/community/documentation/index.php/Fixing_Issues_Reported_By_Tools_For_Static_Code_Analysis#Coverity</a><br>
<br>
Thanks,<br>
Lala<br>
<br>
-------- Original Message --------
<table class="moz-email-headers-table" border="0" cellpadding="0"
cellspacing="0">
<tbody>
<tr>
<th align="RIGHT" nowrap="nowrap" valign="BASELINE">Subject:
</th>
<td>New Defects reported by Coverity Scan for GlusterFS</td>
</tr>
<tr>
<th align="RIGHT" nowrap="nowrap" valign="BASELINE">Date: </th>
<td>Mon, 04 Aug 2014 02:31:28 -0700</td>
</tr>
<tr>
<th align="RIGHT" nowrap="nowrap" valign="BASELINE">From: </th>
<td><a class="moz-txt-link-abbreviated" href="mailto:scan-admin@coverity.com">scan-admin@coverity.com</a></td>
</tr>
</tbody>
</table>
<br>
<br>
<pre>Hi,
Please find the latest report on new defect(s) introduced to GlusterFS found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)
** CID 1229877: Copy into fixed size buffer (STRING_OVERFLOW)
/xlators/mgmt/glusterd/src/glusterd-snapshot.c: 4061 in glusterd_add_brick_to_snap_volume()
/xlators/mgmt/glusterd/src/glusterd-snapshot.c: 4062 in glusterd_add_brick_to_snap_volume()
/xlators/mgmt/glusterd/src/glusterd-snapshot.c: 4049 in glusterd_add_brick_to_snap_volume()
/xlators/mgmt/glusterd/src/glusterd-snapshot.c: 4050 in glusterd_add_brick_to_snap_volume()
** CID 1229876: Copy into fixed size buffer (STRING_OVERFLOW)
/xlators/mgmt/glusterd/src/glusterd-utils.c: 13482 in glusterd_update_mntopts()
/xlators/mgmt/glusterd/src/glusterd-utils.c: 13481 in glusterd_update_mntopts()
** CID 1229878: Time of check time of use (TOCTOU)
/xlators/features/changelog/lib/src/gf-changelog.c: 475 in gf_changelog_register()
________________________________________________________________________________________________________
*** CID 1229877: Copy into fixed size buffer (STRING_OVERFLOW)
/xlators/mgmt/glusterd/src/glusterd-snapshot.c: 4061 in glusterd_add_brick_to_snap_volume()
4055
4056 snprintf (key, sizeof(key) - 1, "vol%"PRId64".mnt_opts%d", volcount,
4057 brick_count);
4058 ret = dict_get_str (dict, key, &value);
4059 if (!ret) {
4060 /* Update the mnt_opts in original brickinfo as well */
>>> CID 1229877: Copy into fixed size buffer (STRING_OVERFLOW)
>>> You might overrun the 1024 byte fixed-size string "original_brickinfo->mnt_opts" by copying "value" without checking the length.
4061 strcpy (original_brickinfo->mnt_opts, value);
4062 strcpy (snap_brickinfo->mnt_opts, value);
4063 } else {
4064 if (is_origin_glusterd (dict) == _gf_true)
4065 add_missed_snap = _gf_true;
4066 }
/xlators/mgmt/glusterd/src/glusterd-snapshot.c: 4062 in glusterd_add_brick_to_snap_volume()
4056 snprintf (key, sizeof(key) - 1, "vol%"PRId64".mnt_opts%d", volcount,
4057 brick_count);
4058 ret = dict_get_str (dict, key, &value);
4059 if (!ret) {
4060 /* Update the mnt_opts in original brickinfo as well */
4061 strcpy (original_brickinfo->mnt_opts, value);
>>> CID 1229877: Copy into fixed size buffer (STRING_OVERFLOW)
>>> You might overrun the 1024 byte fixed-size string "snap_brickinfo->mnt_opts" by copying "value" without checking the length.
4062 strcpy (snap_brickinfo->mnt_opts, value);
4063 } else {
4064 if (is_origin_glusterd (dict) == _gf_true)
4065 add_missed_snap = _gf_true;
4066 }
4067
/xlators/mgmt/glusterd/src/glusterd-snapshot.c: 4049 in glusterd_add_brick_to_snap_volume()
4043
4044 snprintf (key, sizeof(key) - 1, "vol%"PRId64".fstype%d", volcount,
4045 brick_count);
4046 ret = dict_get_str (dict, key, &value);
4047 if (!ret) {
4048 /* Update the fstype in original brickinfo as well */
>>> CID 1229877: Copy into fixed size buffer (STRING_OVERFLOW)
>>> You might overrun the 255 byte fixed-size string "original_brickinfo->fstype" by copying "value" without checking the length.
4049 strcpy (original_brickinfo->fstype, value);
4050 strcpy (snap_brickinfo->fstype, value);
4051 } else {
4052 if (is_origin_glusterd (dict) == _gf_true)
4053 add_missed_snap = _gf_true;
4054 }
/xlators/mgmt/glusterd/src/glusterd-snapshot.c: 4050 in glusterd_add_brick_to_snap_volume()
4044 snprintf (key, sizeof(key) - 1, "vol%"PRId64".fstype%d", volcount,
4045 brick_count);
4046 ret = dict_get_str (dict, key, &value);
4047 if (!ret) {
4048 /* Update the fstype in original brickinfo as well */
4049 strcpy (original_brickinfo->fstype, value);
>>> CID 1229877: Copy into fixed size buffer (STRING_OVERFLOW)
>>> You might overrun the 255 byte fixed-size string "snap_brickinfo->fstype" by copying "value" without checking the length.
4050 strcpy (snap_brickinfo->fstype, value);
4051 } else {
4052 if (is_origin_glusterd (dict) == _gf_true)
4053 add_missed_snap = _gf_true;
4054 }
4055
________________________________________________________________________________________________________
*** CID 1229876: Copy into fixed size buffer (STRING_OVERFLOW)
/xlators/mgmt/glusterd/src/glusterd-utils.c: 13482 in glusterd_update_mntopts()
13476 "the brick (%s) failed", brick_path);
13477 ret = -1;
13478 goto out;
13479 }
13480
13481 strcpy (brickinfo->fstype, entry->mnt_type);
>>> CID 1229876: Copy into fixed size buffer (STRING_OVERFLOW)
>>> You might overrun the 1024 byte fixed-size string "brickinfo->mnt_opts" by copying "entry->mnt_opts" without checking the length.
13482 strcpy (brickinfo->mnt_opts, entry->mnt_opts);
13483
13484 ret = 0;
13485 out:
13486 GF_FREE (mnt_pt);
13487 return ret;
/xlators/mgmt/glusterd/src/glusterd-utils.c: 13481 in glusterd_update_mntopts()
13475 gf_log (this->name, GF_LOG_ERROR, "getting the mount entry for "
13476 "the brick (%s) failed", brick_path);
13477 ret = -1;
13478 goto out;
13479 }
13480
>>> CID 1229876: Copy into fixed size buffer (STRING_OVERFLOW)
>>> You might overrun the 255 byte fixed-size string "brickinfo->fstype" by copying "entry->mnt_type" without checking the length.
13481 strcpy (brickinfo->fstype, entry->mnt_type);
13482 strcpy (brickinfo->mnt_opts, entry->mnt_opts);
13483
13484 ret = 0;
13485 out:
13486 GF_FREE (mnt_pt);
13487 return ret;
________________________________________________________________________________________________________
*** CID 1229878: Time of check time of use (TOCTOU)
/xlators/features/changelog/lib/src/gf-changelog.c: 475 in gf_changelog_register()
469 if (ret) {
470 errn = errno;
471 goto cleanup;
472 }
473 }
474
>>> CID 1229878: Time of check time of use (TOCTOU)
>>> Calling function "realpath(char const * restrict, char * restrict)" that uses "scratch_dir" after a check function. This can cause a time-of-check, time-of-use race condition.
475 gfc->gfc_working_dir = realpath (scratch_dir, NULL);
476 if (!gfc->gfc_working_dir) {
477 errn = errno;
478 goto cleanup;
479 }
480
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, <a class="moz-txt-link-freetext" href="http://scan.coverity.com/projects/987?tab=overview">http://scan.coverity.com/projects/987?tab=overview</a>
To unsubscribe from the email notification for new defects, <a class="moz-txt-link-freetext" href="http://scan5.coverity.com/cgi-bin/unsubscribe.py">http://scan5.coverity.com/cgi-bin/unsubscribe.py</a>
</pre>
<br>
</div>
<br>
</body>
</html>