Fw: New Defects reported by Coverity Scan for ntpsec
Gary E. Miller
gem at rellim.com
Mon Jan 25 20:03:18 UTC 2021
Yo All!
New coverity defects in ntpd. See below.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem at rellim.com Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can't measure it, you can't improve it." - Lord Kelvin
Begin forwarded message:
Date: Sun, 24 Jan 2021 07:29:27 +0000 (UTC)
From: scan-admin at coverity.com
To: gem at rellim.com
Subject: New Defects reported by Coverity Scan for ntpsec
Hi,
Please find the latest report on new defect(s) introduced to ntpsec
found with Coverity Scan.
4 new defect(s) introduced to ntpsec found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)
** CID 316495: Insecure data handling (TAINTED_SCALAR)
/ntpd/ntp_scanner.c: 185 in lex_getch()
________________________________________________________________________________________________________
*** CID 316495: Insecure data handling (TAINTED_SCALAR)
/ntpd/ntp_scanner.c: 185 in lex_getch()
179 ch = stream->backch;
180 stream->backch = EOF;
181 if (stream->fpi)
182 conf_file_sum += (unsigned int)ch;
183 } else if (stream->fpi) {
184 /* fetch next 7-bit ASCII char (or EOF) from
file */
>>> CID 316495: Insecure data handling (TAINTED_SCALAR)
>>> Using tainted variable "ch" as a loop boundary.
185 while ((ch = fgetc(stream->fpi)) != EOF && ch >
SCHAR_MAX) { 186 stream->curpos.ncol++;
187 }
188 if (EOF != ch) {
189 conf_file_sum += (unsigned int)ch;
190 stream->curpos.ncol++;
** CID 316494: Insecure data handling (TAINTED_SCALAR)
________________________________________________________________________________________________________
*** CID 316494: Insecure data handling (TAINTED_SCALAR)
/tests/common/tests_main.c: 96 in main()
90 auth_init();
91 init_network();
92
93 args_argc = argc;
94 args_argv = argv;
95
>>> CID 316494: Insecure data handling (TAINTED_SCALAR)
>>> Passing tainted expression "**argv" to "UnityMain", which uses
>>> it as a loop boundary.
96 return UnityMain(argc, argv, RunAllTests);
** CID 316493: Uninitialized variables (UNINIT)
________________________________________________________________________________________________________
*** CID 316493: Uninitialized variables (UNINIT)
/ntpd/refclock_generic.c: 2865 in parse_start()
2859 /*
2860 * print out configuration
2861 */
2862 NLOG(NLOG_CLOCKINFO)
2863 {
2864 /* conditional if clause for
conditional syslog */
>>> CID 316493: Uninitialized variables (UNINIT)
>>> Using uninitialized value "*parsedev" as argument to "%s" when
>>> calling "msyslog".
2865 msyslog(LOG_INFO, "REFCLOCK: PARSE
receiver #%d: reference clock \"%s\" (I/O device %s, PPS device %s)
added", 2866
parse->peer->procptr->refclkunit, 2867
parse->parse_type->cl_description, parsedev, 2868
(parse->ppsfd != parse->generic->io.fd) ?
parseppsdev : parsedev); 2869 2870
msyslog(LOG_INFO, "REFCLOCK: PARSE receiver #%d: Stratum %d, trust time
%s, precision %d",
** CID 316492: Uninitialized variables (UNINIT)
________________________________________________________________________________________________________
*** CID 316492: Uninitialized variables (UNINIT)
/ntpd/refclock_oncore.c: 1887 in oncore_get_timestamp()
1881 if (!refclock_process(instance->pp)) {
1882 refclock_report(instance->peer, CEVNT_BADTIME);
1883 peer->cfg.flags &= ~FLAG_PPS; /*
problem - clear PPS FLAG */ 1884 return;
1885 }
1886
>>> CID 316492: Uninitialized variables (UNINIT)
>>> Using uninitialized value "*Msg" when calling "oncore_log".
1887 oncore_log(instance, LOG_INFO, Msg); /* this
is long message above */ 1888 instance->pollcnt = 2;
1889
1890 if (instance->polled) {
1891 instance->polled = 0;
1892 /* instance->pp->dispersion = instance->pp->skew
= 0; */
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit,
https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yp8Ldxo61EGGRiTZ6U-2Bjg3sA07-2BBpfNSmUdAWFIW4-2FfVHYSy8cV7mYfZsABp8TO5F4-3DpMR9_V4vXdTh-2BxT-2BxCKbyFfrSoDjnj-2FnImdBn0V1NTvy4n6WfXNCalEGWEqcDujfT-2Bbv62r00fTMiGj4i1hEQCTXBrIaBJwo522-2FVhzVWmVe9T0fJiQmIXWHAmM-2BJAD4DkoksVTqo6hxPMKiNVCbW28LvjPwEsCKtsO11LFx3r-2BIQrH9FCltVbqyXREOt7N9W4GM7i3IBqayQ2kmNPQEdcmb1vq9SXTat0E7gMRJr7EU15p0-3D
To manage Coverity Scan email notifications for "gem at rellim.com",
click
https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yped04pjJnmXOsUBtKYNIXx7Tfqjjbls0cEjccfNLTtXEyJGZ4VdMsA5BAyVQQG3-2BhiayktbDtQ9xydmCGCqXM-2FiCfaecVOZTo8suXWaB1cwto7f0wTnlZytc1QYkzBIo8-3DVzzL_V4vXdTh-2BxT-2BxCKbyFfrSoDjnj-2FnImdBn0V1NTvy4n6WfXNCalEGWEqcDujfT-2Bbv6Sh-2B3U3OSp1JBWFcDRFYJOSXkfO0HtN6QF86gHaKUkwChgp1KeG7wMq0u1FBSyGw0mpzIOArPkQnKZ7TYJr-2BjvAorRbkgcHjWYcDoMFy57FF8-2FxKUQxqULVVKgg86-2F-2BS1JvaVATTxGy3MeYVozVLZHCXi4NtuCHtytHIVZcR9dvY-3D
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem at rellim.com Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can't measure it, you can't improve it." - Lord Kelvin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 851 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20210125/f8ba5a41/attachment.bin>
More information about the devel
mailing list