Report information
The Basics
Id:
46281
Status:
resolved
Priority:
Medium/Medium
Queue:
bind9-public
People
Owner:
Nobody in particular
Requestors:
scan-admin@coverity.com(no email address set)
Cc:
AdminCc:
BugTracker
Version Fixed:
9.11.3, 9.12.0
Version Found:
(no value)
Versions Affected:
(no value)
Versions Planned:
(no value)
Priority:
P2 Normal
Severity:
S2 Normal
CVSS Score:
(no value)
CVE ID:
(no value)
Component:
(no value)
Area:
bug
Dates
Created:Sat, 14 Oct 2017 16:16:55 -0400
Updated:Wed, 18 Oct 2017 22:13:57 -0400
Closed:Wed, 18 Oct 2017 22:13:57 -0400

This bug tracker is no longer active.

Please go to our Gitlab to submit issues (both feature requests and bug reports) for active projects maintained by Internet Systems Consortium (ISC).

Due to security and confidentiality requirements, full access is limited to the primary maintainers.

History
  Sat, 14 Oct 2017 16:16:55 -0400 scan-admin@coverity.com - Ticket created
Date: Sat, 14 Oct 2017 20:13:15 +0000 (UTC)
From: scan-admin@coverity.com
Subject: New Defects reported by Coverity Scan for BIND
To: bind9-bugs@isc.org

Hi, Please find the latest report on new defect(s) introduced to BIND found with Coverity Scan. 7 new defect(s) introduced to BIND found with Coverity Scan. 7 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 7 of 7 defect(s) ** CID 1419761: Memory - illegal accesses (STRING_NULL) /lib/isc/tests/mem_test.c: 282 in atfu_isc_mem_traceflag_body() ________________________________________________________________________________________________________ *** CID 1419761: Memory - illegal accesses (STRING_NULL) /lib/isc/tests/mem_test.c: 282 in atfu_isc_mem_traceflag_body() 276 isc_file_remove("mem.output"); 277 278 /* return stderr to TTY so we can see errors */ 279 f = freopen("/dev/tty", "w", stderr); 280 281 ATF_CHECK(strncmp(buf, "add ", 4) == 0); >>> CID 1419761: Memory - illegal accesses (STRING_NULL) >>> Passing unterminated string "buf" to "strchr", which expects a null-terminated string. 282 p = strchr(buf, '\n'); 283 p = strchr(p + 1, '\n'); 284 ATF_CHECK(strncmp(p + 2, "ptr ", 4) == 0); 285 p = strchr(p + 1, '\n'); 286 ATF_CHECK(strncmp(p + 1, "del ", 4) == 0); 287 ** CID 1419760: Error handling issues (CHECKED_RETURN) /lib/isc/tests/ht_test.c: 51 in test_ht_full() ________________________________________________________________________________________________________ *** CID 1419760: Error handling issues (CHECKED_RETURN) /lib/isc/tests/ht_test.c: 51 in test_ht_full() 45 isc_int64_t i; 46 47 result = isc_mem_createx2(0, 0, default_memalloc, default_memfree, 48 NULL, &mctx, 0); 49 ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); 50 >>> CID 1419760: Error handling issues (CHECKED_RETURN) >>> Calling "isc_ht_init" without checking return value (as is done elsewhere 7 out of 8 times). 51 isc_ht_init(&ht, mctx, bits); 52 for (i = 1; i < count; i++) { 53 /* 54 * Note: snprintf() is followed with strlcat() 55 * to ensure we are always filling the 16 byte key. 56 */ ** CID 1419759: Null pointer dereferences (NULL_RETURNS) /lib/isc/tests/mem_test.c: 235 in atfu_isc_mem_recordflag_body() ________________________________________________________________________________________________________ *** CID 1419759: Null pointer dereferences (NULL_RETURNS) /lib/isc/tests/mem_test.c: 235 in atfu_isc_mem_recordflag_body() 229 isc_stdio_close(f); 230 isc_file_remove("mem.output"); 231 232 p = strchr(buf, '\n'); 233 ATF_CHECK(strncmp(p + 2, "ptr ", 4) == 0); 234 p = strchr(p + 1, '\n'); >>> CID 1419759: Null pointer dereferences (NULL_RETURNS) >>> Dereferencing a pointer that might be null "p" when calling "strlen". 235 ATF_CHECK(strlen(p) == 1); 236 237 isc_test_end(); 238 } 239 240 ATF_TC(isc_mem_traceflag); ** CID 1419758: Null pointer dereferences (NULL_RETURNS) /lib/isc/tests/mem_test.c: 187 in atfu_isc_mem_noflags_body() ________________________________________________________________________________________________________ *** CID 1419758: Null pointer dereferences (NULL_RETURNS) /lib/isc/tests/mem_test.c: 187 in atfu_isc_mem_noflags_body() 181 isc_stdio_close(f); 182 isc_file_remove("mem.output"); 183 184 p = strchr(buf, '\n'); 185 p += 2; 186 q = strchr(p, '\n'); >>> CID 1419758: Null pointer dereferences (NULL_RETURNS) >>> Dereferencing a null pointer "q". 187 *q = '\0'; 188 ATF_CHECK_STREQ(p, "None."); 189 190 isc_mem_debugging = ISC_MEM_DEBUGRECORD; 191 isc_test_end(); 192 ** CID 1419757: Memory - illegal accesses (STRING_NULL) /lib/isc/tests/mem_test.c: 184 in atfu_isc_mem_noflags_body() ________________________________________________________________________________________________________ *** CID 1419757: Memory - illegal accesses (STRING_NULL) /lib/isc/tests/mem_test.c: 184 in atfu_isc_mem_noflags_body() 178 ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); 179 result = isc_stdio_read(buf, sizeof(buf), 1, f, &size); 180 ATF_REQUIRE_EQ(result, ISC_R_EOF); 181 isc_stdio_close(f); 182 isc_file_remove("mem.output"); 183 >>> CID 1419757: Memory - illegal accesses (STRING_NULL) >>> Passing unterminated string "buf" to "strchr", which expects a null-terminated string. 184 p = strchr(buf, '\n'); 185 p += 2; 186 q = strchr(p, '\n'); 187 *q = '\0'; 188 ATF_CHECK_STREQ(p, "None."); 189 ** CID 1419756: Memory - illegal accesses (STRING_NULL) /lib/isc/tests/mem_test.c: 232 in atfu_isc_mem_recordflag_body() ________________________________________________________________________________________________________ *** CID 1419756: Memory - illegal accesses (STRING_NULL) /lib/isc/tests/mem_test.c: 232 in atfu_isc_mem_recordflag_body() 226 ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); 227 result = isc_stdio_read(buf, sizeof(buf), 1, f, &size); 228 ATF_REQUIRE_EQ(result, ISC_R_EOF); 229 isc_stdio_close(f); 230 isc_file_remove("mem.output"); 231 >>> CID 1419756: Memory - illegal accesses (STRING_NULL) >>> Passing unterminated string "buf" to "strchr", which expects a null-terminated string. 232 p = strchr(buf, '\n'); 233 ATF_CHECK(strncmp(p + 2, "ptr ", 4) == 0); 234 p = strchr(p + 1, '\n'); 235 ATF_CHECK(strlen(p) == 1); 236 237 isc_test_end(); ** CID 1377144: Parse warnings (PARSE_ERROR) /lib/isc/mem.c: 3070 in () ________________________________________________________________________________________________________ *** CID 1377144: Parse warnings (PARSE_ERROR) /lib/isc/mem.c: 3070 in () 3064 REQUIRE(ISCAPI_MPOOL_VALID(mpctx)); 3065 3066 if (isc_bind9) 3067 isc___mempool_put(mpctx, mem FLARG_PASS); 3068 else 3069 mpctx->methods->put(mpctx, mem FLARG_PASS); >>> CID 1377144: Parse warnings (PARSE_ERROR) >>> {CovLStr{v1}{expected a "}"}} ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRatftY8JjD0XUVeK0eDwSEPh4vRqywf0w3swJ8N5sF82Q-3D-3D_QjBaZtEJDFdtBJj3YWWx4OwxXn6h7X1bCFA-2Bmidshrg-2BDlkCvITZ3s3f6hK34SaAoc1mY-2FZ0ikZGgczwwT0JH9Jk1rSyhptm26bb5aBl-2BQmj9V4OdMWMtHQWGkYI1WjR-2FLyxP58-2BKM8o99SEwkG6Iy5fPv85UhQ2i05B-2Bn-2FAxP5ML4s-2FZlSxXreNi7Ygy-2BOUHUsZX0doFkEXaEidfyvCjA-3D-3D To manage Coverity Scan email notifications for "bind9-bugs@isc.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4rIy41Xs74BznZj4k3EIh0OhIeqrl4tMKvZau-2B5LUEdCBSWjNYx5kf-2B92zKd1nnWiMMfay-2Fg7DuBn2-2BCqidUp9Y39BJMi1Fd-2FeSXcvFgX1I4-3D_QjBaZtEJDFdtBJj3YWWx4OwxXn6h7X1bCFA-2Bmidshrg-2BDlkCvITZ3s3f6hK34SaAI7ZOnII9BS0P6ORAXoDhu8WPO22UMCevbLhaoBWGk-2F4YNP49FSf-2FhzsPRll3Bc-2BrAZo0KJsk733tQVJKnTN7NmuHHDZn9RQrXTUKA5bS7CoSwfviJehTm44vZKgxKZ-2FpV7r0-2BBPdOJ6noDQrJ6JJdw-3D-3D
Sat, 14 Oct 2017 17:51:58 -0400 Mark Andrews <marka@isc.org> - Severity S2 Normal added
Sat, 14 Oct 2017 17:51:58 -0400 Mark Andrews <marka@isc.org> - Priority P2 Normal added
  Sat, 14 Oct 2017 17:51:58 -0400 Mark Andrews <marka@isc.org> - Correspondence added

ready for review
Sat, 14 Oct 2017 17:51:59 -0400 The RT System itself - Status changed from 'new' to 'open'
Sat, 14 Oct 2017 17:51:59 -0400 Mark Andrews <marka@isc.org> - Status changed from 'open' to 'review'
Sat, 14 Oct 2017 17:51:59 -0400 Mark Andrews <marka@isc.org> - Queue changed from #6 to bind9-public
Sat, 14 Oct 2017 17:52:12 -0400 Mark Andrews <marka@isc.org> - Area bug added
  Wed, 18 Oct 2017 21:10:00 -0400 Evan Hunt <Evan_Hunt@isc.org> - Correspondence added

Looks fine.
Wed, 18 Oct 2017 21:10:02 -0400 Evan Hunt <Evan_Hunt@isc.org> - Given to Mark Andrews <marka@isc.org>
Wed, 18 Oct 2017 22:13:56 -0400 Mark Andrews <marka@isc.org> - Version Fixed 9.11.3, 9.12.0 added
  Wed, 18 Oct 2017 22:13:57 -0400 Mark Andrews <marka@isc.org> - Correspondence added

4775. [bug] Address Coverity warnings in ht_test.c and mem_test.c [RT #46281]
Wed, 18 Oct 2017 22:13:57 -0400 Mark Andrews <marka@isc.org> - Status changed from 'review' to 'resolved'
Wed, 18 Oct 2017 22:13:57 -0400 Mark Andrews <marka@isc.org> - Untaken