Wireshark-dev: Re: [Wireshark-dev] OpenSafety bug - how to fix?
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: Chris Maynard <Chris.Maynard@xxxxxxxxx>
Date: Tue, 20 Sep 2011 17:39:56 +0000 (UTC)
Roland Knall <rknall@...> writes:

> 
> The fix is correct. Are there any other Coverty hits for openSafety,
> or just the one?

Hi Roland,
There are 6 in total.  Besides 1204, there are these 5 more reported:

CID 1215: NULL RETURNS:
In stringToBytes(), strtok() could return NULL at line 418, but the return value
is not checked against NULL as it is in other places, even further down in the
same function at line 427.

CID 1224: SIZEOF MISMATCH (2 instances):
In dissect_opensafety_ssdo_message() at lines 932 and 951, Coverity reports, 
"suspicious_sizeof: Passing argument "sizeof (guint8 *) /*8*/ * payloadSize" to 
function "ep_alloc" and then casting the return value to "guint8 *" is 
suspicious."

These 2 seem benign to me and can probably be ignored?

CID 1246/1247: FORWARD NULL/REVERSE INULL:
In opensafety_package_dissector(), pinfo is checked for being non-NULL at line
1374, implying that it could be NULL; yet it is passed to functions that
dereference it before checking against NULL (such as add_new_data_source() at
lines 1278 and 1284, call_dissector() at line 1370, etc.)

Can pinfo really ever be NULL?  If not, the easiest thing to do might be just to
remove the check at line 1374.


If you could submit a patch fixing all these, it would be appreciated.
Thanks,
- Chris