stapbpf/bpfinterp.cxx :: placate the gods of Coverity

* bpf-internal.h (BPF_MAXSTRINGLEN_PLUS): new define, BPF_MAXSTRINGLEN+1.
* stapbpf/bpfinterp.cxx (map_get_next_key): BUFFER_SIZE_WARNING use bigger buffer.
(bpf_interpret): UNUSED_VALUE memset regs to 0x0,
OVERFLOW_BEFORE_WIDEN indicate in 32-bit LSH operation that widening is inappropriate.

diff --git a/bpf-internal.h b/bpf-internal.h
index f567a8a6f072e70243e1dc8e0ebeda3be2ef52d4..ef46674d8ba5add749abd928ec981fda611666b8 100644 (file)
--- a/bpf-internal.h
+++ b/bpf-internal.h
@@ -45,7 +45,9 @@ namespace bpf {
 #define BPF_REG_SIZE 8
 
 #define BPF_MAXSTRINGLEN 64
+#define BPF_MAXSTRINGLEN_PLUS 65
 // #define BPF_MAXSTRINGLEN 128 // TODO: Longer strings require a smarter storage allocator.
+// #define BPF_MAXSTRINGLEN_PLUS 129
 #define BPF_MAXFORMATLEN 256
 #define BPF_MAXPRINTFARGS 32
 // #define BPF_MAXPRINTFARGS 3 // Maximum for trace_printk() method.

diff --git a/stapbpf/bpfinterp.cxx b/stapbpf/bpfinterp.cxx
index 05e85f4c650e6222240245c96bf24259cca2ecca..c6773ea9f8fd199706e1b2d966b91df3cf88eafa 100644 (file)
--- a/stapbpf/bpfinterp.cxx
+++ b/stapbpf/bpfinterp.cxx
@@ -112,7 +112,8 @@ map_get_next_key(int fd_idx, int64_t key, int64_t next_key,
   // with a single map during execution of nested foreach loops.
   if (!key && is_str)
     {
-      char k[BPF_MAXSTRINGLEN], n[BPF_MAXSTRINGLEN];
+      // XXX: BPF_MAXSTRINGLEN+1 to avoid coverity warning
+      char k[BPF_MAXSTRINGLEN_PLUS], n[BPF_MAXSTRINGLEN_PLUS];
       std::set<std::string> s;
 
       int rc = bpf_get_next_key(fd, 0, as_ptr(n));
@@ -436,6 +437,7 @@ bpf_interpret(size_t ninsns, const struct bpf_insn insns[],
   uint64_t result = 0; // return value
   uint64_t stack[512 / 8];
   uint64_t regs[MAX_BPF_REG];
+  memset(regs, 0x0, sizeof(uint64_t) * MAX_BPF_REG);
   const struct bpf_insn *i = insns;
   static std::vector<uint64_t *> map_values;
   static std::vector<std::string> strings; // TODO: could clear on exit?
@@ -549,7 +551,9 @@ bpf_interpret(size_t ninsns, const struct bpf_insn insns[],
        case BPF_ALU | BPF_OR  | BPF_X:
        case BPF_ALU | BPF_OR  | BPF_K:  dr = (uint32_t)(dr | s1); break;
        case BPF_ALU | BPF_LSH | BPF_X:
-       case BPF_ALU | BPF_LSH | BPF_K:  dr = (uint32_t)dr << s1; break;
+       case BPF_ALU | BPF_LSH | BPF_K:
+          // XXX: signal to coverity that we really do want a 32-bit result
+          dr = (uint64_t)((uint32_t)dr << s1); break;
        case BPF_ALU | BPF_RSH | BPF_X:
        case BPF_ALU | BPF_RSH | BPF_K:  dr = (uint32_t)dr >> s1; break;
        case BPF_ALU | BPF_XOR | BPF_X: