From fe99bcb583537021d89527b9f409652196b5c642 Mon Sep 17 00:00:00 2001 From: Serhei Makarov Date: Thu, 9 May 2019 16:43:36 -0400 Subject: [PATCH] stapbpf/bpfinterp.cxx :: placate the gods of Coverity * bpf-internal.h (BPF_MAXSTRINGLEN_PLUS): new define, BPF_MAXSTRINGLEN+1. * stapbpf/bpfinterp.cxx (map_get_next_key): BUFFER_SIZE_WARNING use bigger buffer. (bpf_interpret): UNUSED_VALUE memset regs to 0x0, OVERFLOW_BEFORE_WIDEN indicate in 32-bit LSH operation that widening is inappropriate. --- bpf-internal.h | 2 ++ stapbpf/bpfinterp.cxx | 8 ++++++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/bpf-internal.h b/bpf-internal.h index f567a8a6f..ef46674d8 100644 --- a/bpf-internal.h +++ b/bpf-internal.h @@ -45,7 +45,9 @@ namespace bpf { #define BPF_REG_SIZE 8 #define BPF_MAXSTRINGLEN 64 +#define BPF_MAXSTRINGLEN_PLUS 65 // #define BPF_MAXSTRINGLEN 128 // TODO: Longer strings require a smarter storage allocator. +// #define BPF_MAXSTRINGLEN_PLUS 129 #define BPF_MAXFORMATLEN 256 #define BPF_MAXPRINTFARGS 32 // #define BPF_MAXPRINTFARGS 3 // Maximum for trace_printk() method. diff --git a/stapbpf/bpfinterp.cxx b/stapbpf/bpfinterp.cxx index 05e85f4c6..c6773ea9f 100644 --- a/stapbpf/bpfinterp.cxx +++ b/stapbpf/bpfinterp.cxx @@ -112,7 +112,8 @@ map_get_next_key(int fd_idx, int64_t key, int64_t next_key, // with a single map during execution of nested foreach loops. if (!key && is_str) { - char k[BPF_MAXSTRINGLEN], n[BPF_MAXSTRINGLEN]; + // XXX: BPF_MAXSTRINGLEN+1 to avoid coverity warning + char k[BPF_MAXSTRINGLEN_PLUS], n[BPF_MAXSTRINGLEN_PLUS]; std::set s; int rc = bpf_get_next_key(fd, 0, as_ptr(n)); @@ -436,6 +437,7 @@ bpf_interpret(size_t ninsns, const struct bpf_insn insns[], uint64_t result = 0; // return value uint64_t stack[512 / 8]; uint64_t regs[MAX_BPF_REG]; + memset(regs, 0x0, sizeof(uint64_t) * MAX_BPF_REG); const struct bpf_insn *i = insns; static std::vector map_values; static std::vector strings; // TODO: could clear on exit? @@ -549,7 +551,9 @@ bpf_interpret(size_t ninsns, const struct bpf_insn insns[], case BPF_ALU | BPF_OR | BPF_X: case BPF_ALU | BPF_OR | BPF_K: dr = (uint32_t)(dr | s1); break; case BPF_ALU | BPF_LSH | BPF_X: - case BPF_ALU | BPF_LSH | BPF_K: dr = (uint32_t)dr << s1; break; + case BPF_ALU | BPF_LSH | BPF_K: + // XXX: signal to coverity that we really do want a 32-bit result + dr = (uint64_t)((uint32_t)dr << s1); break; case BPF_ALU | BPF_RSH | BPF_X: case BPF_ALU | BPF_RSH | BPF_K: dr = (uint32_t)dr >> s1; break; case BPF_ALU | BPF_XOR | BPF_X: -- 2.43.5