Fwd: New Defects reported by Coverity Scan for RTEMS-Newlib
Joel Sherrill
joel@rtems.org
Tue Mar 1 12:59:35 GMT 2022
Hi
The RTEMS Projects runs Coverity Scan when Newlib changes.
Not sure who committed something that triggered these but overnight 6 new
defects showed up. Most look to be NULL dereferences.
--joel
---------- Forwarded message ---------
From: <scan-admin@coverity.com>
Date: Tue, Mar 1, 2022, 12:25 AM
Subject: New Defects reported by Coverity Scan for RTEMS-Newlib
To: <joel.sherrill@gmail.com>
Hi,
Please find the latest report on new defect(s) introduced to RTEMS-Newlib
found with Coverity Scan.
6 new defect(s) introduced to RTEMS-Newlib found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 6 of 6 defect(s)
** CID 387497: (FORWARD_NULL)
/home/joel/rtems-cron-coverity/sourceware-mirror-newlib-cygwin/newlib/libc/stdio/asiprintf.c:
46 in _asiprintf_r()
________________________________________________________________________________________________________
*** CID 387497: (FORWARD_NULL)
/home/joel/rtems-cron-coverity/sourceware-mirror-newlib-cygwin/newlib/libc/stdio/asiprintf.c:
46 in _asiprintf_r()
40 f._file = -1; /* No file. */
41 va_start (ap, fmt);
42 ret = _svfiprintf_r (ptr, &f, fmt, ap);
43 va_end (ap);
44 if (ret >= 0)
45 {
>>> CID 387497: (FORWARD_NULL)
>>> Dereferencing null pointer "f._p".
46 *f._p = 0;
47 *strp = (char *) f._bf._base;
48 }
49 return (ret);
50 }
51
/home/joel/rtems-cron-coverity/sourceware-mirror-newlib-cygwin/newlib/libc/stdio/asiprintf.c:
42 in _asiprintf_r()
36 /* mark a zero-length reallocatable buffer */
37 f._flags = __SWR | __SSTR | __SMBF;
38 f._bf._base = f._p = NULL;
39 f._bf._size = f._w = 0;
40 f._file = -1; /* No file. */
41 va_start (ap, fmt);
>>> CID 387497: (FORWARD_NULL)
>>> Passing "&f" to "_svfiprintf_r", which dereferences null "f._p".
42 ret = _svfiprintf_r (ptr, &f, fmt, ap);
43 va_end (ap);
44 if (ret >= 0)
45 {
46 *f._p = 0;
47 *strp = (char *) f._bf._base;
** CID 387496: (FORWARD_NULL)
/home/joel/rtems-cron-coverity/sourceware-mirror-newlib-cygwin/newlib/libc/stdio/vasniprintf.c:
54 in _vasniprintf_r()
________________________________________________________________________________________________________
*** CID 387496: (FORWARD_NULL)
/home/joel/rtems-cron-coverity/sourceware-mirror-newlib-cygwin/newlib/libc/stdio/vasniprintf.c:
54 in _vasniprintf_r()
48 f._bf._size = f._w = len;
49 f._file = -1; /* No file. */
50 ret = _svfiprintf_r (ptr, &f, fmt, ap);
51 if (ret < 0)
52 return NULL;
53 *lenp = ret;
>>> CID 387496: (FORWARD_NULL)
>>> Dereferencing null pointer "f._p".
54 *f._p = '\0';
55 return (char *) f._bf._base;
56 }
57
58 #ifndef _REENT_ONLY
59
/home/joel/rtems-cron-coverity/sourceware-mirror-newlib-cygwin/newlib/libc/stdio/vasniprintf.c:
50 in _vasniprintf_r()
44 {
45 ptr->_errno = EOVERFLOW;
46 return NULL;
47 }
48 f._bf._size = f._w = len;
49 f._file = -1; /* No file. */
>>> CID 387496: (FORWARD_NULL)
>>> Passing "&f" to "_svfiprintf_r", which dereferences null "f._p".
50 ret = _svfiprintf_r (ptr, &f, fmt, ap);
51 if (ret < 0)
52 return NULL;
53 *lenp = ret;
54 *f._p = '\0';
55 return (char *) f._bf._base;
** CID 387495: (FORWARD_NULL)
/home/joel/rtems-cron-coverity/sourceware-mirror-newlib-cygwin/newlib/libc/stdio/asiprintf.c:
72 in asiprintf()
________________________________________________________________________________________________________
*** CID 387495: (FORWARD_NULL)
/home/joel/rtems-cron-coverity/sourceware-mirror-newlib-cygwin/newlib/libc/stdio/asiprintf.c:
72 in asiprintf()
66 f._file = -1; /* No file. */
67 va_start (ap, fmt);
68 ret = _svfiprintf_r (_REENT, &f, fmt, ap);
69 va_end (ap);
70 if (ret >= 0)
71 {
>>> CID 387495: (FORWARD_NULL)
>>> Dereferencing null pointer "f._p".
72 *f._p = 0;
73 *strp = (char *) f._bf._base;
74 }
75 return (ret);
76 }
77
/home/joel/rtems-cron-coverity/sourceware-mirror-newlib-cygwin/newlib/libc/stdio/asiprintf.c:
68 in asiprintf()
62 /* mark a zero-length reallocatable buffer */
63 f._flags = __SWR | __SSTR | __SMBF;
64 f._bf._base = f._p = NULL;
65 f._bf._size = f._w = 0;
66 f._file = -1; /* No file. */
67 va_start (ap, fmt);
>>> CID 387495: (FORWARD_NULL)
>>> Passing "&f" to "_svfiprintf_r", which dereferences null "f._p".
68 ret = _svfiprintf_r (_REENT, &f, fmt, ap);
69 va_end (ap);
70 if (ret >= 0)
71 {
72 *f._p = 0;
73 *strp = (char *) f._bf._base;
** CID 387494: (FORWARD_NULL)
/home/joel/rtems-cron-coverity/sourceware-mirror-newlib-cygwin/newlib/libc/stdio/vasiprintf.c:
59 in _vasiprintf_r()
________________________________________________________________________________________________________
*** CID 387494: (FORWARD_NULL)
/home/joel/rtems-cron-coverity/sourceware-mirror-newlib-cygwin/newlib/libc/stdio/vasiprintf.c:
56 in _vasiprintf_r()
50 FILE f;
51
52 f._flags = __SWR | __SSTR | __SMBF ;
53 f._bf._base = f._p = NULL;
54 f._bf._size = f._w = 0;
55 f._file = -1; /* No file. */
>>> CID 387494: (FORWARD_NULL)
>>> Passing "&f" to "_svfiprintf_r", which dereferences null "f._p".
56 ret = _svfiprintf_r (ptr, &f, fmt, ap);
57 if (ret >= 0)
58 {
59 *f._p = 0;
60 *strp = (char *) f._bf._base;
61 }
62 return ret;
/home/joel/rtems-cron-coverity/sourceware-mirror-newlib-cygwin/newlib/libc/stdio/vasiprintf.c:
59 in _vasiprintf_r()
53 f._bf._base = f._p = NULL;
54 f._bf._size = f._w = 0;
55 f._file = -1; /* No file. */
56 ret = _svfiprintf_r (ptr, &f, fmt, ap);
57 if (ret >= 0)
58 {
>>> CID 387494: (FORWARD_NULL)
>>> Dereferencing null pointer "f._p".
59 *f._p = 0;
60 *strp = (char *) f._bf._base;
61 }
62 return ret;
** CID 387493: (FORWARD_NULL)
/home/joel/rtems-cron-coverity/sourceware-mirror-newlib-cygwin/newlib/libc/stdio/asniprintf.c:
56 in _asniprintf_r()
________________________________________________________________________________________________________
*** CID 387493: (FORWARD_NULL)
/home/joel/rtems-cron-coverity/sourceware-mirror-newlib-cygwin/newlib/libc/stdio/asniprintf.c:
56 in _asniprintf_r()
50 va_start (ap, fmt);
51 ret = _svfiprintf_r (ptr, &f, fmt, ap);
52 va_end (ap);
53 if (ret < 0)
54 return NULL;
55 *lenp = ret;
>>> CID 387493: (FORWARD_NULL)
>>> Dereferencing null pointer "f._p".
56 *f._p = '\0';
57 return (char *) f._bf._base;
58 }
59
60 #ifndef _REENT_ONLY
61
/home/joel/rtems-cron-coverity/sourceware-mirror-newlib-cygwin/newlib/libc/stdio/asniprintf.c:
51 in _asniprintf_r()
45 ptr->_errno = EOVERFLOW;
46 return NULL;
47 }
48 f._bf._size = f._w = len;
49 f._file = -1; /* No file. */
50 va_start (ap, fmt);
>>> CID 387493: (FORWARD_NULL)
>>> Passing "&f" to "_svfiprintf_r", which dereferences null "f._p".
51 ret = _svfiprintf_r (ptr, &f, fmt, ap);
52 va_end (ap);
53 if (ret < 0)
54 return NULL;
55 *lenp = ret;
56 *f._p = '\0';
** CID 387492: (FORWARD_NULL)
/home/joel/rtems-cron-coverity/sourceware-mirror-newlib-cygwin/newlib/libc/stdio/asniprintf.c:
102 in asniprintf()
________________________________________________________________________________________________________
*** CID 387492: (FORWARD_NULL)
/home/joel/rtems-cron-coverity/sourceware-mirror-newlib-cygwin/newlib/libc/stdio/asniprintf.c:
97 in asniprintf()
91 ptr->_errno = EOVERFLOW;
92 return NULL;
93 }
94 f._bf._size = f._w = len;
95 f._file = -1; /* No file. */
96 va_start (ap, fmt);
>>> CID 387492: (FORWARD_NULL)
>>> Passing "&f" to "_svfiprintf_r", which dereferences null "f._p".
97 ret = _svfiprintf_r (ptr, &f, fmt, ap);
98 va_end (ap);
99 if (ret < 0)
100 return NULL;
101 *lenp = ret;
102 *f._p = '\0';
103 return (char *) f._bf._base;
104 }
105
/home/joel/rtems-cron-coverity/sourceware-mirror-newlib-cygwin/newlib/libc/stdio/asniprintf.c:
102 in asniprintf()
96 va_start (ap, fmt);
97 ret = _svfiprintf_r (ptr, &f, fmt, ap);
98 va_end (ap);
99 if (ret < 0)
100 return NULL;
101 *lenp = ret;
>>> CID 387492: (FORWARD_NULL)
>>> Dereferencing null pointer "f._p".
102 *f._p = '\0';
103 return (char *) f._bf._base;
104 }
105
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit,
https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50ypUUzi-2FdSNmuyRB7BEFT8xQWqa-2BcrUOdcmLJRN5wHA-2F-2Bj-2BUPxOS2vpJc2U7lnvDDSM-3Dnqug_CTvEjVoKhyc6dLmJJo1u9AYIk8P8bcAbCPbBDYvYSXrGLZMaHd5esU0ARWQLalpbU14eFG-2B8GBetplQDq0TFveW7GhsLMcXeSEhKYoSzfs79W0hf2Yn-2BdzWSDPS0EESLlkStqI3WwPQMfb34ZdTZU7WEQcrZaQuFXKuGz0VlCF7KqPVBI3zTemmClCpRRwRohHCmfibOFsZTs1X-2FRcY52FNG4ag-2BOQcuq0K2qt4q3HU-3D
To manage Coverity Scan email notifications for "joel.sherrill@gmail.com",
click
https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yped04pjJnmXOsUBtKYNIXxTJDdEZ5ceQ-2BXdf-2FM1tcMIXP73MN3HxQfFTMLU5dSe8Rv0KFh7gYStOFjZD12ucRRnrjyUHOCTj7rG0E9HBcwa6j-2FX4NTabdEq2v7MM-2FuqaA-3DJ8Qh_CTvEjVoKhyc6dLmJJo1u9AYIk8P8bcAbCPbBDYvYSXrGLZMaHd5esU0ARWQLalpbU14eFG-2B8GBetplQDq0TFvV2SdrBvi9WPWAL9ik9dUN3G4GCz8VYLMQNfnG1KXM-2B3Izv46DsGCDeNRaHHjKQaodaHQLONx4FWpogc4bk0lIv9WPI18Ah675HB1nu1NDtORJjikxZE-2BlhmmrkoLD0utEP5uRkuJbyd23X6MuuSrA8-3D
More information about the Newlib
mailing list