Compiz

Coverity TAINTED_STRING - CID 12543 - src/main.cpp - function: main - Assigning: "programName" = "argv[0]". Both are now tainted. Assigning: "programArgv" = "argv". Both are now tainted. Later: Passing tainted string "programName" to "execvp(char const , char const )", which cannot accept tainted data and passing tainted string "programArgv" to "execvp(char const , char const *)", which cannot accept tainted data.

Bug #1101510 reported by Product Strategy Coverity Bug Uploader on 2013-01-18

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Compiz	Triaged	Low	Unassigned	Compiz 0.9.12.2
	0.9.9	Won't Fix	Low	Unassigned

Bug Description

This bug is exported from the Coverity Integration Manager on Canonical's servers. For information on how this is done please see this website: https://wiki.ubuntu.com/CanonicalProductStrategy/Coverity
CID: 12543
Checker: TAINTED_STRING
Category: No category available
CWE definition: http://cwe.mitre.org/data/definitions/20.html
File: /tmp/buildd/compiz-0.9.9~daily13.01.14/src/main.cpp
Function: main
Code snippet:
248 main (int argc, char **argv)
249 {
250 CompManager manager;
251
CID 12543 - TAINTED_STRING
Assigning: "programName" = "argv[0]". Both are now tainted.
252 programName = argv[0];
253 programArgc = argc;
CID 12543 - TAINTED_STRING
Assigning: "programArgv" = "argv". Both are now tainted.
254 programArgv = argv;
255
256 detectCompizBinPath (argv);
257

Tags:

Revision history for this message

Product Strategy Coverity Bug Uploader (coverity-uploader) wrote on 2013-01-18: compiz-0.9.9: /tmp/buildd/compiz-0.9.9~daily13.01.14/src/main.cpp

compiz-0.9.9: /tmp/buildd/compiz-0.9.9~daily13.01.14/src/main.cpp Edit (39.6 KiB, text/html)

Source file with Coverity annotations.

Changed in compiz:
importance:	Undecided → Low

MC Return (mc-return) on 2013-07-06

summary:	- Coverity TAINTED_STRING - CID 12543 + Coverity TAINTED_STRING - CID 12543 - src/main.cpp - function: main - + Assigning: "programName" = "argv[0]". Both are now tainted. Assigning: + "programArgv" = "argv". Both are now tainted. Later: Passing tainted + string "programName" to "execvp(char const , char const )", which + cannot accept tainted data and passing tainted string "programArgv" to + "execvp(char const , char const *)", which cannot accept tainted + data.
Changed in compiz:
milestone:	none → 0.9.10.0

Sam Spilsbury (smspillaz) on 2013-07-22

Changed in compiz:
milestone:	0.9.10.0 → 0.9.10.2

MC Return (mc-return) on 2013-07-24

Changed in compiz:
milestone:	0.9.10.2 → 0.9.11.0

Stephen M. Webb (bregma) on 2014-11-25

Changed in compiz:
milestone:	0.9.11.0 → 0.9.12.1
status:	New → Triaged

Stephen M. Webb (bregma) on 2015-02-03

Changed in compiz:
milestone:	0.9.12.1 → 0.9.12.2

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

compiz-0.9.9: /tmp/buildd/compiz-0.9.9~daily13.01.14/src/main.cpp Edit

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.