OpenContrail

Coverity issues in contrail-controller/agent_param.cc

Bug #1770169 reported by Anda-Maria Nicolae on 2018-05-09

This bug affects 1 person

	Status	Importance	Assigned to	Milestone
Juniper Openstack	Status tracked in Trunk
R5.0	Fix Committed	Undecided	Anda-Maria Nicolae	Juniper Openstack r5.0.1
Trunk	Fix Committed	Undecided	Anda-Maria Nicolae	Juniper Openstack r5.1.0
OpenContrail	New	Undecided	Unassigned

Bug Description

Hi all,

I have run Coverity on branch R5.0 and it reported the following issues in contrail-controller/agent_param.cc:
- buffer_size_warning: Calling strncpy with a maximum size argument of 16 bytes on destination array ifrn.ifrn_name of size 16 bytes might leave the destination string unterminated in agent_param.cc:ValidateInterface
- leaked_storage: Variable f going out of scope leaks the storage it points to in agent_param.cc:ValidateInterface

Indeed, for the 1st issue, the length of std::string::c_str() may be greater than IF_NAMESIZE. In that case, after calling strncpy, ifrn.ifrn_name will not be a NULL-terminated string.
For the 2nd issue, we need to close the file pointer before exiting the function.

Tags:

Revision history for this message

OpenContrail Admin (ci-admin-f) wrote on 2018-05-09: [Review update] R5.0

Review in progress for https://review.opencontrail.org/42901
Submitter: Anda Nicolae (<email address hidden>)

Revision history for this message

OpenContrail Admin (ci-admin-f) wrote on 2018-05-09: [Review update] master

Review in progress for https://review.opencontrail.org/42902
Submitter: Anda Nicolae (<email address hidden>)

Jeba Paulaiyan (jebap) on 2018-05-10

tags:

added: vrouter

Revision history for this message

OpenContrail Admin (ci-admin-f) wrote on 2018-05-14: [Review update] R5.0

Review in progress for https://review.opencontrail.org/43017
Submitter: Anda Nicolae (<email address hidden>)

Revision history for this message

OpenContrail Admin (ci-admin-f) wrote on 2018-05-14: [Review update] master

Review in progress for https://review.opencontrail.org/43018
Submitter: Anda Nicolae (<email address hidden>)

Revision history for this message

OpenContrail Admin (ci-admin-f) wrote on 2018-06-05: A change has been merged

Reviewed: https://review.opencontrail.org/42902
Committed: http://github.com/Juniper/contrail-controller/commit/e0552404e0c1714a342e8329a4bacc726ed18855
Submitter: Zuul v3 CI (<email address hidden>)
Branch: master

commit e0552404e0c1714a342e8329a4bacc726ed18855
Author: Anda Nicolae <email address hidden>
Date: Wed May 9 17:14:21 2018 +0300

Coverity issues in contrail-controller/agent_param.cc

I have run Coverity on branch R5.0 and it reported the
following issues in contrail-controller/agent_param.cc:
- buffer_size_warning: Calling strncpy with a maximum size
argument of 16 bytes on destination array ifrn.ifrn_name of
size 16 bytes might leave the destination string unterminated
in agent_param.cc:ValidateInterface
- leaked_storage: Variable f going out of scope leaks the storage
it points to in agent_param.cc:ValidateInterface

Indeed, for the 1st issue, the length of std::string::c_str() may be
greater than IF_NAMESIZE. In that case, after calling strncpy, ifrn.ifrn_name
will not be a NULL-terminated string.
For the 2nd issue, we need to close the file pointer before exiting the function.

Change-Id: I9ad412d02323fb5fe8175f67680d5c232bb76dc2
Closes-bug: #1770169
Signed-off-by: Anda Nicolae <email address hidden>

Revision history for this message

OpenContrail Admin (ci-admin-f) wrote on 2018-06-12:

#10

Reviewed: https://review.opencontrail.org/43017
Committed: http://github.com/Juniper/contrail-controller/commit/e1bfcb955bfc0f64979da456c9fdadb98ed45925
Submitter: Zuul v3 CI (<email address hidden>)
Branch: R5.0

commit e1bfcb955bfc0f64979da456c9fdadb98ed45925
Author: Anda Nicolae <email address hidden>
Date: Wed May 9 17:14:21 2018 +0300

Coverity issues in contrail-controller/agent_param.cc

I have run Coverity on branch R5.0 and it reported the
following issues in contrail-controller/agent_param.cc:
- buffer_size_warning: Calling strncpy with a maximum size
argument of 16 bytes on destination array ifrn.ifrn_name of
size 16 bytes might leave the destination string unterminated
in agent_param.cc:ValidateInterface
- leaked_storage: Variable f going out of scope leaks the storage
it points to in agent_param.cc:ValidateInterface

Indeed, for the 1st issue, the length of std::string::c_str() may be
greater than IF_NAMESIZE. In that case, after calling strncpy, ifrn.ifrn_name
will not be a NULL-terminated string.
For the 2nd issue, we need to close the file pointer before exiting the function.

Change-Id: Iceaf2490ae224b7134a4781f894b784f016e42a3
Closes-bug: #1770169
Signed-off-by: Anda Nicolae <email address hidden>

Revision history for this message

OpenContrail Admin (ci-admin-f) wrote on 2018-06-25:

#11

Reviewed: https://review.opencontrail.org/43018
Committed: http://github.com/Juniper/contrail-controller/commit/e272d14fdddb2dac1313dd12617a82c8b7301fe0
Submitter: Zuul v3 CI (<email address hidden>)
Branch: master

commit e272d14fdddb2dac1313dd12617a82c8b7301fe0
Author: Anda Nicolae <email address hidden>
Date: Wed May 9 17:14:21 2018 +0300

Coverity issues in contrail-controller/agent_param.cc

I have run Coverity on branch R5.0 and it reported the
following issues in contrail-controller/agent_param.cc:
- buffer_size_warning: Calling strncpy with a maximum size
argument of 16 bytes on destination array ifrn.ifrn_name of
size 16 bytes might leave the destination string unterminated
in agent_param.cc:ValidateInterface
- leaked_storage: Variable f going out of scope leaks the storage
it points to in agent_param.cc:ValidateInterface

Indeed, for the 1st issue, the length of std::string::c_str() may be
greater than IF_NAMESIZE. In that case, after calling strncpy, ifrn.ifrn_name
will not be a NULL-terminated string.
For the 2nd issue, we need to close the file pointer before exiting the function.

Change-Id: Iceaf2490ae224b7134a4781f894b784f016e42a3
Closes-bug: #1770169
Signed-off-by: Anda Nicolae <email address hidden>

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.