qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] why does our coverity-model.c g_strdup() say it is a size-s


From: Peter Maydell
Subject: [Qemu-devel] why does our coverity-model.c g_strdup() say it is a size-sink?
Date: Thu, 14 Mar 2019 10:51:59 +0000

Our coverity model of g_strdup() includes:
  __coverity_string_size_sink__(s);

This seems to be causing Coverity to report false positives like
CID1399705 and 1399699 where we take a string from getenv() and
pass it to g_strdup() The getenv() string is untrusted data of unknown
length, and g_strdup() being marked as a size-sink makes Coverity
think the function wants "a string of a particular size".

Markus, you wrote this model initially -- can you remember why it's
marked as a size-sink? Unfortunately I can't find any documentation
online about what the coverity model annotation here means :-(

Should we just mark up the issues as false-positives, or should
we change our model ?

thanks
-- PMM



reply via email to

[Prev in Thread] Current Thread [Next in Thread]