New Defects reported by Coverity Scan for Apache-Qpid

scan-admin Tue, 12 Nov 2013 13:30:48 -0800

Hi,

Please find the latest report on new defect(s) introduced to Apache-Qpid found 
with Coverity Scan


Defect(s) Reported-by: Coverity Scan

        
** CID 1127840: Use of untrusted string value (TAINTED_STRING)


________________________________________________________________________
CID 1127840: Use of untrusted string value (TAINTED_STRING)

/qpidbuilds/trunk/qpid/cpp/src/tests/XmlClientSessionTest.cpp: 49 ( 
tainted_string_return_content)
   46    
   47    struct XmlFixture {
   48        XmlFixture() {
>>> "qpid::tests::getLibPath(char const *, char const *)" returns tainted 
>>> string content.
   49            qpid::sys::Shlib shlib(getLibPath("XML_LIB"));
   50        }
   51        ~XmlFixture() {}
   52    };
   53    
  

/qpidbuilds/trunk/qpid/cpp/src/tests/XmlClientSessionTest.cpp: 49 ( 
tainted_string)
   46    
   47    struct XmlFixture {
   48        XmlFixture() {
>>> CID 1127840: Use of untrusted string value (TAINTED_STRING)
>>> Passing tainted string "std::string(getLibPath("XML_LIB", NULL))" to 
>>> "qpid::sys::Shlib::Shlib(std::string const &)", which cannot accept tainted 
>>> data.
   49            qpid::sys::Shlib shlib(getLibPath("XML_LIB"));
   50        }
   51        ~XmlFixture() {}
   52    };
   53    
  
________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com

To unsubscribe from the email notification for new defects, 
http://scan5.coverity.com/cgi-bin/unsubscribe.py

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org

New Defects reported by Coverity Scan for Apache-Qpid

Reply via email to