Hi,
Please find the latest report on new defect(s) introduced to Pike-master found
with Coverity Scan.
1 new defect(s) introduced to Pike-master found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1034081: (TAINTED_SCALAR)
________________________________________________________________________________________________________
*** CID 1034081: (TAINTED_SCALAR)
/home/covbuilder/pike/Pike-v9.1-snapshot/src/modules/Image/encodings/tga.c: 185
in load_image()
179
180 if(buffer.len < 3)
181 Pike_error("Not enough data in buffer to decode a TGA image\n");
182 if (buffer.len > str->len - sizeof(struct tga_header))
183 Pike_error("Malformed TGA header.\n");
184
>>> CID 1034081: (TAINTED_SCALAR)
>>> Passing tainted expression "hdr.colorMapLengthHi" to "ReadImage", which
>>> uses it as an allocation size.
185 return ReadImage (&buffer, &hdr);
186 }
187
188 static ptrdiff_t std_fread (unsigned char *buf,
189 size_t datasize, size_t nelems, struct
buffer *fp)
190 {
/home/covbuilder/pike/Pike-v9.1-snapshot/src/modules/Image/encodings/tga.c: 185
in load_image()
179
180 if(buffer.len < 3)
181 Pike_error("Not enough data in buffer to decode a TGA image\n");
182 if (buffer.len > str->len - sizeof(struct tga_header))
183 Pike_error("Malformed TGA header.\n");
184
>>> CID 1034081: (TAINTED_SCALAR)
>>> Passing tainted expression "hdr.heightHi" to "ReadImage", which uses it
>>> as a loop boundary.
185 return ReadImage (&buffer, &hdr);
186 }
187
188 static ptrdiff_t std_fread (unsigned char *buf,
189 size_t datasize, size_t nelems, struct
buffer *fp)
190 {
/home/covbuilder/pike/Pike-v9.1-snapshot/src/modules/Image/encodings/tga.c: 185
in load_image()
179
180 if(buffer.len < 3)
181 Pike_error("Not enough data in buffer to decode a TGA image\n");
182 if (buffer.len > str->len - sizeof(struct tga_header))
183 Pike_error("Malformed TGA header.\n");
184
>>> CID 1034081: (TAINTED_SCALAR)
>>> Passing tainted expression "*buffer.str" to "ReadImage", which uses it
>>> as an offset.
185 return ReadImage (&buffer, &hdr);
186 }
187
188 static ptrdiff_t std_fread (unsigned char *buf,
189 size_t datasize, size_t nelems, struct
buffer *fp)
190 {
/home/covbuilder/pike/Pike-v9.1-snapshot/src/modules/Image/encodings/tga.c: 185
in load_image()
179
180 if(buffer.len < 3)
181 Pike_error("Not enough data in buffer to decode a TGA image\n");
182 if (buffer.len > str->len - sizeof(struct tga_header))
183 Pike_error("Malformed TGA header.\n");
184
>>> CID 1034081: (TAINTED_SCALAR)
>>> Passing tainted expression "hdr.widthHi" to "ReadImage", which uses it
>>> as an offset.
185 return ReadImage (&buffer, &hdr);
186 }
187
188 static ptrdiff_t std_fread (unsigned char *buf,
189 size_t datasize, size_t nelems, struct
buffer *fp)
190 {
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit,
https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu649A2LCacsc5aSXUzizdboEYlIWB1eQGLbFdSkKADcTJMun8On7NRqKsxfK6eEceE-3Da-OF_gzMDP0BK1zkkN1ekVzoXIUQvuFldRviU-2BLWKGOnffWIBy7QhPc1Tz5NrkEeYPiFOPKdVOevbMLN4juhSA1ZwrfFv-2BZlUpdiEtDqwyBUW84YrPKUATMq9wbT3JBJ65jhlrZUTbPjpxCstPDqiJxGEbYC0t-2FNSYmPRua6SPtY1oe40rjGJG9H9HbJyY12v9W77hkh19IdNV6L1yfOq4TZeX6pATZFmnxD6CzKwNNREVV0-3D
_______________________________________________
Pike-automation mailing list -- pike-automation@lists.lysator.liu.se
To unsubscribe send an email to pike-automation-le...@lists.lysator.liu.se
