[LU-10668] New static analysis issues in v2_10_58_0-35-gb11cf51 Created: 14/Feb/18  Updated: 30/Aug/23  Resolved: 15/Oct/21

Status: Resolved
Project: Lustre
Component/s: None
Affects Version/s: Lustre 2.11.0
Fix Version/s: None

Type: Bug Priority: Major
Reporter: Dmitry Eremin (Inactive) Assignee: WC Triage
Resolution: Fixed Votes: 0
Labels: kw

Issue Links:
Related
is related to LU-4629 Issues found by static analysis tools Resolved
Severity: 3
Rank (Obsolete): 9223372036854775807

 Description   

Found 4 new static analysis issues in v2_10_58_0-35-gb11cf51:

  1. Use of Unvalidated Integer in Memory Allocation
    • lustre/utils/gss/lgss_sk.c: in main, Unvalidated integer value 'config->skc_shared_keylen' is received from 'atoi' at line 394 and can be used to alter memory allocation size through call to 'get_key_data' at line 573.
  2. Result of function that may return NULL will be dereferenced
    • lustre/utils/gss/lgss_null_utils.c: in lgss_null_validate_cred, Pointer 'ctx_token->value' returned from call to function 'malloc' at line 68 may be NULL and will be dereferenced at line 69.
  3. Result of function that can return NULL may be dereferenced
    • lustre/utils/mount_lustre.c: in parse_options, Pointer 'options' returned from call to function 'calloc' at line 269 may be NULL and may be dereferenced at line 296. Also there are 3 similar errors on lines 301, 321, 343.
  4. Use of Unvalidated Integer in Memory Allocation
    • lustre/utils/gss/lgss_keyring.c: in main, Unvalidated integer value 'param.send_token_size' is received from 'receive_from' at line 1183 and can be used to alter memory allocation size through call to 'calloc' at line 1188. Also there is one similar error on line 1193.

The list of commits since the previous build v2_10_58_0-16-g21e3977:

b11cf51 LU-10576 tests: sleep seconds to avoid using cached statfs
d744923 LU-8444 tests: test for unsigned xattr inode number
4dd55cb LU-8602 gss: autoconf check missing "test" keyword
3a76ece LU-10611 autoconf: check zlib library and zlib.h header file
71ed60c LU-10577 tests: fix lfsck-performance for separate MGT and MDT
8cb2398 LU-10482 flr: enhance "lfs find" to add mirror options
a13e325 LU-9727 doc: update llog_reader man page for Changelogs
2a2adfd LU-9906 osd: use pagevec for putting pages
f3e3fd1 LU-10377 build: Update ZFS Version to 0.7.6
8811869 LU-9727 utils: make llog_reader decode changelog fields
ccb6fe4 LU-9727 lustre: record denied OPEN in Changelogs
b45f836 LU-9727 lustre: limit OPEN and CLOSE rates in Changelogs
c722371 LU-9727 lustre: add CL_GETXATTR for Changelogs
94470f7 LU-9409 llite: Add tiny write support
75364df LU-10418 flr: replace llapi_lease_get with llapi_lease_acquire
6b37393 LU-10448 lod: pick primary mirror for write
9e338ee LU-10181 mdt: high-priority request handling for DOM
795ca68 LU-10438 flr: layout truncate compatibility
fa15e53 LU-9771 util: rename LCM_FL_NOT_FLR to LCM_FL_NONE


 Comments   
Comment by James A Simmons [ 15/Oct/21 ]

This seems to be done

Generated at Sat Feb 10 02:37:08 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.