[Libguestfs] Coverity: possible false positive in do_lxattrlist
Richard W.M. Jones
rjones at redhat.com
Thu Jun 9 10:39:20 UTC 2011
http://git.annexia.org/?p=libguestfs.git;a=blob;f=daemon/xattr.c;h=2b4882a0de0982b52e35c0527dec9b238d83066d;hb=HEAD#l284
Coverity complains about the strcpy on line 295:
295 strcpy (&pathname[path_len+1], names[k]);
"Overrunning static array of size 4096 bytes at byte position 4096 by
accessing with pointer "&pathname[path_len + 1UL]" through dereference
in call to "strcpy". (Deref assumed on the basis of 'nonnull'
parameter attribute.)"
However AFAICT the check at line 290 should be sufficient to avoid
this.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
libguestfs lets you edit virtual machines. Supports shell scripting,
bindings from many languages. http://libguestfs.org
More information about the Libguestfs
mailing list