[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Libguestfs] Coverity: possible false positive in do_lxattrlist



http://git.annexia.org/?p=libguestfs.git;a=blob;f=daemon/xattr.c;h=2b4882a0de0982b52e35c0527dec9b238d83066d;hb=HEAD#l284

Coverity complains about the strcpy on line 295:

 295     strcpy (&pathname[path_len+1], names[k]);

"Overrunning static array of size 4096 bytes at byte position 4096 by
accessing with pointer "&pathname[path_len + 1UL]" through dereference
in call to "strcpy". (Deref assumed on the basis of 'nonnull'
parameter attribute.)"

However AFAICT the check at line 290 should be sufficient to avoid
this.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
libguestfs lets you edit virtual machines.  Supports shell scripting,
bindings from many languages.  http://libguestfs.org


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]