Coverity-updates archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

New Defects reported by Coverity Scan for NetBSD-i386-kernel



Hi,

Please find the latest report on new defect(s) introduced to NetBSD-i386-kernel found with Coverity Scan.

7 new defect(s) introduced to NetBSD-i386-kernel found with Coverity Scan. 3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan Showing 7 of 7 defect(s)

** CID 1364138: Control flow issues (DEADCODE) /sys/arch/x86/x86/x86_machdep.c: 557 in x86_add_cluster()

______________________________________________________________________________________________________ * CID 1364138: Control flow issues (DEADCODE) /sys/arch/x86/x86/x86_machdep.c: 557 in x86_add_cluster() 551 * sure we get them all. 552 */ 553 if (seg_start < 0x100000000ULL) { 554 uint64_t io_end; 555 556 if (seg_end > 0x100000000ULL)

CID 1364138: Control flow issues (DEADCODE) Execution cannot reach this statement: “io_end = 4294967296ULL;”.

557 io_end = 0x100000000ULL; 558 else 559 io_end = seg_end; 560 561 if (iomem_ex != NULL && extent_alloc_region(iomem_ex, seg_start, 562 io_end – seg_start, EX_NOWAIT)) {

** CID 1364139: Control flow issues (DEADCODE) /sys/net/bpf.c: 2130 in bpf_modcmd()

______________________________________________________________________________________________________ * CID 1364139: Control flow issues (DEADCODE) /sys/net/bpf.c: 2130 in bpf_modcmd() 2124 #ifdef _MODULE 2125 bmajor = cmajor = NODEVMAJOR; 2126 error = devsw_attach("bpf", NULL, &bmajor, 2127 &bpf_cdevsw, &cmajor); 2128 #endif 2129 if (error)

CID 1364139: Control flow issues (DEADCODE) Execution cannot reach this statement: “break;”.

2130 break; 2131 2132 bpf_ops_handover_enter(&bpf_ops_kernel); 2133 atomic_swap_ptr(&bpf_ops, &bpf_ops_kernel); 2134 bpf_ops_handover_exit(); 2135 sysctl_net_bpf_setup();

** CID 1364140: Control flow issues (DEADCODE) /sys/external/bsd/ipf/netinet/ip_fil_netbsd.c: 2218 in ipl_init()

______________________________________________________________________________________________________ * CID 1364140: Control flow issues (DEADCODE) /sys/external/bsd/ipf/netinet/ip_fil_netbsd.c: 2218 in ipl_init() 2212 error = devsw_attach("ipl", NULL, &ipl_bmaj, &ipl_cdevsw, &ipl_cmaj); 2213 if (error == EEXIST) 2214 error = 0; 2215 #endif 2216 2217 if (error)

CID 1364140: Control flow issues (DEADCODE) Execution cannot reach this statement: “ipl_fini(opaque);”.

2218 ipl_fini(opaque); 2219 2220 return error; 2221 } 2222 2223 static int

** CID 1364141: Control flow issues (DEADCODE) /sys/netsmb/smb_dev.c: 388 in nsmb_modcmd()

______________________________________________________________________________________________________ * CID 1364141: Control flow issues (DEADCODE) /sys/netsmb/smb_dev.c: 388 in nsmb_modcmd() 382 nsmbattach(1); 383 #ifdef _MODULE 384 error = 385 devsw_attach("nsmb", NULL, &bmajor, &nsmb_cdevsw, &cmajor); 386 #endif 387 if (error) {

CID 1364141: Control flow issues (DEADCODE) Execution cannot reach this statement: “nsmbdetach();”.

388 nsmbdetach(); 389 } 390 391 break; 392 case MODULE_CMD_FINI: 393 #ifdef _MODULE

** CID 1364142: Control flow issues (MISSING_BREAK) /sys/dev/pci/piixpm.c: 147 in piixpm_match()

______________________________________________________________________________________________________ * CID 1364142: Control flow issues (MISSING_BREAK) /sys/dev/pci/piixpm.c: 147 in piixpm_match() 141 case PCI_PRODUCT_SERVERWORKS_OSB4: 142 case PCI_PRODUCT_SERVERWORKS_CSB5: 143 case PCI_PRODUCT_SERVERWORKS_CSB6: 144 case PCI_PRODUCT_SERVERWORKS_HT1000SB: 145 return 1; 146 }

CID 1364142: Control flow issues (MISSING_BREAK) The above case falls through to this one.

147 case PCI_VENDOR_AMD: 148 switch (PCI_PRODUCT(pa->pa_id)) { 149 case PCI_PRODUCT_AMD_HUDSON_SMB: 150 return 1; 151 } 152 }

** CID 1364143: Memory – illegal accesses (OVERRUN) /sys/kern/kern_event.c: 946 in kqueue_register()

______________________________________________________________________________________________________ * CID 1364143: Memory – illegal accesses (OVERRUN) /sys/kern/kern_event.c: 946 in kqueue_register() 940 || (fp = fd_getfile(fd = kev->ident)) == NULL) { 941 rw_exit(&kqueue_filter_lock); 942 kmem_free(newkn, sizeof(*newkn)); 943 return EBADF; 944 } 945 mutex_enter(&fdp->fd_lock);

CID 1364143: Memory – illegal accesses (OVERRUN) Overrunning array “fdp->fd_dt->dt_ff” of 20 4-byte elements at element index 2147483647 (byte offset 8589934588) using index “fd” (which evaluates to 2147483647).

946 ff = fdp->fd_dt->dt_ff[fd]; 947 if (fd <= fdp->fd_lastkqfile) { 948 SLIST_FOREACH(kn, &ff->ff_knlist, kn_link) { 949 if (kq == kn->kn_kq && 950 kev->filter == kn->kn_filter) 951 break;

** CID 1364144: Memory – corruptions (OVERRUN) /sys/kern/kern_event.c: 939 in kqueue_register()

______________________________________________________________________________________________________ * CID 1364144: Memory – corruptions (OVERRUN) /sys/kern/kern_event.c: 939 in kqueue_register() 933 } 934 935 /* search if knote already exists / 936 if (kfilter->filtops->f_isfd) { 937 / monitoring a file descriptor / 938 / validate descriptor */

CID 1364144: Memory – corruptions (OVERRUN) Assigning: “fd” = “kev->ident”. The value of “fd” may now be up to 2147483647.

939 if (kev->ident > INT_MAX 940 || (fp = fd_getfile(fd = kev->ident)) == NULL) { 941 rw_exit(&kqueue_filter_lock); 942 kmem_free(newkn, sizeof(*newkn)); 943 return EBADF; 944 }

______________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/netbsd-i386-kernel?tab=overview

To manage Coverity Scan email notifications for “coverity-updates%netbsd.org@localhost”, click https://scan.coverity.com/subscriptions/edit?email=coverity-updates%40netbsd.org&token=487286ca1a9a4f4bd485d16f66b5e782



Home | Main Index | Thread Index | Old Index