Skip to content

Coverity reports use of tainted scalar

2607
    	43. tainted_argument: Calling function journal_read_xhdr taints argument xhdr.size. [show details]
2608                        result = journal_read_xhdr(j1, &xhdr);
    	44. Condition rewrite, taking true branch.
    	45. Condition result == 29, taking false branch.
2609                        if (rewrite && result == ISC_R_NOMORE) {
2610                                break;
2611                        }
    	46. Condition result != 0, taking false branch.
2612                        CHECK(result);
2613
    	47. var_assign_var: Assigning: size = xhdr.size. Both are now tainted.
2614                        size = xhdr.size;
    	
CID 331088 (#3 of 3): Untrusted allocation size (TAINTED_SCALAR)
48. tainted_data: Passing tainted expression size to isc__mem_get, which uses it as an allocation size. [show details]
    	Ensure that tainted values are properly sanitized, by checking that their values are within a permissible range.
2615                        buf = isc_mem_get(mctx, size);
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information