[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] coverity-model: replay data is considered trust
|
From: |
Markus Armbruster |
|
Subject: |
Re: [Qemu-devel] [PATCH] coverity-model: replay data is considered trusted |
|
Date: |
Tue, 15 May 2018 14:00:38 +0200 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux) |
Paolo Bonzini <address@hidden> writes:
> Replay data is not considered a possible attack vector; add a model that
> does not use getc so that "tainted data" warnings are suppressed.
>
> Signed-off-by: Paolo Bonzini <address@hidden>
> ---
> scripts/coverity-model.c | 13 +++++++++++++
> 1 file changed, 13 insertions(+)
>
> diff --git a/scripts/coverity-model.c b/scripts/coverity-model.c
> index c702804f41..576f48de33 100644
> --- a/scripts/coverity-model.c
> +++ b/scripts/coverity-model.c
> @@ -103,6 +103,19 @@ static int get_keysym(const name2keysym_t *table,
/* Tainting */
typedef struct {} name2keysym_t;
static int get_keysym(const name2keysym_t *table,
const char *name)
{
int result;
if (result > 0) {
__coverity_tainted_string_sanitize_content__(name);
return result;
} else {
return 0;
> }
> }
>
> +
Does the new model go under /* Tainting */ ?
If yes, I'd like to have just one blank line here.
> +/* Replay data is considered trusted. */
If no, I'd like to insert one here.
> +uint8_t replay_get_byte(void)
> +{
> + uint8_t byte = 0;
> + if (replay_file) {
> + uint8_t c;
> + byte = c;
> + }
> + return byte;
> +}
> +
> +
> /*
> * GLib memory allocation functions.
> *