8 Jul
2013
8 Jul
'13
1:28 a.m.
Hi Holger,
On Fri, Jul 05, 2013 at 07:24:49PM +0200, Holger Hans Peter Freyther wrote:
[...]
Just pushed a patch for this, let's see if it calms down coverity.
[...]
Should not
happen either, but added the close as you suggested.
OSMO_ASSERT(link->accept_cb) maybe? Coverity is still not happy
about the ret (mostly because it doesn't find an assignment but
then I would probably need to build every project as one thing).
E.g. we don't check the return value of accept_cb, but if you
want to, I can close this as a false positive now. I don't
have any msidn card. It seems we don't have any ->close
callback in the line set to close that socket, but I prefer to leave
as is by now until I/someone else can confirm this.
I think 'sk' is only used to gain information about the mISDN device
(it is a bit racy, as at the time we use it the card might be gone,
I assume we can just close the sk after the last ioctl).
CID 1042368 (#1 of 1): Out-of-bounds read (OVERRUN)
3. overrun-local: Overrunning array "span_cfgs" of 128 4-byte elements at
element index 128 (byte offset 512) using index "line->port_nr" (which
evaluates to 128).
407 scfg = span_cfgs[line->port_nr];
So I think this needs to be a >=. Please use CID in the commit message
when fixing it (or in case you are busy and ack that >= is the right
fix I will make the commit).
I just noticed that you pushed two patches for this. Thanks.
BTW, I'm hitting this compilation warning here:
trau/osmo_ortp.c: In function 'osmo_rtcp_fd_cb':
trau/osmo_ortp.c:207:2: warning: implicit declaration of function
'rtp_session_rtcp_recv' [-Wimplicit-function-declaration]
I can find that function defined in a private header of ortp, any clue
on why we need it there?