New Defects reported by Coverity Scan for Osmocom

This is merely a historical archive of years 2008-2021, before the migration to mailman3.

A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/OpenBSC@lists.osmocom.org/.

Neels Hofmeyr nhofmeyr at sysmocom.de
Mon Jan 15 12:20:42 UTC 2018 

The hnbgw ones are my fault, am a bit puzzled that they took this long to show up in coverity.

~N

On Sat, Jan 13, 2018 at 04:26:56PM +0000, scan-admin at coverity.com wrote:
> 
> Hi,
> 
> Please find the latest report on new defect(s) introduced to Osmocom found with Coverity Scan.
> 
> 6 new defect(s) introduced to Osmocom found with Coverity Scan.
> 3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
> 
> New defect(s) Reported-by: Coverity Scan
> Showing 6 of 6 defect(s)
> 
> 
> ** CID 181969:    (UNINIT)
> /source-Osmocom/osmo-iuh/src/hnbgw_rua.c: 218 in rua_to_scu()
> /source-Osmocom/osmo-iuh/src/hnbgw_rua.c: 274 in rua_to_scu()
> 
> 
> ________________________________________________________________________________________________________
> *** CID 181969:    (UNINIT)
> /source-Osmocom/osmo-iuh/src/hnbgw_rua.c: 218 in rua_to_scu()
> 212     
> 213     	prim = (struct osmo_scu_prim *) msgb_put(msg, sizeof(*prim));
> 214     	osmo_prim_init(&prim->oph, SCCP_SAP_USER, type, PRIM_OP_REQUEST, msg);
> 215     
> 216     	switch (type) {
> 217     	case OSMO_SCU_PRIM_N_UNITDATA:
> >>>     CID 181969:    (UNINIT)
> >>>     Using uninitialized value "map".
> 218     		DEBUGP(DRUA, "rua_to_scu() %s to %s, rua_ctx_id %u (unitdata, no scu_conn_id)\n",
> 219     		       cn_domain_indicator_to_str(cN_DomainIndicator),
> 220     		       osmo_sccp_addr_dump(remote_addr),
> 221     		       map->rua_ctx_id);
> 222     		break;
> 223     	default:
> /source-Osmocom/osmo-iuh/src/hnbgw_rua.c: 274 in rua_to_scu()
> 268     		msg->l2h = msgb_put(msg, len);
> 269     		memcpy(msg->l2h, data, len);
> 270     	}
> 271     
> 272     	rc = osmo_sccp_user_sap_down(cn->sccp_user, &prim->oph);
> 273     
> >>>     CID 181969:    (UNINIT)
> >>>     Using uninitialized value "map".
> 274     	if (map && release_context_map)
> 275     		context_map_deactivate(map);
> 276     
> 277     	return rc;
> 278     }
> 279     
> 
> ** CID 181968:  Uninitialized variables  (UNINIT)
> /source-Osmocom/osmo-iuh/src/hnbgw_cn.c: 219 in _cn_ranap_rx()
> 
> 
> ________________________________________________________________________________________________________
> *** CID 181968:  Uninitialized variables  (UNINIT)
> /source-Osmocom/osmo-iuh/src/hnbgw_cn.c: 219 in _cn_ranap_rx()
> 213     	default:
> 214     		LOGP(DRANAP, LOGL_NOTICE, "Received suspicious RANAP "
> 215     		     "presence %u from CN, ignoring\n", pdu->present);
> 216     		break;
> 217     	}
> 218     
> >>>     CID 181968:  Uninitialized variables  (UNINIT)
> >>>     Using uninitialized value "rc".
> 219     	return rc;
> 220     }
> 221     
> 222     static int handle_cn_ranap(struct hnbgw_cnlink *cnlink, const uint8_t *data,
> 223     			   unsigned int len)
> 224     {
> 
> ** CID 181967:  Security best practices violations  (DC.WEAK_CRYPTO)
> /source-Osmocom/osmo-trx/tests/Transceiver52M/convolve_test.c: 22 in gen_floats()

[...]

> *** CID 135219:  API usage errors  (PW.PRINTF_ARG_MISMATCH)
> /source-Osmocom/osmo-iuh/src/hnbgw_rua.c: 201 in ()
> 195     		break;
> 196     	case RUA_CN_DomainIndicator_ps_domain:
> 197     		remote_addr = &hnb->gw->sccp.iups_remote_addr;
> 198     		is_ps = true;
> 199     		break;
> 200     	default:
> >>>     CID 135219:  API usage errors  (PW.PRINTF_ARG_MISMATCH)
> >>>     argument is incompatible with corresponding format string conversion
> 201     		LOGP(DRUA, LOGL_ERROR, "Unsupported Domain %u\n",
> 202     		     cN_DomainIndicator);
> 203     		return -1;
> 204     	}
> 205     
> 206     	if (!cn) {
> 
> ** CID 57733:  Uninitialized variables  (MISSING_RETURN)
> /source-Osmocom/osmo-iuh/src/hnbgw_hnbap.c: 531 in hnbgw_rx_unsuccessful_outcome_msg()
> 
> 
> ________________________________________________________________________________________________________
> *** CID 57733:  Uninitialized variables  (MISSING_RETURN)
> /source-Osmocom/osmo-iuh/src/hnbgw_hnbap.c: 531 in hnbgw_rx_unsuccessful_outcome_msg()
> 525     
> 526     }
> 527     
> 528     static int hnbgw_rx_unsuccessful_outcome_msg(struct hnb_context *hnb, UnsuccessfulOutcome_t *msg)
> 529     {
> 530     
> >>>     CID 57733:  Uninitialized variables  (MISSING_RETURN)
> >>>     Arriving at the end of a function without returning a value.
> 531     }
> 532     
> 533     
> 534     static int _hnbgw_hnbap_rx(struct hnb_context *hnb, HNBAP_PDU_t *pdu)
> 535     {
> 536     	int rc = 0;
> 
> ** CID 57732:  Uninitialized variables  (MISSING_RETURN)
> /source-Osmocom/osmo-iuh/src/hnbgw_hnbap.c: 526 in hnbgw_rx_successful_outcome_msg()
> 
> 
> ________________________________________________________________________________________________________
> *** CID 57732:  Uninitialized variables  (MISSING_RETURN)
> /source-Osmocom/osmo-iuh/src/hnbgw_hnbap.c: 526 in hnbgw_rx_successful_outcome_msg()
> 520     	return rc;
> 521     }
> 522     
> 523     static int hnbgw_rx_successful_outcome_msg(struct hnb_context *hnb, SuccessfulOutcome_t *msg)
> 524     {
> 525     
> >>>     CID 57732:  Uninitialized variables  (MISSING_RETURN)
> >>>     Arriving at the end of a function without returning a value.
> 526     }
> 527     
> 528     static int hnbgw_rx_unsuccessful_outcome_msg(struct hnb_context *hnb, UnsuccessfulOutcome_t *msg)
> 529     {
> 530     
> 531     }
> 
> 
> ________________________________________________________________________________________________________
> To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZRgA0iChuO-2FGX0POK2RKsukBc1qHTwF2SHZpn6wOsolg-3D-3D_NeAJonveXivhzKyNx2umY31POArq17SmfipFEiTlbGGbqUVND0YydKGhSS0ma6Kk6mP1n2YFSaNrTLp1JGaaJcs0MJrwL5iMOuvWNY5qWCC0Dvm07rZiRglamZqwZpQTpGx7PVQUSrzdqRrBgAK-2FCbgDBcS51HeEoxyVVR042O9upCKnAJrNdNAqTqjAXH5NK0izNSdH5EGO8-2FFe5A8vMemtfm-2FUx1BqF1HY-2FjRsq10-3D
> 
> To manage Coverity Scan email notifications for "nhofmeyr at sysmocom.de", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4VngPiVJb2v7ebXRF7QR8XkZ9r0tTrYp-2F0MW-2FEWllzpkyCC83LXF7q-2FHm2-2BquI0NN6y2ZgcVxPTvklWSJL2RR9R8Aq2Y2qnMdw30sEcvVsU8-3D_NeAJonveXivhzKyNx2umY31POArq17SmfipFEiTlbGGbqUVND0YydKGhSS0ma6Kk-2FQN-2BGaGcgoQCOxyHuNv6A9FGMIGYPiDbbpbyeDI-2F0L43PIzVtxLnklKhr4QnRvh-2BXgAMLWFqbsZdnylGi5HANKl24TfcI-2BvYFqwtJ9eAN6h98Z-2FSZlQz32-2B4IIjE26VdtxQqGcuUjp3Xt-2B8qHAnL-2B4-2BlJtQFhXA3OhmXWVrzkeY-3D
> 

-- 
- Neels Hofmeyr <nhofmeyr at sysmocom.de>          http://www.sysmocom.de/
=======================================================================
* sysmocom - systems for mobile communications GmbH
* Alt-Moabit 93
* 10559 Berlin, Germany
* Sitz / Registered office: Berlin, HRB 134158 B
* Geschäftsführer / Managing Directors: Harald Welte
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.osmocom.org/pipermail/openbsc/attachments/20180115/c63f980a/attachment.bin>

More information about the OpenBSC mailing list