Tainted Expression get_sh_entsize(SectionHeader) #89

ArielSAdamsNASA · 2021-09-27T17:03:21Z

Describe the bug
Using tainted expression get_sh_entsize(SectionHeader) as the divisor in get_sh_size(SectionHeader) / get_sh_entsize(SectionHeader).

Expected behavior
Check that get_sh_entsize(SectionHeader) does not equal to 1 so get_sh_entsize(SectionHeader) is not divided by 0.

Code snips

elf2cfetbl/elf2cfetbl.c

Line 1777 in 10f55fb

    
           NumSymbols           = (get_sh_size(SectionHeader) / get_sh_entsize(SectionHeader)) - 1;

System observed on:
Coverity: https://scan.coverity.com/projects/arielsadamsnasa-cfs-jsf-rules?tab=overview

Additional context
Untrusted divisor (TAINTED_SCALAR)

Reporter Info
Ariel Adams, ASRC Federal

Fix nasa#89, Check get_sh_entsize(SectionHeader) value

Combines: nasa/cFE#2001 nasa/osal#1191 nasa/PSP#318 Includes: - nasa/cFE#1663, Use cfe time clock state enum t in cmd/tlm and handling - nasa/cFE#1973, EVS functional test add for different event types - nasa/cFE#1954, Patch for recursive event loop - nasa/cFE#1911, CFE_ES_MemAddOff structure to associated CFE_ES_MemAddress_t and CFE_ES_MemOffset_t - nasa/cFE#1986, Avoid aliasing warnings - nasa/cFE#1975, Message ID type improvements - nasa/cFE#1974, CFE_SB_ValueToMsgId/MsgIdToValue wrappers - nasa/cFE#1663, Use CFE_TIME_ClockState_Enum_t in cmd/tlm and handling - nasa/cFE#1995, Consolidate repeated MSG stub setup in sb_UT - nasa/cFE#1873, Return type conversions in CFE_ES_GetTaskName - nasa/cFE#1966, Better message type pointer conversion - nasa/cFE#2002, Replacing hardcoded message limit in TIME services - nasa/cFE#1909, Use macro in CFE_ResourceId_IsDefined - nasa/cFE#1999, Checking against IsNewOffset only - nasa/osal#1186, Add Duplicate Check to Local Unit Test - nasa/osal#1178, Rename OS_XXXTime to OS_XXXLocalTime in comments - nasa/osal#1168, Fix vxWorks intLib stub aliasing issue - nasa/osal#1169, Recognize ifdef __cplusplus - nasa/osal#1180, Remove extern in stub prototypes - nasa/osal#1112, Add typedef for OSAL status codes - nasa/PSP#301, Sleep before exit when printing - nasa/PSP#314, Check the address in PSP get segment stubs - nasa/elf2cfetbl#89, Check get_sh_entsize(SectionHeader) value - nasa/cFS-GroundSystem#197, Free Address Info for Leak - nasa/sch_lab#95, use separate address variable - nasa/sch_lab#94, Use CFE_MSG_PTR conversion macro - nasa/sample_app#157, Use CFE_MSG_PTR conversion macro - nasa/ci_lab#95, Use CFE_MSG_PTR conversion macro - nasa/to_lab#107, Use CFE_MSG_PTR conversion macro - nasa/elf2cfetbl#93, Check get_sh_entsize(SectionHeader) value Co-authored by: Jacob Hageman skliper@no-reply.github.com Co-authored by: Joseph Hickey jphickey@no-reply.github.com Co-authored by: Ariel Adams ArielSAdamsNASA@no-reply.github.com Co-authored by: Paul pavll@no-reply.github.com Co-authored by: Zachary Gonzalez zachar1a@no-reply.github.com Co-authored by: Sam Price thesamprice@no-reply.github.com Co-authored by: Shefali Sharma Shefali321@no-reply.github.com

Combines: nasa/cFE#2001 nasa/osal#1191 nasa/PSP#318 Includes: - nasa/cFE#1663, Use cfe time clock state enum t in cmd/tlm and handling - nasa/cFE#1973, EVS functional test add for different event types - nasa/cFE#1954, Patch for recursive event loop - nasa/cFE#1911, CFE_ES_MemAddOff structure to associated CFE_ES_MemAddress_t and CFE_ES_MemOffset_t - nasa/cFE#1986, Avoid aliasing warnings - nasa/cFE#1975, Message ID type improvements - nasa/cFE#1974, CFE_SB_ValueToMsgId/MsgIdToValue wrappers - nasa/cFE#1663, Use CFE_TIME_ClockState_Enum_t in cmd/tlm and handling - nasa/cFE#1995, Consolidate repeated MSG stub setup in sb_UT - nasa/cFE#1873, Return type conversions in CFE_ES_GetTaskName - nasa/cFE#1966, Better message type pointer conversion - nasa/cFE#2002, Replacing hardcoded message limit in TIME services - nasa/cFE#1909, Use macro in CFE_ResourceId_IsDefined - nasa/cFE#1999, Checking against IsNewOffset only - nasa/osal#1186, Add Duplicate Check to Local Unit Test - nasa/osal#1178, Rename OS_XXXTime to OS_XXXLocalTime in comments - nasa/osal#1168, Fix vxWorks intLib stub aliasing issue - nasa/osal#1169, Recognize ifdef __cplusplus - nasa/osal#1180, Remove extern in stub prototypes - nasa/osal#1112, Add typedef for OSAL status codes - nasa/PSP#301, Sleep before exit when printing - nasa/PSP#314, Check the address in PSP get segment stubs - nasa/elf2cfetbl#89, Check get_sh_entsize(SectionHeader) value - nasa/cFS-GroundSystem#197, Free Address Info for Leak - nasa/sch_lab#95, use separate address variable - nasa/sch_lab#94, Use CFE_MSG_PTR conversion macro - nasa/sample_app#157, Use CFE_MSG_PTR conversion macro - nasa/ci_lab#95, Use CFE_MSG_PTR conversion macro - nasa/to_lab#107, Use CFE_MSG_PTR conversion macro - nasa/elf2cfetbl#93, Check get_sh_entsize(SectionHeader) value Co-authored by: Jacob Hageman <skliper@no-reply.github.com> Co-authored by: Joseph Hickey <jphickey@no-reply.github.com> Co-authored by: Ariel Adams <ArielSAdamsNASA@no-reply.github.com> Co-authored by: Paul <pavll@no-reply.github.com> Co-authored by: Zachary Gonzalez <zachar1a@no-reply.github.com> Co-authored by: Sam Price <thesamprice@no-reply.github.com> Co-authored by: Shefali Sharma <Shefali321@no-reply.github.com>

Combines: nasa/cFE#2001 nasa/osal#1191 nasa/PSP#318 Includes: - nasa/cFE#1663, Use cfe time clock state enum t in cmd/tlm and handling - nasa/cFE#1973, EVS functional test add for different event types - nasa/cFE#1954, Patch for recursive event loop - nasa/cFE#1911, CFE_ES_MemAddOff structure to associated CFE_ES_MemAddress_t and CFE_ES_MemOffset_t - nasa/cFE#1986, Avoid aliasing warnings - nasa/cFE#1975, Message ID type improvements - nasa/cFE#1974, CFE_SB_ValueToMsgId/MsgIdToValue wrappers - nasa/cFE#1663, Use CFE_TIME_ClockState_Enum_t in cmd/tlm and handling - nasa/cFE#1995, Consolidate repeated MSG stub setup in sb_UT - nasa/cFE#1873, Return type conversions in CFE_ES_GetTaskName - nasa/cFE#1966, Better message type pointer conversion - nasa/cFE#2002, Replacing hardcoded message limit in TIME services - nasa/cFE#1909, Use macro in CFE_ResourceId_IsDefined - nasa/cFE#1999, Checking against IsNewOffset only - nasa/osal#1186, Add Duplicate Check to Local Unit Test - nasa/osal#1178, Rename OS_XXXTime to OS_XXXLocalTime in comments - nasa/osal#1168, Fix vxWorks intLib stub aliasing issue - nasa/osal#1169, Recognize ifdef __cplusplus - nasa/osal#1180, Remove extern in stub prototypes - nasa/osal#1112, Add typedef for OSAL status codes - nasa/PSP#301, Sleep before exit when printing - nasa/PSP#314, Check the address in PSP get segment stubs - nasa/elf2cfetbl#89, Check get_sh_entsize(SectionHeader) value - nasa/cFS-GroundSystem#197, Free Address Info for Leak - nasa/sch_lab#95, use separate address variable - nasa/sch_lab#94, Use CFE_MSG_PTR conversion macro - nasa/sample_app#157, Use CFE_MSG_PTR conversion macro - nasa/ci_lab#95, Use CFE_MSG_PTR conversion macro - nasa/to_lab#107, Use CFE_MSG_PTR conversion macro - nasa/elf2cfetbl#93, Check get_sh_entsize(SectionHeader) value Co-authored-by: Jacob Hageman <skliper@no-reply.github.com> Co-authored-by: Joseph Hickey <jphickey@no-reply.github.com> Co-authored-by: Ariel Adams <ArielSAdamsNASA@no-reply.github.com> Co-authored-by: Paul <pavll@no-reply.github.com> Co-authored-by: Zachary Gonzalez <zachar1a@no-reply.github.com> Co-authored-by: Sam Price <thesamprice@no-reply.github.com> Co-authored-by: Shefali Sharma <Shefali321@no-reply.github.com>

Combines: nasa/cFE#2001 nasa/osal#1191 nasa/PSP#318 Includes: - nasa/cFE#1663, Use cfe time clock state enum t in cmd/tlm and handling - nasa/cFE#1973, EVS functional test add for different event types - nasa/cFE#1954, Patch for recursive event loop - nasa/cFE#1911, CFE_ES_MemAddOff structure to associated CFE_ES_MemAddress_t and CFE_ES_MemOffset_t - nasa/cFE#1986, Avoid aliasing warnings - nasa/cFE#1975, Message ID type improvements - nasa/cFE#1974, CFE_SB_ValueToMsgId/MsgIdToValue wrappers - nasa/cFE#1663, Use CFE_TIME_ClockState_Enum_t in cmd/tlm and handling - nasa/cFE#1995, Consolidate repeated MSG stub setup in sb_UT - nasa/cFE#1873, Return type conversions in CFE_ES_GetTaskName - nasa/cFE#1966, Better message type pointer conversion - nasa/cFE#2002, Replacing hardcoded message limit in TIME services - nasa/cFE#1909, Use macro in CFE_ResourceId_IsDefined - nasa/cFE#1999, Checking against IsNewOffset only - nasa/osal#1186, Add Duplicate Check to Local Unit Test - nasa/osal#1178, Rename OS_XXXTime to OS_XXXLocalTime in comments - nasa/osal#1168, Fix vxWorks intLib stub aliasing issue - nasa/osal#1169, Recognize ifdef __cplusplus - nasa/osal#1180, Remove extern in stub prototypes - nasa/osal#1112, Add typedef for OSAL status codes - nasa/PSP#301, Sleep before exit when printing - nasa/PSP#314, Check the address in PSP get segment stubs - nasa/elf2cfetbl#89, Check get_sh_entsize(SectionHeader) value - nasa/cFS-GroundSystem#197, Free Address Info for Leak - nasa/sch_lab#95, use separate address variable - nasa/sch_lab#94, Use CFE_MSG_PTR conversion macro - nasa/sample_app#157, Use CFE_MSG_PTR conversion macro - nasa/ci_lab#95, Use CFE_MSG_PTR conversion macro - nasa/to_lab#107, Use CFE_MSG_PTR conversion macro - nasa/elf2cfetbl#93, Check get_sh_entsize(SectionHeader) value Co-authored-by: Jacob Hageman <skliper@users.no-reply.github.com> Co-authored-by: Joseph Hickey <jphickey@users.no-reply.github.com> Co-authored-by: Ariel Adams <ArielSAdamsNASA@users.no-reply.github.com> Co-authored-by: Paul <pavll@users.no-reply.github.com> Co-authored-by: Zachary Gonzalez <zachar1a@users.no-reply.github.com> Co-authored-by: Sam Price <thesamprice@users.no-reply.github.com> Co-authored-by: Shefali Sharma <Shefali321@users.no-reply.github.com>

Combines: nasa/cFE#2001 nasa/osal#1191 nasa/PSP#318 Includes: - nasa/cFE#1663, Use cfe time clock state enum t in cmd/tlm and handling - nasa/cFE#1973, EVS functional test add for different event types - nasa/cFE#1954, Patch for recursive event loop - nasa/cFE#1911, CFE_ES_MemAddOff structure to associated CFE_ES_MemAddress_t and CFE_ES_MemOffset_t - nasa/cFE#1986, Avoid aliasing warnings - nasa/cFE#1975, Message ID type improvements - nasa/cFE#1974, CFE_SB_ValueToMsgId/MsgIdToValue wrappers - nasa/cFE#1663, Use CFE_TIME_ClockState_Enum_t in cmd/tlm and handling - nasa/cFE#1995, Consolidate repeated MSG stub setup in sb_UT - nasa/cFE#1873, Return type conversions in CFE_ES_GetTaskName - nasa/cFE#1966, Better message type pointer conversion - nasa/cFE#2002, Replacing hardcoded message limit in TIME services - nasa/cFE#1909, Use macro in CFE_ResourceId_IsDefined - nasa/cFE#1999, Checking against IsNewOffset only - nasa/osal#1186, Add Duplicate Check to Local Unit Test - nasa/osal#1178, Rename OS_XXXTime to OS_XXXLocalTime in comments - nasa/osal#1168, Fix vxWorks intLib stub aliasing issue - nasa/osal#1169, Recognize ifdef __cplusplus - nasa/osal#1180, Remove extern in stub prototypes - nasa/osal#1112, Add typedef for OSAL status codes - nasa/PSP#301, Sleep before exit when printing - nasa/PSP#314, Check the address in PSP get segment stubs - nasa/elf2cfetbl#89, Check get_sh_entsize(SectionHeader) value - nasa/cFS-GroundSystem#197, Free Address Info for Leak - nasa/sch_lab#95, use separate address variable - nasa/sch_lab#94, Use CFE_MSG_PTR conversion macro - nasa/sample_app#157, Use CFE_MSG_PTR conversion macro - nasa/ci_lab#95, Use CFE_MSG_PTR conversion macro - nasa/to_lab#107, Use CFE_MSG_PTR conversion macro - nasa/elf2cfetbl#93, Check get_sh_entsize(SectionHeader) value Co-authored-by: Jacob Hageman <skliper@users.noreply.github.com> Co-authored-by: Joseph Hickey <jphickey@users.noreply.github.com> Co-authored-by: Ariel Adams <ArielSAdamsNASA@users.noreply.github.com> Co-authored-by: Paul <pavll@users.noreply.github.com> Co-authored-by: Zachary Gonzalez <zachar1a@users.noreply.github.com> Co-authored-by: Sam Price <thesamprice@users.noreply.github.com> Co-authored-by: Shefali Sharma <Shefali321@users.noreply.github.com>

Combines: nasa/cFE#2001 nasa/osal#1191 nasa/PSP#318 nasa/ci_lab#101 nasa/sch_lab#102 nasa/to_lab#112 nasa/sample_app#163 nasa/cFS-GroundSystem#201 nasa/elf2cfetbl#98 Includes: *cFE* - nasa/cFE#1663, Use cfe time clock state enum t in cmd/tlm and handling - nasa/cFE#1973, EVS functional test add for different event types - nasa/cFE#1954, Patch for recursive event loop - nasa/cFE#1911, CFE_ES_MemAddOff structure to associated CFE_ES_MemAddress_t and CFE_ES_MemOffset_t - nasa/cFE#1986, Avoid aliasing warnings - nasa/cFE#1975, Message ID type improvements - nasa/cFE#1974, CFE_SB_ValueToMsgId/MsgIdToValue wrappers - nasa/cFE#1663, Use CFE_TIME_ClockState_Enum_t in cmd/tlm and handling - nasa/cFE#1995, Consolidate repeated MSG stub setup in sb_UT - nasa/cFE#1873, Return type conversions in CFE_ES_GetTaskName - nasa/cFE#1966, Better message type pointer conversion - nasa/cFE#2002, Replacing hardcoded message limit in TIME services - nasa/cFE#1909, Use macro in CFE_ResourceId_IsDefined - nasa/cFE#1999, Checking against IsNewOffset only *osal* - nasa/osal#1186, Add Duplicate Check to Local Unit Test - nasa/osal#1178, Rename OS_XXXTime to OS_XXXLocalTime in comments - nasa/osal#1168, Fix vxWorks intLib stub aliasing issue - nasa/osal#1169, Recognize ifdef __cplusplus - nasa/osal#1180, Remove extern in stub prototypes - nasa/osal#1112, Add typedef for OSAL status codes *PSP* - nasa/PSP#301, Sleep before exit when printing - nasa/PSP#314, Check the address in PSP get segment stubs *Tools* - nasa/elf2cfetbl#89, Check get_sh_entsize(SectionHeader) value - nasa/elf2cfetbl#93, Check get_sh_entsize(SectionHeader) value - nasa/cFS-GroundSystem#197, Free Address Info for Leak *Apps* - nasa/sch_lab#95, use separate address variable - nasa/sch_lab#94, Use CFE_MSG_PTR conversion macro - nasa/sample_app#157, Use CFE_MSG_PTR conversion macro - nasa/ci_lab#95, Use CFE_MSG_PTR conversion macro - nasa/to_lab#107, Use CFE_MSG_PTR conversion macro Co-authored-by: Jacob Hageman <skliper@users.noreply.github.com> Co-authored-by: Joseph Hickey <jphickey@users.noreply.github.com> Co-authored-by: Ariel Adams <ArielSAdamsNASA@users.noreply.github.com> Co-authored-by: Paul <pavll@users.noreply.github.com> Co-authored-by: Zachary Gonzalez <zachar1a@users.noreply.github.com> Co-authored-by: Sam Price <thesamprice@users.noreply.github.com> Co-authored-by: Shefali Sharma <Shefali321@users.noreply.github.com>

ArielSAdamsNASA self-assigned this Oct 12, 2021

ArielSAdamsNASA pushed a commit that referenced this issue Oct 12, 2021

Fix #89, Check get_sh_entsize(SectionHeader) value

cba638a

ArielSAdamsNASA pushed a commit that referenced this issue Oct 12, 2021

Fix #89, Check get_sh_entsize(SectionHeader) value

e1a0654

ArielSAdamsNASA mentioned this issue Oct 12, 2021

Fix #89, Check get_sh_entsize(SectionHeader) value #93

Merged

ArielSAdamsNASA pushed a commit that referenced this issue Oct 12, 2021

Fix #89, Check get_sh_entsize(SectionHeader) value

9fbe426

ArielSAdamsNASA pushed a commit that referenced this issue Oct 12, 2021

Fix #89, Check get_sh_entsize(SectionHeader) value

569367f

skliper added the enhancement New feature or request label Oct 22, 2021

astrogeco added a commit to astrogeco/elf2cfetbl that referenced this issue Nov 3, 2021

Merge pull request nasa#93 from fix-89-tainted-expression

5467a3a

Fix nasa#89, Check get_sh_entsize(SectionHeader) value

astrogeco added a commit to astrogeco/cFS that referenced this issue Nov 3, 2021

Add nasa/elf2cfetbl#89, Check get_sh_entsize(SectionHeader) value

58489a0

This was referenced Nov 17, 2021

cFS Bundle Integration candidate: Caelum+dev1 nasa/cFS#390

Merged

elf2cfetbl Integration candidate: Caelum+dev1 #98

Merged

astrogeco closed this as completed in 7fcf9ac Dec 6, 2021

astrogeco closed this as completed in #93 Dec 6, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Tainted Expression get_sh_entsize(SectionHeader) #89

Tainted Expression get_sh_entsize(SectionHeader) #89

ArielSAdamsNASA commented Sep 27, 2021

Tainted Expression get_sh_entsize(SectionHeader) #89

Tainted Expression get_sh_entsize(SectionHeader) #89

Comments

ArielSAdamsNASA commented Sep 27, 2021