-
Notifications
You must be signed in to change notification settings - Fork 247
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix issues in the hidsim-plugin, which were identified by static code analysis #1255
Merged
tklengyel
merged 1 commit into
tklengyel:master
from
jgru:fix-coverity-issues-of-hidsim
Jul 10, 2021
Merged
Fix issues in the hidsim-plugin, which were identified by static code analysis #1255
tklengyel
merged 1 commit into
tklengyel:master
from
jgru:fix-coverity-issues-of-hidsim
Jul 10, 2021
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Can one of the admins verify this patch? |
@drakvuf-jenkins This is OK to test |
tklengyel
reviewed
Jul 10, 2021
tklengyel
reviewed
Jul 10, 2021
tklengyel
reviewed
Jul 10, 2021
jgru
force-pushed
the
fix-coverity-issues-of-hidsim
branch
from
July 10, 2021 13:39
d80359b
to
8ddf6e7
Compare
tklengyel
reviewed
Jul 10, 2021
tklengyel
reviewed
Jul 10, 2021
* Fix usage of strdup(...) with unterminated string (CID 350859) Fix usage of strdup(...) with an unterminated string in l.25 qmp_connection.cpp, which was recorded as CID 350859. * Fix resource leaks in get_display_dimensions(...) (CID 350857) Fix resource leaks in get_display_dimensions(...) of the file /src/plugins/hidsim/hid_injection.cpp, which was identified as CID 350857 by coverity. * Fix unterminated strings in qmp_init_conn() (CID 350854) Fix issues with unterminated strings in qmp_init_conn() of the file src/plugins/hidsim/qmp_connection.cpp, which were identified as CID 350854 by coverity. * Fix potential buffer overflow (CID 350852) Fix a potential buffer overflow vulnerability in l. 208 of get_display_dimensions in file src/plugins/hidsim/hid_injection.cpp, which was identified as CID 350852 by coverity * Fix submission of tainted data to usleep (CID 350851) Fix the submission of tainted data to usleep(...) in l. 615 and 677 of run_template_injection() in src/plugins/hidsim/\ hid_injection.cpp, which was identified as CID 350851 by coverity. * Fix calculations with tainted scalar (CID 350855) Fix calculations with tainted scalar in l. 217 f. in get_display_dimensions(...) of src/plugins/hidsim/hid_injection.cpp, which was identified as CID 350855 by coverity. * Replace rand with mt19937 to fix WEAK_CRYPTO-issues (CID 350860) Replace rand() with Mersenne Twister implementation (std::mt19937) to fix DC.WEAK_CRYPTO-issues, which were identified as CID 350860, 350858 and 350853 by coverity. * Clean-up coding style
jgru
force-pushed
the
fix-coverity-issues-of-hidsim
branch
from
July 10, 2021 15:21
8ddf6e7
to
934e565
Compare
|
jgru
added a commit
to jgru/drakvuf
that referenced
this pull request
Jul 11, 2021
* Fix use after free of filestream (CID 350856) Fix use after free in l. 731 of hid_cleanup(), which was identified as CID 350856 by coverity. * Fix use after close in get_display_dimensions(...) (CID 350879) Fix use after close of file stream in l. 242 in get_display_\ dimensions(...), which was identified as CID 350879 by coverity. * Fix untrusted divisor in get_display_dimensions (CID 350855) Fix untrusted divisor in l. 249 of get_display_dimensions(...), which was identified CID 350855 by coverity. Furthermore, guard against unnecessary big screensizes.
Addressed in PR #1256 |
tklengyel
pushed a commit
that referenced
this pull request
Jul 11, 2021
* Fix use after free of filestream (CID 350856) Fix use after free in l. 731 of hid_cleanup(), which was identified as CID 350856 by coverity. * Fix use after close in get_display_dimensions(...) (CID 350879) Fix use after close of file stream in l. 242 in get_display_\ dimensions(...), which was identified as CID 350879 by coverity. * Fix untrusted divisor in get_display_dimensions (CID 350855) Fix untrusted divisor in l. 249 of get_display_dimensions(...), which was identified CID 350855 by coverity. Furthermore, guard against unnecessary big screensizes.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Dear Tamas,
this PR addresses the following issues, which were identified by Coverity, and tries to solve those:
strdup(...)
with unterminated stringget_display_dimensions(...)
get_display_dimensions(...)
qmp_init_conn()
get_display_dimensions(...)
usleep(...)
get_display_dimensions(...)
rand()
withstd::mt19937
to fix WEAK_CRYPTO-warningrand()
withstd::mt19937
to fix WEAK_CRYPTO-warningrand()
withstd::mt19937
to fix WEAK_CRYPTO-warningBesides that, a few minor clean-ups have been performed.
Thank you already in advance for considering this PR.
I hope, that this patch will solve the problems introduced by #1245.
Best regards
Jan