Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Coverity CID :205662]Memory - illegal accesses in /samples/net/sockets/dumb_http_server_mt/src/main.c #20507

Closed
aasthagr opened this issue Nov 8, 2019 · 2 comments
Closed

[Coverity CID :205662]Memory - illegal accesses in /samples/net/sockets/dumb_http_server_mt/src/main.c #20507

aasthagr opened this issue Nov 8, 2019 · 2 comments
Assignees
@rveerama1
Labels
area: Networking area: Samples Samples bug The issue is a bug, or the PR is fixing a bug Coverity A Coverity detected issue or its fix priority: low Low impact/importance bug

Comments

@aasthagr
Copy link
Collaborator

aasthagr commented Nov 8, 2019

Static code scan issues seen in File: /samples/net/sockets/dumb_http_server_mt/src/main.c
Category: Memory - illegal accesses
Function: client_conn_handler
Component: Samples
CID: 205662
Please fix or provide comments to square it off in coverity in the link: https://scan9.coverity.com/reports.htm#v32951/p12996
@aasthagr aasthagr added area: Samples Samples bug The issue is a bug, or the PR is fixing a bug Coverity A Coverity detected issue or its fix labels Nov 8, 2019
@aasthagr
Copy link
Collaborator Author

aasthagr commented Nov 8, 2019 

*** CID 205662:  Memory - illegal accesses  (STRING_NULL)
/samples/net/sockets/dumb_http_server_mt/src/main.c: 168 in client_conn_handler()
162                        * be used in production code. This is done like this just
163                        * for this sample application to keep things simple.
164                        *
165                        * We are assuming here that the full HTTP request is received
166                        * in one TCP segment which in real life might not.
167                        */
     CID 205662:  Memory - illegal accesses  (STRING_NULL)
     Passing unterminated string "buf" to "strstr", which expects a null-terminated string. [Note: The source code implementation of the function has been overridden by a builtin model.]
168                        if (strstr(buf, "\r\n\r\n")) {
169                                        break;
170                        }
171        } while (true);
172     
173        (void)sendall(client, content, sizeof(content));

@galak galak added the priority: low Low impact/importance bug label Nov 11, 2019
@rveerama1 rveerama1 assigned rveerama1 and unassigned jukkar Nov 21, 2019
rveerama1 added a commit to rveerama1/zephyr that referenced this issue Nov 21, 2019
@rveerama1
samples: net: Fix Coverity issue
17cfa5e 
strstr() expects null-terminated string. But the terminating
null bytes ('\0') are not compared.

Fixes zephyrproject-rtos#20507
Coverity CID :205662

Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
@rveerama1 rveerama1 mentioned this issue Nov 21, 2019
Closed
@rveerama1
Copy link
Collaborator

False positive.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rveerama1 rveerama1

Labels
area: Networking area: Samples Samples bug The issue is a bug, or the PR is fixing a bug Coverity A Coverity detected issue or its fix priority: low Low impact/importance bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix Coverity issue rveerama1/zephyr
5 participants
@jukkar @rveerama1 @galak @aescolar @aasthagr