[Bug 1780018] Re: Defects found in static analysis
James Page
james.page at ubuntu.com
Wed Jul 18 10:50:12 UTC 2018
Hello
Thanks for taking the time to report this bug; this kind of analysis is
probably best fed back to the actual upstream project, rather than to a
distribution. Upstream development happens here:
https://github.com/FastCGI-Archives/fcgi2
Marking this bug as a won't fix for Ubuntu.
** Changed in: libfcgi (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to libfcgi in Ubuntu.
https://bugs.launchpad.net/bugs/1780018
Title:
Defects found in static analysis
Status in libfcgi package in Ubuntu:
Won't Fix
Bug description:
I am using libfcgi-2.4.0 armhf version in my application. Which is available here https://packages.ubuntu.com/trusty/armhf/libfcgi-dev
We run Coverity Scan on code and we have found the following defects:
1. File os_unix.c
line 295 and 398
defect : Copy into fixed size buffer. The string operation will write past the end of the fixed-size
destination buffer if the source buffer is too large. You might overrun the 1024-character
fixed-size string host by copying bindPath without checking the length
2. File fcgiapp.c
line 600
defect : Out-of-bounds access. Access of memory not owned by this buffer may cause crashes or incorrect
computations. Overrunning buffer pointed to by charPtrArg of 7 bytes by passing it to a
function which accesses it at byte offset 999998 using argument precision (which evaluates to
999999).
3. File fcgiapp.c
line 1471
defect : Dereference null return value. If the function actually returns a null value, a null pointer
dereference will occur. Dereferencing strchr(name, 61), which is known to be NULL.
4. File fcgio.cpp
line 157 and 165
defect : Operands don't affect result. The expression's value does not depend on the operands; often,
this represents an inadvertent logic error. result_independent_of_operands: n > 2147483647 is
always false regardless of the values of its operands. This occurs as the logical operand of if
Please let me know if these issues will be getting fixed in coming
versions.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libfcgi/+bug/1780018/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list