Coverity Scan: Analysis completed for google/minijail
27 views
Skip to first unread message
scan-...@coverity.com
May 23, 2023, 11:02:01 PM5/23/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50ypiIDkf7REj-2FhdhF-2B-2BeHWXp4Uv-2B5PFphiF51qF00l-2FglQ-3D-3DhdlQ_kQtohXqLZKT7Ssf3HZCJny0UriR8hzRQOvFsku1QejIVztvEM-2FfynRE4O-2FJ-2Byj9WGlSveHMwa56x1-2FE5Z-2FVp2924eyoyp6Mx3u6-2FtCiC-2BHPd4-2Bbbbij3ifdRLCuS7Wpwz9Xq3497pC5DyaxHcAlhveno3WYpjKOCdCwish9k1k8FoabpKb04Rh-2BAgLrTwQWPdcTy8ajEF-2F4Asf-2BqFqQvsA-3D-3D
Build ID: 533908
Analysis Summary:
New defects found: 5
Defects eliminated: 0
If you have difficulty understanding any defects, email us at scan-...@coverity.com,
or post your question to StackOverflow
at https://u15810271.ct.sendgrid.net/ls/click?upn=CTPegkVN6peWFCMEieYYmPWIi1E4yUS9EoqKFcNAiqhRq8qmgeBE-2Bdt3uvFRAFXd-2FlwX83-2FVVdybfzIMOby0qA-3D-3DgjFb_kQtohXqLZKT7Ssf3HZCJny0UriR8hzRQOvFsku1QejIVztvEM-2FfynRE4O-2FJ-2Byj9WCKKF1l25vTeXoi3iiDYEVLgQdHkfJnU0lDaQlWwT2jdANoffTQzzQ-2Ff6q5yV5RzCjMDvSjVO-2BPBCSr0CAytUa15qSvhN3gqqCPdW2YbLBAhefzw-2FI59E5clkjHMzGr98N2fEvTzDX6nFqSqSa0ykmQ-3D-3D
Mike Frysinger
May 23, 2023, 11:37:23 PM5/23/23
to mini...@chromium.org
i posted comments to the CLs that introduced the new warnings
-mike
--
You received this message because you are subscribed to the Google Groups "minijail" group.
To unsubscribe from this group and stop receiving emails from it, send an email to minijail+u...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/minijail/646d7e26acf61_9a0d52b049c1839888220%40prd-scan-dashboard-0.mail.
scan-...@coverity.com
May 30, 2023, 10:57:48 PM5/30/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 535170
Analysis Summary:
New defects found: 0
Defects eliminated: 2
scan-...@coverity.com
Jun 6, 2023, 10:57:58 PM6/6/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 536675
Analysis Summary:
New defects found: 0
scan-...@coverity.com
Jun 13, 2023, 10:55:57 PM6/13/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 538070
scan-...@coverity.com
Jun 20, 2023, 10:48:18 PM6/20/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 539476
scan-...@coverity.com
Jun 27, 2023, 11:29:30 PM6/27/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 540853
scan-...@coverity.com
Jul 4, 2023, 10:59:39 PM7/4/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 542272
scan-...@coverity.com
Jul 11, 2023, 10:58:39 PM7/11/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 543699
Analysis Summary:
New defects found: 0
scan-...@coverity.com
Jul 18, 2023, 11:26:39 PM7/18/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 545014
Analysis Summary:
New defects found: 0
scan-...@coverity.com
Jul 25, 2023, 10:59:17 PM7/25/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 546606
Analysis Summary:
New defects found: 0
scan-...@coverity.com
Aug 1, 2023, 10:42:15 PM8/1/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 548068
scan-...@coverity.com
Aug 8, 2023, 10:50:15 PM8/8/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 549493
scan-...@coverity.com
Aug 15, 2023, 10:50:50 PM8/15/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 551012
scan-...@coverity.com
Aug 22, 2023, 10:55:40 PM8/22/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 552445
scan-...@coverity.com
Aug 29, 2023, 10:48:42 PM8/29/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 553822
scan-...@coverity.com
Sep 5, 2023, 10:44:16 PM9/5/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 555176
scan-...@coverity.com
Sep 12, 2023, 10:51:15 PM9/12/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 556432
scan-...@coverity.com
Sep 19, 2023, 10:42:58 PM9/19/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 557702
scan-...@coverity.com
Sep 26, 2023, 10:42:40 PM9/26/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 559261
scan-...@coverity.com
Oct 3, 2023, 10:43:54 PM10/3/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 560817
scan-...@coverity.com
Oct 10, 2023, 10:44:09 PM10/10/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 562406
scan-...@coverity.com
Oct 17, 2023, 10:42:37 PM10/17/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 564032
scan-...@coverity.com
Oct 24, 2023, 10:42:40 PM10/24/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 565626
scan-...@coverity.com
Oct 31, 2023, 10:50:07 PM10/31/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 567117
scan-...@coverity.com
Nov 7, 2023, 9:44:08 PM11/7/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 568782
scan-...@coverity.com
Nov 14, 2023, 9:50:09 PM11/14/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 570253
scan-...@coverity.com
Nov 21, 2023, 9:53:16 PM11/21/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 571915
Analysis Summary:
New defects found: 1
Defects eliminated: 0
If you have difficulty understanding any defects, email us at scan-...@coverity.com,
or post your question to StackOverflow
at https://u15810271.ct.sendgrid.net/ls/click?upn=CTPegkVN6peWFCMEieYYmPWIi1E4yUS9EoqKFcNAiqhRq8qmgeBE-2Bdt3uvFRAFXdWuYPtetdiJ46h-2Fd1eC1gFA-3D-3DyVQc_kQtohXqLZKT7Ssf3HZCJny0UriR8hzRQOvFsku1QejKmZu85pYv-2BJOLKcP9JBwazJFdj1krQS24UWc5AGLjskzHS82SBLKN5fUl8FGen51dUr8Kbp8s3HuX1mH-2B66-2BD7vLFc6D0LnTgTz7BtPtUKP6F93Q-2FUsgdDBDGU2muqYoHoUntyWmB1HBRP3Ej0t9lC-2Bg1E40K0CZciUq3kaz2UGYcwySXi7AK-2BddJ7zashdcE-3D
scan-...@coverity.com
Nov 28, 2023, 9:43:14 PM11/28/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 573564
Analysis Summary:
New defects found: 0
Defects eliminated: 1
scan-...@coverity.com
Dec 5, 2023, 9:51:50 PM12/5/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 575101
Analysis Summary:
New defects found: 0
scan-...@coverity.com
Dec 12, 2023, 9:53:08 PM12/12/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 576738
scan-...@coverity.com
Dec 19, 2023, 9:41:48 PM12/19/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 578316
scan-...@coverity.com
Dec 26, 2023, 9:42:16 PM12/26/23
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 579643
scan-...@coverity.com
Jan 2, 2024, 9:42:15 PM1/2/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 581339
scan-...@coverity.com
Jan 9, 2024, 10:19:53 PM1/9/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 582827
scan-...@coverity.com
Jan 16, 2024, 9:43:58 PM1/16/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 584789
scan-...@coverity.com
Jan 23, 2024, 9:44:36 PM1/23/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 586547
scan-...@coverity.com
Jan 30, 2024, 9:45:08 PM1/30/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 588203
scan-...@coverity.com
Feb 6, 2024, 10:12:39 PM2/6/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 589814
scan-...@coverity.com
Feb 13, 2024, 9:45:55 PM2/13/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 591390
Analysis Summary:
New defects found: 0
scan-...@coverity.com
Feb 20, 2024, 9:47:16 PM2/20/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 592912
Analysis Summary:
New defects found: 0
scan-...@coverity.com
Feb 27, 2024, 9:52:04 PM2/27/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 594517
scan-...@coverity.com
Mar 5, 2024, 9:41:55 PM3/5/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 596190
scan-...@coverity.com
Mar 12, 2024, 10:52:59 PM3/12/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 597887
scan-...@coverity.com
Mar 19, 2024, 10:41:46 PM3/19/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 599719
scan-...@coverity.com
Mar 26, 2024, 10:49:46 PM3/26/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 601325
scan-...@coverity.com
Apr 2, 2024, 11:03:45 PM4/2/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 602939
scan-...@coverity.com
Apr 9, 2024, 11:22:03 PM4/9/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 604702
scan-...@coverity.com
Apr 16, 2024, 10:58:29 PM4/16/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 606365
scan-...@coverity.com
Apr 23, 2024, 11:24:20 PM4/23/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
scan-...@coverity.com
Apr 30, 2024, 11:54:55 PM4/30/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 609803
scan-...@coverity.com
May 7, 2024, 10:56:34 PM5/7/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 611538
scan-...@coverity.com
May 14, 2024, 11:04:12 PM5/14/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 613274
scan-...@coverity.com
May 21, 2024, 10:58:51 PM5/21/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 614923
scan-...@coverity.com
May 28, 2024, 10:55:16 PM5/28/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 616585
scan-...@coverity.com
Jun 4, 2024, 11:32:39 PM6/4/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 618294
scan-...@coverity.com
Jun 11, 2024, 11:02:14 PM6/11/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 619915
scan-...@coverity.com
Jun 18, 2024, 11:04:56 PM6/18/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 621600
scan-...@coverity.com
Jun 25, 2024, 11:03:02 PM6/25/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 623174
Analysis Summary:
New defects found: 4
Defects eliminated: 0
If you have difficulty understanding any defects, email us at scan-...@coverity.com,
or post your question to StackOverflow
at https://u15810271.ct.sendgrid.net/ls/click?upn=u001.flnyKa-2FqvaKqx4fLQsH4bW35wEOELQKXyfspKiPYDJTkkE6I9WJzTo3tzdZlfNLaav4ccqKPQZ-2BbcFiem7UEug-3D-3Devd5_-2F6M1KAJo-2FdV68TZwt-2FFPjoRi-2FC5ouTs-2BmTWqSwFMu5hhE57eyTT9FCd95xII5ghqQmE-2B7HStC9vogJrFIli2jymqp7v5qljWlbC-2BEvsjyYTfmH0igLdiQva8eKfmjkVjHgJteeBFOi-2FRlk0pFP5WvQjC8j0Efr9iuuKEcy-2FhnAI1jNARz1iyC8DKlns0SoVRPudfQ-2FdjtS7A68uz9ON0Ng-3D-3D
Mike Frysinger
Jun 26, 2024, 5:23:50 AM6/26/24
to mini...@chromium.org
seems like coverity scanning tools have changed which is why new defects have been found rather than us introducing new bugs recently.
one of them is a false positive, so i marked it as such -- coverity doesn't see we guarantee a value is within a [0,64] range (get_last_valid_cap) before converting unsigned int to signed int (calling cap_get_flag with `i`).
i sent out a cleanup for parse_size. coverity is correct there's an underflow, but it happens after we no longer use the variable (since it's a `i--` operation), so it doesn't really matter.
i sent out a cleanup for --seccomp-bpf-binary where we checked for NULL that could never happen, but coverity made it think that phantom NULL would be passed to APIs that assume non-NULL.
the other "new" failure is related to libminijailpreload.c and the internal marshal/unmarshal code. coverity says it detected it back in 2021, so not sure why it's saying it's "new". at any rate, it thinks the fd/buffer is untrusted between minijail_to_fd->minijail_from_fd, but that's internal to our library, so i don't see how it could be exploited. so i'll mark it ignored.
-mike
--
You received this message because you are subscribed to the Google Groups "minijail" group.
To unsubscribe from this group and stop receiving emails from it, send an email to minijail+u...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/minijail/667b84e2b6613_3ef1b2d892c6619ac596d4%40prd-scan-dashboard-0.mail.
scan-...@coverity.com
Jul 2, 2024, 11:46:16 PM7/2/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 624780
Analysis Summary:
New defects found: 1
Defects eliminated: 2
If you have difficulty understanding any defects, email us at scan-...@coverity.com,
or post your question to StackOverflow
Allen Webb
Jul 3, 2024, 12:02:00 PM7/3/24
to minijail
So in getline for glibc the config_file argument is passed through:
#ifdef IO_DEBUG
# define CHECK_FILE(FILE, RET) do { \
if ((FILE) == NULL \
|| ((FILE)->_flags & _IO_MAGIC_MASK) != _IO_MAGIC) \
{ \
__set_errno (EINVAL); \
return RET; \
} \
} while (0)
#else
# define CHECK_FILE(FILE, RET) do { } while (0)
#endif
#ifdef IO_DEBUG
# define CHECK_FILE(FILE, RET) do { \
if ((FILE) == NULL \
|| ((FILE)->_flags & _IO_MAGIC_MASK) != _IO_MAGIC) \
{ \
__set_errno (EINVAL); \
return RET; \
} \
} while (0)
#else
# define CHECK_FILE(FILE, RET) do { } while (0)
#endif
getline in glibc's stdio.h has a __nonnull ((3)) suffix according to this:
https://github.com/bminor/glibc/blob/4737e6a7a3f98c8e2674e313cb09d7882583f5f0/libio/stdio.h#L692
https://github.com/bminor/glibc/blob/4737e6a7a3f98c8e2674e313cb09d7882583f5f0/libio/stdio.h#L692
Mike Frysinger
Jul 3, 2024, 1:07:59 PM7/3/24
to Allen Webb, minijail
I sent you a fix for that finding already ;)
--
You received this message because you are subscribed to the Google Groups "minijail" group.
To unsubscribe from this group and stop receiving emails from it, send an email to minijail+u...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/minijail/23ee2665-9ce3-4d48-a99f-cf0c8d686ff9n%40chromium.org.
Allen Webb
Jul 3, 2024, 3:34:19 PM7/3/24
to Mike Frysinger, minijail
Yes, thanks. I saw it after sending the first email.
scan-...@coverity.com
Jul 9, 2024, 11:11:24 PM7/9/24
to mini...@chromium.org
Your request for analysis of google/minijail has been completed successfully.
Build ID: 626340
Analysis Summary:
New defects found: 0
Defects eliminated: 1
Reply all
Reply to author
Forward
0 new messages