Hi There are two Coverity Issues with untar.c but this one seems especially odd to me.
My reading of the following code is that if the creat() of the filename in the tar image fails, then the code reads the contents of the tar image and throws it away to skip it. What would be wrong with replacing the throw away read loop with "lseek(fd, SEEK_CUR, 512 * nblocks)"? 339 /****************************************************************** 340 * Read out the data. There are nblocks of data where nblocks 341 * is the size rounded to the nearest 512-byte boundary. 342 *****************************************************************/ 343 nblocks = (((size) + 511) & ~511) / 512; 344 CID 26151: Use of untrusted string value (TAINTED_STRING) [select issue <https://scan5.coverity.com:8443/defectInstanceId=19808182&fileInstanceId=64729753&mergedDefectId=26151>] 345 if ((out_fd = creat(fname, 0644)) == -1) 346 { 347 for (i=0; i<nblocks; i++) 348 { CID 1255358 (#1 of 1): Unused value (UNUSED_VALUE)returned_value: Value from read(fd, bufr, 512U) is assigned to n here, but that stored value is not used before it is overwritten. 349 n = read(fd, bufr, 512); 350 } 351 } 352 else 353 { 354 for (i=0; i<nblocks; i++) 355 { value_overwrite: Value from read(fd, bufr, 512U) is overwritten with value from read(fd, bufr, 512U). -- Joel Sherrill, Ph.D. Director of Research & Development joel.sherr...@oarcorp.com On-Line Applications Research Ask me about RTEMS: a free RTOS Huntsville AL 35805 Support Available (256) 722-9985
_______________________________________________ devel mailing list devel@rtems.org http://lists.rtems.org/mailman/listinfo/devel
