freebsd-dev/sbin
Don Lewis 95320acebc Fix multiple Coverity Out-of-bounds access false postive issues in CAM
The currently used idiom for clearing the part of a ccb after its
header generates one or two Coverity errors for each time it is
used.  All instances generate an Out-of-bounds access (ARRAY_VS_SINGLETON)
error because of the treatment of the header as a two element array,
with a pointer to the non-existent second element being passed as
the starting address to bzero().  Some instances also alsp generate
Out-of-bounds access (OVERRUN) errors, probably because the space
being cleared is larger than the sizeofstruct ccb_hdr).

In addition, this idiom is difficult for humans to understand and
it is error prone.  The user has to chose the proper struct ccb_*
type (which does not appear in the surrounding code) for the sizeof()
in the length calculation.  I found several instances where the
length was incorrect, which could cause either an actual out of
bounds write, or incompletely clear the ccb.

A better way is to write the code to clear the ccb itself starting
at sizeof(ccb_hdr) bytes from the start of the ccb, and calculate
the length based on the specific type of struct ccb_* being cleared
as specified by the union ccb member being used.  The latter can
normally be seen in the nearby code.  This is friendlier for Coverity
and other static analysis tools because they will see that the
intent is to clear the trailing part of the ccb.

Wrap all of the boilerplate code in a convenient macro that only
requires a pointer to the desired union ccb member (or a pointer
to the union ccb itself) as an argument.

Reported by:	Coverity
CID:		1007578, 1008684, 1009724, 1009773, 1011304, 1011306
CID:		1011307, 1011308, 1011309, 1011310, 1011311, 1011312
CID:		1011313, 1011314, 1011315, 1011316, 1011317, 1011318
CID:		1011319, 1011320, 1011321, 1011322, 1011324, 1011325
CID:		1011326, 1011327, 1011328, 1011329, 1011330, 1011374
CID:		1011390, 1011391, 1011392, 1011393, 1011394, 1011395
CID:		1011396, 1011397, 1011398, 1011399, 1011400, 1011401
CID:		1011402, 1011403, 1011404, 1011405, 1011406, 1011408
CID:		1011409, 1011410, 1011411, 1011412, 1011413, 1011414
CID:		1017461, 1018387, 1086860, 1086874, 1194257, 1229897
CID:		1229968, 1306229, 1306234, 1331282, 1331283, 1331294
CID:		1331295, 1331535, 1331536, 1331539, 1331540, 1341623
CID:		1341624, 1341637, 1341638, 1355264, 1355324
Reviewed by:	scottl, ken, delphij, imp
MFH:		1 month
Differential Revision:	https://reviews.freebsd.org/D6496
2016-05-24 00:57:11 +00:00
..
adjkerntz Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
atm Use NULL for pointers instead of 0. 2016-04-19 00:59:15 +00:00
badsect Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
bsdlabel Use NULL instead of 0 for pointers. 2016-04-18 07:40:36 +00:00
camcontrol Fix multiple Coverity Out-of-bounds access false postive issues in CAM 2016-05-24 00:57:11 +00:00
ccdconfig Create packages for atm, ccdconfig, devd, ipf, ipfw, 2016-02-09 19:30:31 +00:00
clri Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
comcontrol Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
conscontrol Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
ddb Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
devd Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed 2016-05-04 23:20:53 +00:00
devfs Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
dhclient dhclient: Fix the trivial buffer overruns correctly 2016-05-18 23:41:55 +00:00
dmesg Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
dump sbin: ake use of our rounddown() macro when sys/param.h is available. 2016-05-01 02:24:05 +00:00
dumpfs Use MIN macro from sys/param.h. 2016-05-02 01:40:31 +00:00
dumpon Use nitems() instead of sizeof(name) / sizeof(*name). 2016-04-19 04:28:25 +00:00
etherswitchcfg Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
fdisk fdisk: drop unused macro and make use of roundup()/rounddown(). 2016-04-30 19:58:54 +00:00
fdisk_pc98 fdisk: drop unused macro and make use of roundup()/rounddown(). 2016-04-30 19:58:54 +00:00
ffsinfo Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
fsck strchr(3) will return NULL if it cannot find the character in the 2016-04-18 07:44:53 +00:00
fsck_ffs fsck_ffs: Don't overrun mount device buffer 2016-05-11 16:20:23 +00:00
fsck_msdosfs fsck_msdosfs: Adjust a check. 2016-05-04 22:27:22 +00:00
fsdb Use NULL instead of 0 for pointers. 2016-04-18 07:47:26 +00:00
fsirand Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
gbde MFH 2016-03-02 16:14:46 +00:00
geom sbin: ake use of our rounddown() macro when sys/param.h is available. 2016-05-01 02:24:05 +00:00
ggate Add pidfile support to ggated(8) 2016-01-28 03:24:06 +00:00
growfs Cosmetic fixes for growfs(8) - remove unneeded capitalization and a spurious 2016-05-11 09:26:23 +00:00
gvinum Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
hastctl MFH 2016-03-02 16:14:46 +00:00
hastd Improve performance and functionality of the bitstring(3) api 2016-05-04 22:34:11 +00:00
ifconfig Add an assertion to catch a potential underflow in an array index 2016-05-16 08:07:32 +00:00
init For pointers use NULL instead of 0. 2016-05-16 00:34:48 +00:00
ipf MFH 2016-03-02 16:14:46 +00:00
ipfw Make ipfw internal olist output more user friendly. 2016-05-17 11:22:08 +00:00
iscontrol Fix multiple Coverity Out-of-bounds access false postive issues in CAM 2016-05-24 00:57:11 +00:00
kldconfig Use nitems() from sys/param.h. 2016-04-19 04:52:13 +00:00
kldload Use nitems() from sys/param.h. 2016-04-19 04:52:51 +00:00
kldstat MFH 2016-04-04 23:55:32 +00:00
kldunload Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
ldconfig Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
md5 Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
mdconfig Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed 2016-05-04 23:20:53 +00:00
mdmfs MFH 2016-03-14 18:54:29 +00:00
mknod Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
mksnap_ffs Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
mount Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
mount_cd9660 Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
mount_fusefs Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
mount_msdosfs Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
mount_nfs MFH 2016-04-16 02:32:12 +00:00
mount_nullfs Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
mount_udf Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
mount_unionfs Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
nandfs Create packages for atm, ccdconfig, devd, ipf, ipfw, 2016-02-09 19:30:31 +00:00
natd Create packages for atm, ccdconfig, devd, ipf, ipfw, 2016-02-09 19:30:31 +00:00
newfs Use MIN()/MAX() macros from sys/param.h. 2016-05-02 00:45:46 +00:00
newfs_msdos Use nitems() from sys/param.h. 2016-04-19 04:57:57 +00:00
newfs_nandfs sbin: use our howmany() macro when available through <sys/param.h>. 2016-05-01 02:19:49 +00:00
nfsiod Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
nos-tun Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
nvmecontrol nvmecontrol.8: minor spelling fix. 2016-05-06 03:11:34 +00:00
pfctl sbin: minor spelling fixes. 2016-04-30 19:04:59 +00:00
pflogd Create packages for atm, ccdconfig, devd, ipf, ipfw, 2016-02-09 19:30:31 +00:00
ping Check for socket creation success before calling bind(). 2016-05-12 05:43:54 +00:00
ping6 For pointers use NULL instead of 0. 2016-05-16 00:35:39 +00:00
quotacheck For pointers use NULL instead of 0. 2016-05-16 00:36:12 +00:00
rcorder Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
reboot Add missing parameters -N and -l to reroot and halt usage() 2016-05-06 20:49:14 +00:00
recoverdisk sbin: ake use of our rounddown() macro when sys/param.h is available. 2016-05-01 02:24:05 +00:00
resolvconf Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
restore restore: promote some getfiles() parameters to size_t. 2016-05-01 21:17:30 +00:00
route MFH 2016-03-02 16:14:46 +00:00
routed routed(8): Use arc4random_uniform instead of arc4random. 2016-05-15 06:06:22 +00:00
rtsol Create packages for atm, ccdconfig, devd, ipf, ipfw, 2016-02-09 19:30:31 +00:00
savecore Don't leak fd on sectorsize malloc failure 2016-04-20 00:49:49 +00:00
sconfig Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
setkey Use nitems() from sys/param.h. 2016-04-19 09:43:51 +00:00
shutdown Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
spppcontrol Add META_MODE support. 2015-06-13 19:20:56 +00:00
sunlabel Re-ident lines. 2016-04-20 01:35:09 +00:00
swapon sbin: minor spelling fixes. 2016-04-30 19:04:59 +00:00
sysctl Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
tests Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed 2016-05-04 23:20:53 +00:00
tunefs Mention fsck_ffs -E in tunefs(8). It's non-obvious that one should 2016-04-19 15:08:35 +00:00
umount Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
Makefile Convert casperd(8) daemon to the libcasper. 2016-02-25 18:23:40 +00:00
Makefile.amd64 Integrate nvmecontrol(8) into the amd64 and i386 builds. 2012-09-17 21:41:38 +00:00
Makefile.arm MF tbemd: Move to using Makefile.arch to select what to build. 2010-09-13 02:25:21 +00:00
Makefile.i386 Integrate nvmecontrol(8) into the amd64 and i386 builds. 2012-09-17 21:41:38 +00:00
Makefile.inc Use src.opts.mk in preference to bsd.own.mk except where we need stuff 2014-05-06 04:22:01 +00:00
Makefile.mips MF tbemd: Move to using Makefile.arch to select what to build. 2010-09-13 02:25:21 +00:00
Makefile.pc98 MF tbemd: Move to using Makefile.arch to select what to build. 2010-09-13 02:25:21 +00:00
Makefile.sparc64 MF tbemd: Move to using Makefile.arch to select what to build. 2010-09-13 02:25:21 +00:00