From: scan-admin@coverity.com
To: ceph-devel@vger.kernel.org
Subject: New Defects reported by Coverity Scan for ceph
Date: Wed, 24 May 2017 23:22:37 -0700 [thread overview]
Message-ID: <5926782d9b5ab_19272f330517c6@ss1435.mail> (raw)
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
400 new defect(s) introduced to ceph found with Coverity Scan.
7 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 400 defect(s)
** CID 717165: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/rados/rados.cc: 3519 in main()
/home/brad/working/src/ceph/src/tools/rados/rados.cc: 3519 in main()
________________________________________________________________________________________________________
*** CID 717165: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/rados/rados.cc: 3519 in main()
3513
3514 out:
3515 delete formatter;
3516 return (ret < 0) ? 1 : 0;
3517 }
3518
>>> CID 717165: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
3519 int main(int argc, const char **argv)
3520 {
3521 vector<const char*> args;
3522 argv_to_vec(argc, argv, args);
3523 env_to_vec(args);
3524
/home/brad/working/src/ceph/src/tools/rados/rados.cc: 3519 in main()
3513
3514 out:
3515 delete formatter;
3516 return (ret < 0) ? 1 : 0;
3517 }
3518
>>> CID 717165: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
3519 int main(int argc, const char **argv)
3520 {
3521 vector<const char*> args;
3522 argv_to_vec(argc, argv, args);
3523 env_to_vec(args);
3524
** CID 717379: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rgw/rgw_op.h: 244 in RGWGetObj::RGWGetObj()()
________________________________________________________________________________________________________
*** CID 717379: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rgw/rgw_op.h: 244 in RGWGetObj::RGWGetObj()()
238 first_block = 0;
239 last_block = 0;
240 q_ofs = 0;
241 q_len = 0;
242 first_data = true;
243 cur_ofs = 0;
>>> CID 717379: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "rgwx_stat" is not initialized in this constructor nor in any functions that it calls.
244 }
245
246 bool prefetch_data() override;
247
248 void set_get_data(bool get_data) {
249 this->get_data = get_data;
** CID 745929: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/rgw/rgw_jsonparser.cc: 60 in main()
________________________________________________________________________________________________________
*** CID 745929: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/rgw/rgw_jsonparser.cc: 60 in main()
54 JSONDecoder::decode_json("max_buckets", max_buckets, obj);
55 JSONDecoder::decode_json("keys", keys, obj);
56 }
57 };
58
59
>>> CID 745929: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
60 int main(int argc, char **argv) {
61 JSONParser parser;
62
63 char buf[1024];
64 bufferlist bl;
65
** CID 1019602: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
________________________________________________________________________________________________________
*** CID 1019602: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
** CID 1019603: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
________________________________________________________________________________________________________
*** CID 1019603: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019603: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_lexical_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
** CID 1054823: (ATOMICITY)
/home/brad/working/src/ceph/src/rgw/rgw_rest_client.cc: 542 in RGWRESTStreamWriteRequest::send_data(void *, unsigned long)()
/home/brad/working/src/ceph/src/rgw/rgw_rest_client.cc: 542 in RGWRESTStreamWriteRequest::send_data(void *, unsigned long)()
________________________________________________________________________________________________________
*** CID 1054823: (ATOMICITY)
/home/brad/working/src/ceph/src/rgw/rgw_rest_client.cc: 542 in RGWRESTStreamWriteRequest::send_data(void *, unsigned long)()
536 len -= send_len;
537 sent += send_len;
538
539 lock.Lock();
540
541 bufferlist new_bl;
>>> CID 1054823: (ATOMICITY)
>>> Using an unreliable value of "bl" inside the second locked section. If the data that "bl" depends on was changed by another thread, this use might be incorrect.
542 if (bl.length() > send_len) {
543 bufferptr bp(bl.c_str() + send_len, bl.length() - send_len);
544 new_bl.append(bp);
545 }
546 pending_send.pop_front(); /* need to do this after we copy data from bl */
547 if (new_bl.length()) {
/home/brad/working/src/ceph/src/rgw/rgw_rest_client.cc: 542 in RGWRESTStreamWriteRequest::send_data(void *, unsigned long)()
536 len -= send_len;
537 sent += send_len;
538
539 lock.Lock();
540
541 bufferlist new_bl;
>>> CID 1054823: (ATOMICITY)
>>> Using an unreliable value of "bl" inside the second locked section. If the data that "bl" depends on was changed by another thread, this use might be incorrect.
542 if (bl.length() > send_len) {
543 bufferptr bp(bl.c_str() + send_len, bl.length() - send_len);
544 new_bl.append(bp);
545 }
546 pending_send.pop_front(); /* need to do this after we copy data from bl */
547 if (new_bl.length()) {
** CID 1219619: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/rados/rados.cc: 3519 in main()
________________________________________________________________________________________________________
*** CID 1219619: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/rados/rados.cc: 3519 in main()
3513
3514 out:
3515 delete formatter;
3516 return (ret < 0) ? 1 : 0;
3517 }
3518
>>> CID 1219619: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
3519 int main(int argc, const char **argv)
3520 {
3521 vector<const char*> args;
3522 argv_to_vec(argc, argv, args);
3523 env_to_vec(args);
3524
** CID 1219625: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/rgw/rgw_jsonparser.cc: 60 in main()
________________________________________________________________________________________________________
*** CID 1219625: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/rgw/rgw_jsonparser.cc: 60 in main()
54 JSONDecoder::decode_json("max_buckets", max_buckets, obj);
55 JSONDecoder::decode_json("keys", keys, obj);
56 }
57 };
58
59
>>> CID 1219625: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
60 int main(int argc, char **argv) {
61 JSONParser parser;
62
63 char buf[1024];
64 bufferlist bl;
65
** CID 1219631: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
________________________________________________________________________________________________________
*** CID 1219631: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1219631: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1219631: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
** CID 1232605: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/rbd_replay/rbd-replay.cc: 58 in main()
________________________________________________________________________________________________________
*** CID 1232605: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/rbd_replay/rbd-replay.cc: 58 in main()
52 cout << std::endl;
53 cout << "Image mapping rules:" << std::endl;
54 cout << "A rule of image1@snap1=image2@snap2 would map snap1 of image1 to snap2 of" << std::endl;
55 cout << "image2." << std::endl;
56 }
57
>>> CID 1232605: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::lock_error> >" is thrown and never caught.
58 int main(int argc, const char **argv) {
59 vector<const char*> args;
60
61 argv_to_vec(argc, argv, args);
62 env_to_vec(args);
63 auto cct = global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT,
** CID 1247721: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/rbd/rbd.cc: 10 in main()
________________________________________________________________________________________________________
*** CID 1247721: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/rbd/rbd.cc: 10 in main()
4 #include "tools/rbd/Shell.h"
5 #include "include/int_types.h"
6 #include "common/ceph_argparse.h"
7 #include "global/global_init.h"
8 #include <vector>
9
>>> CID 1247721: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
10 int main(int argc, const char **argv)
11 {
12 std::vector<const char*> args;
13 argv_to_vec(argc, argv, args);
14 env_to_vec(args);
15
** CID 1255934: Uninitialized members (UNINIT_CTOR)
/usr/include/c++/6.3.1/functional: 1869 in std::function<void (ceph::Formatter &, const md_config_t &, RGWRados &)>::function(std::nullptr_t)()
________________________________________________________________________________________________________
*** CID 1255934: Uninitialized members (UNINIT_CTOR)
/usr/include/c++/6.3.1/functional: 1869 in std::function<void (ceph::Formatter &, const md_config_t &, RGWRados &)>::function(std::nullptr_t)()
1863
1864 /**
1865 * @brief Creates an empty function call wrapper.
1866 * @post @c !(bool)*this
1867 */
1868 function(nullptr_t) noexcept
>>> CID 1255934: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "_M_invoker" is not initialized in this constructor nor in any functions that it calls.
1869 : _Function_base() { }
1870
1871 /**
1872 * @brief %Function copy constructor.
1873 * @param __x A %function object with identical call signature.
1874 * @post @c bool(*this) == bool(__x)
** CID 1296302: Uninitialized members (UNINIT_CTOR)
/usr/include/c++/6.3.1/bits/regex_scanner.h: 110 in std::__detail::_ScannerBase::_ScannerBase(std::regex_constants::syntax_option_type)()
________________________________________________________________________________________________________
*** CID 1296302: Uninitialized members (UNINIT_CTOR)
/usr/include/c++/6.3.1/bits/regex_scanner.h: 110 in std::__detail::_ScannerBase::_ScannerBase(std::regex_constants::syntax_option_type)()
104 : _M_flags & regex_constants::egrep
105 ? ".[\\()*+?{|^$\n"
106 : _M_flags & regex_constants::awk
107 ? _M_extended_spec_char
108 : nullptr),
109 _M_at_bracket_start(false)
>>> CID 1296302: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "_M_token" is not initialized in this constructor nor in any functions that it calls.
110 { __glibcxx_assert(_M_spec_char); }
111
112 protected:
113 const char*
114 _M_find_escape(char __c)
115 {
** CID 1296376: Integer handling issues (CONSTANT_EXPRESSION_RESULT)
/home/brad/working/src/ceph/src/test/librbd/fsx.cc: 1340 in save_buffer(char *, long, int)()
________________________________________________________________________________________________________
*** CID 1296376: Integer handling issues (CONSTANT_EXPRESSION_RESULT)
/home/brad/working/src/ceph/src/test/librbd/fsx.cc: 1340 in save_buffer(char *, long, int)()
1334 off_t ret;
1335 ssize_t byteswritten;
1336
1337 if (fd <= 0 || bufferlength == 0)
1338 return;
1339
>>> CID 1296376: Integer handling issues (CONSTANT_EXPRESSION_RESULT)
>>> "bufferlength > 9223372036854775807L" is always false regardless of the values of its operands. This occurs as the logical operand of "if".
1340 if (bufferlength > SSIZE_MAX) {
1341 prt("fsx flaw: overflow in save_buffer\n");
1342 exit(67);
1343 }
1344
1345 ret = lseek(fd, (off_t)0, SEEK_SET);
** CID 1297756: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/cls_rbd/test_cls_rbd.cc: 62 in random_buf(unsigned long)()
________________________________________________________________________________________________________
*** CID 1297756: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/cls_rbd/test_cls_rbd.cc: 62 in random_buf(unsigned long)()
56 }
57
58 static char *random_buf(size_t len)
59 {
60 char *b = new char[len];
61 for (size_t i = 0; i < len; i++)
>>> CID 1297756: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
62 b[i] = (rand() % (128 - 32)) + 32;
63 return b;
64 }
65
66 class TestClsRbd : public ::testing::Test {
67 public:
** CID 1297879: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/rbd_replay/rbd-replay.cc: 58 in main()
________________________________________________________________________________________________________
*** CID 1297879: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/rbd_replay/rbd-replay.cc: 58 in main()
52 cout << std::endl;
53 cout << "Image mapping rules:" << std::endl;
54 cout << "A rule of image1@snap1=image2@snap2 would map snap1 of image1 to snap2 of" << std::endl;
55 cout << "image2." << std::endl;
56 }
57
>>> CID 1297879: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::thread_resource_error> >" is thrown and never caught.
58 int main(int argc, const char **argv) {
59 vector<const char*> args;
60
61 argv_to_vec(argc, argv, args);
62 env_to_vec(args);
63 auto cct = global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT,
** CID 1313366: (ATOMICITY)
/home/brad/working/src/ceph/src/common/obj_bencher.cc: 719 in ObjBencher::seq_read_bench(int, int, int, int, bool)()
/home/brad/working/src/ceph/src/common/obj_bencher.cc: 788 in ObjBencher::seq_read_bench(int, int, int, int, bool)()
________________________________________________________________________________________________________
*** CID 1313366: (ATOMICITY)
/home/brad/working/src/ceph/src/common/obj_bencher.cc: 719 in ObjBencher::seq_read_bench(int, int, int, int, bool)()
713 }
714
715 // calculate latency here, so memcmp doesn't inflate it
716 data.cur_latency = ceph_clock_now() - start_times[slot];
717
718 cur_contents = contents[slot];
>>> CID 1313366: (ATOMICITY)
>>> Using an unreliable value of "index[slot]" inside the second locked section. If the data that "index[slot]" depends on was changed by another thread, this use might be incorrect.
719 int current_index = index[slot];
720
721 // invalidate internal crc cache
722 cur_contents->invalidate_crc();
723
724 if (!no_verify) {
/home/brad/working/src/ceph/src/common/obj_bencher.cc: 788 in ObjBencher::seq_read_bench(int, int, int, int, bool)()
782 if (data.cur_latency < data.min_latency) data.min_latency = data.cur_latency;
783 ++data.finished;
784 data.avg_latency = total_latency / data.finished;
785 --data.in_flight;
786 release_completion(slot);
787 if (!no_verify) {
>>> CID 1313366: (ATOMICITY)
>>> Using an unreliable value of "index[slot]" inside the second locked section. If the data that "index[slot]" depends on was changed by another thread, this use might be incorrect.
788 snprintf(data.object_contents, data.op_size, "I'm the %16dth op!", index[slot]);
789 lock.Unlock();
790 if ((contents[slot]->length() != data.op_size) ||
791 (memcmp(data.object_contents, contents[slot]->c_str(), data.op_size) != 0)) {
792 cerr << name[slot] << " is not correct!" << std::endl;
793 ++errors;
** CID 1313371: (CHECKED_RETURN)
/home/brad/working/src/ceph/src/tools/rados/RadosImport.cc: 120 in RadosImport::import(librados::IoCtx &, bool)()
/home/brad/working/src/ceph/src/tools/rados/RadosImport.cc: 164 in RadosImport::import(librados::IoCtx &, bool)()
________________________________________________________________________________________________________
*** CID 1313371: (CHECKED_RETURN)
/home/brad/working/src/ceph/src/tools/rados/RadosImport.cc: 120 in RadosImport::import(librados::IoCtx &, bool)()
114 return -EINVAL;
115 }
116 #endif
117
118 #if defined(__linux__)
119 if (file_fd != STDIN_FILENO)
>>> CID 1313371: (CHECKED_RETURN)
>>> Calling "posix_fadvise(this->file_fd, 0L, 0L, 2)" without checking return value. This library function may fail and return an error code.
120 posix_fadvise(file_fd, 0, 0, POSIX_FADV_SEQUENTIAL);
121 #endif
122
123 bool done = false;
124 bool found_metadata = false;
125 while(!done) {
/home/brad/working/src/ceph/src/tools/rados/RadosImport.cc: 164 in RadosImport::import(librados::IoCtx &, bool)()
158 if (!(pool_mode || found_metadata)) {
159 cerr << "Missing metadata section!" << std::endl;
160 }
161
162 #if defined(__linux__)
163 if (file_fd != STDIN_FILENO)
>>> CID 1313371: (CHECKED_RETURN)
>>> Calling "posix_fadvise(this->file_fd, 0L, 0L, 4)" without checking return value. This library function may fail and return an error code.
164 posix_fadvise(file_fd, 0, 0, POSIX_FADV_DONTNEED);
165 #endif
166 return 0;
167 }
168
169 int RadosImport::get_object_rados(librados::IoCtx &ioctx, bufferlist &bl, bool no_overwrite)
** CID 1313372: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/tools/rados/PoolDump.cc: 167 in PoolDump::dump(librados::IoCtx *)()
________________________________________________________________________________________________________
*** CID 1313372: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/tools/rados/PoolDump.cc: 167 in PoolDump::dump(librados::IoCtx *)()
161 }
162 }
163
164 r = write_simple(TYPE_POOL_END, file_fd);
165 #if defined(__linux__)
166 if (file_fd != STDOUT_FILENO)
>>> CID 1313372: Error handling issues (CHECKED_RETURN)
>>> Calling "posix_fadvise(this->file_fd, 0L, 0L, 4)" without checking return value. This library function may fail and return an error code.
167 posix_fadvise(file_fd, 0, 0, POSIX_FADV_DONTNEED);
168 #endif
169 return r;
** CID 1313380: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/common/obj_bencher.cc: 977 in ObjBencher::rand_read_bench(int, int, int, int, bool)()
________________________________________________________________________________________________________
*** CID 1313380: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/common/obj_bencher.cc: 977 in ObjBencher::rand_read_bench(int, int, int, int, bool)()
971 (memcmp(data.object_contents, cur_contents->c_str(), data.op_size) != 0)) {
972 cerr << name[slot] << " is not correct!" << std::endl;
973 ++errors;
974 }
975 }
976
>>> CID 1313380: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
977 rand_id = rand() % num_objects;
978 newName = generate_object_name(rand_id / writes_per_object, pid);
979 index[slot] = rand_id;
980 release_completion(slot);
981
982 // invalidate internal crc cache
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8HbBSYlGRvC6yb6IGf3IrEcYVJqy9-2FImfMxv9uburkNvarkyqWwX5Mqfu1HqNERerkSBlR1irNG2DpcaId5JlbsZpQs26lS4yycxgraa1mvrR7aSRTFPsSGKdgWoLAVo-2Frer-2FgL1qdiMaEHDi926oC8TDKjYc6u-2FkgsCns9GNvyZCnDQmB-2F3VZmts8D-2F4mxFKc-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8HbBSYlGRvC6yb6IGf3IrEcYVJqy9-2FImfMxv9uburkNvWGv8Z7p1J5GSXDQNgfSCKDvcXRmzIF5P9TwhoIZ-2F-2FM6-2FmWzXqXif3RlYGW6QeWOjcarMjFVTscNUNbzSaxsAsqDUL7G1JdcbAvWsyF65rFgQ2-2FtBGe0pEE4IAAkDKDhaV5C3064UhFoc-2FjLoVy2SQk-3D
next reply other threads:[~2017-05-25 6:22 UTC|newest]
Thread overview: 124+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-25 6:22 scan-admin [this message]
-- strict thread matches above, loose matches on Subject: below --
2022-08-20 12:22 New Defects reported by Coverity Scan for ceph scan-admin
2022-08-20 13:17 ` Jeff Layton
2022-08-22 3:54 ` Brad Hubbard
2022-08-23 12:52 ` Jeff Layton
2018-01-04 3:32 scan-admin
2017-12-28 1:57 scan-admin
2017-12-21 1:54 scan-admin
2017-12-21 3:34 ` Jos Collin
2017-12-21 4:03 ` Brad Hubbard
2017-12-14 6:49 scan-admin
2017-12-01 2:25 scan-admin
2017-11-23 0:19 scan-admin
2017-11-16 11:35 scan-admin
2017-11-09 11:36 scan-admin
2017-11-02 2:11 scan-admin
2017-10-27 0:31 scan-admin
2017-10-19 3:54 scan-admin
2017-10-12 5:54 scan-admin
2017-10-05 5:08 scan-admin
2017-09-28 5:09 scan-admin
2017-09-21 6:44 scan-admin
2017-09-14 7:19 scan-admin
2017-09-07 5:08 scan-admin
2017-08-31 6:39 scan-admin
2017-08-24 23:32 scan-admin
2017-08-17 3:29 scan-admin
2017-08-10 3:50 scan-admin
2017-08-03 4:57 scan-admin
2017-07-27 3:50 scan-admin
2017-07-28 18:42 ` Gregory Farnum
2017-07-28 22:22 ` Brad Hubbard
2017-07-20 4:08 scan-admin
2017-07-13 5:11 scan-admin
2017-07-06 5:03 scan-admin
2017-06-29 4:08 scan-admin
2017-06-22 4:27 scan-admin
2017-06-15 9:50 scan-admin
2017-06-11 23:46 scan-admin
2017-06-01 4:33 scan-admin
2017-05-18 1:44 scan-admin
2017-05-11 5:32 scan-admin
2017-05-04 2:45 scan-admin
2017-04-27 2:22 scan-admin
2017-04-20 5:34 scan-admin
2017-04-13 6:25 scan-admin
2017-04-06 9:40 scan-admin
2017-03-31 1:25 scan-admin
2017-03-23 7:58 scan-admin
2017-03-16 7:37 scan-admin
2017-03-09 6:12 scan-admin
2017-03-02 7:44 scan-admin
2017-02-23 9:09 scan-admin
2017-02-17 2:29 scan-admin
[not found] ` <CAJE9aOMoxWjhq=g+25hfhMhxSCnHAOwAyNhXvkxS1wwBEd3j+A@mail.gmail.com>
2017-02-17 5:19 ` kefu chai
2017-02-05 10:08 scan-admin
2017-01-27 13:22 scan-admin
2017-01-17 3:01 scan-admin
2017-01-09 10:05 scan-admin
2016-12-30 8:33 scan-admin
2016-12-23 9:16 scan-admin
2016-12-16 8:54 scan-admin
2016-12-09 11:29 scan-admin
2016-12-02 11:08 scan-admin
2016-11-25 7:55 scan-admin
2016-03-19 17:58 scan-admin
2016-03-13 17:40 scan-admin
2016-03-12 18:04 scan-admin
2016-03-05 17:55 scan-admin
2016-03-07 20:59 ` Gregory Farnum
2016-02-27 18:07 scan-admin
2016-02-20 18:26 scan-admin
2016-02-18 20:32 scan-admin
2016-02-13 17:47 scan-admin
2016-02-11 17:57 scan-admin
2016-02-11 22:01 ` Gregory Farnum
2016-02-12 16:36 ` Adam C. Emerson
2016-02-04 20:39 scan-admin
2016-02-03 20:40 scan-admin
2015-05-02 14:37 scan-admin
2015-01-21 1:41 scan-admin
2015-01-16 14:39 scan-admin
2015-01-16 15:17 ` Gregory Farnum
2015-01-16 16:00 ` John Spray
2015-01-16 16:08 ` Sage Weil
[not found] <54b528bef1f63_1b74f3532c63410@scan.coverity.com.mail>
2015-01-13 14:34 ` Sage Weil
2015-01-13 14:16 scan-admin
2015-01-10 14:36 scan-admin
2015-01-10 15:48 ` Haomai Wang
2015-01-09 14:30 scan-admin
2015-01-09 15:26 ` Sage Weil
2015-01-09 15:32 ` Danny Al-Gaaf
2015-01-04 14:14 scan-admin
2014-12-27 14:13 scan-admin
2014-12-28 6:03 ` Sage Weil
2014-12-26 14:19 scan-admin
2014-12-23 14:37 scan-admin
2014-12-21 14:13 scan-admin
2014-12-18 14:19 scan-admin
2014-12-14 14:17 scan-admin
2014-12-07 20:36 scan-admin
2014-12-05 14:11 scan-admin
2014-12-02 14:09 scan-admin
2014-11-25 14:09 scan-admin
2014-11-23 14:08 scan-admin
2014-11-20 14:20 scan-admin
2014-11-14 14:21 scan-admin
2014-11-13 14:21 scan-admin
2014-11-11 20:40 scan-admin
2014-11-09 14:12 scan-admin
2014-10-30 13:19 scan-admin
2014-10-30 16:08 ` Sage Weil
2014-10-28 13:16 scan-admin
2014-10-28 18:26 ` Danny Al-Gaaf
2014-10-26 13:17 scan-admin
2014-10-24 17:55 scan-admin
2014-10-24 17:59 ` Sage Weil
2014-10-17 13:27 scan-admin
2014-10-09 13:23 scan-admin
2014-10-02 13:21 scan-admin
2014-09-25 13:18 scan-admin
2014-09-16 21:40 scan-admin
2014-08-16 21:31 scan-admin
2014-08-09 15:30 scan-admin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5926782d9b5ab_19272f330517c6@ss1435.mail \
--to=scan-admin@coverity.com \
--cc=ceph-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.