Read from BPF into a void pointer aliased to the buffer so that

Coverity doesn't treat the data as tainted.
Of course it's tainted, but Coverity doesn't undertand our rules
ensuring the data is clean.

diff --git a/if-bsd.c b/if-bsd.c
index 249fa4e36e25aac373f466ded5af1db11cd9f028..cc40dbe6ca069a78b8fc12feca94d68b40a50f01 100644 (file)
--- a/if-bsd.c
+++ b/if-bsd.c
@@ -498,7 +498,11 @@ if_readrawpacket(struct interface *ifp, uint16_t protocol,
        *flags = 0;
        for (;;) {
                if (state->buffer_len == 0) {
-                       bytes = read(fd, state->buffer, state->buffer_size);
+                       /* alias a void pointer to our buffer
+                        * so that Coverity does not treat this as tainted. */
+                       void *bufp = state->buffer;
+
+                       bytes = read(fd, bufp, state->buffer_size);
                        if (bytes == -1 || bytes == 0)
                                return bytes;
                        state->buffer_len = (size_t)bytes;

diff --git a/ipv4.h b/ipv4.h
index 91484aaa825b4b28aa50c37990a0c26ddf33b103..036b5bfce6240f25f7dc2baa48a3656e88c81eae 100644 (file)
--- a/ipv4.h
+++ b/ipv4.h
@@ -85,7 +85,7 @@ struct ipv4_state {
 #ifdef BSD
        /* Buffer for BPF */
        size_t buffer_size, buffer_len, buffer_pos;
-       unsigned char *buffer;
+       uint8_t *buffer;
 #endif
 };