Simplify hash computation to prevent pointer being classed as tainted.

mem.c:add_trace_entry() -> isc_hash_function() -> isc_siphash24()

129        for (; in != end; in += 8) {

	6. byte_swapping: Performing a byte swapping operation on
	in implies that it came from an external source, and is
	therefore tainted.

130                uint64_t m = U8TO64_LE(in);

diff --git a/lib/isc/mem.c b/lib/isc/mem.c
index 9a339b06c974f1c9a1e453a3a0a941756ab5c4aa..5e4b3d10046c7793b5fa66420db660b168bb93a0 100644 (file)
--- a/lib/isc/mem.c
+++ b/lib/isc/mem.c
@@ -272,7 +272,15 @@ add_trace_entry(isc__mem_t *mctx, const void *ptr, size_t size FLARG) {
                return;
        }
 
+#ifdef __COVERITY__
+       /*
+        * Use simple conversion from pointer to hash to avoid
+        * tainting 'ptr' due to byte swap in isc_hash_function.
+        */
+       hash = (uintptr_t)ptr >> 3;
+#else
        hash = isc_hash_function(&ptr, sizeof(ptr), true);
+#endif
        idx = hash % DEBUG_TABLE_COUNT;
 
        dl = malloc(sizeof(debuglink_t));
@@ -308,7 +316,15 @@ delete_trace_entry(isc__mem_t *mctx, const void *ptr, size_t size,
                return;
        }
 
+#ifdef __COVERITY__
+       /*
+        * Use simple conversion from pointer to hash to avoid
+        * tainting 'ptr' due to byte swap in isc_hash_function.
+        */
+       hash = (uintptr_t)ptr >> 3;
+#else
        hash = isc_hash_function(&ptr, sizeof(ptr), true);
+#endif
        idx = hash % DEBUG_TABLE_COUNT;
 
        dl = ISC_LIST_HEAD(mctx->debuglist[idx]);