]> git.ipfire.org Git - thirdparty/freeradius-server.git/commitdiff
projects / thirdparty / freeradius-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: bf89843)
Annotate false positive tainted_data (CID #1243443) (#4717)
authorJames Jones <jejones3141@gmail.com>
Wed, 7 Sep 2022 20:28:09 +0000 (15:28 -0500)
committerGitHub <noreply@github.com>
Wed, 7 Sep 2022 20:28:09 +0000 (16:28 -0400)
Coverity doesn't realize that eap_validation(), which is called
before eap_identity(), range checks the length.

src/lib/eap/session.c patch | blob | blame | history

diff --git a/src/lib/eap/session.c b/src/lib/eap/session.c
index 68751f88276a1ed966740340a83d1db33cd22cb3..9aeba055f9f818cde75a9d6f10170b5e820dc14f 100644 (file)
--- a/src/lib/eap/session.c
+++ b/src/lib/eap/session.c
@@ -273,6 +273,7 @@ static char *eap_identity(request_t *request, eap_session_t *eap_session, eap_pa
         *      If the length is 5, then a buffer with a length of 1 is
         *      created with a \0 byte.
         */
+       /* coverity[tainted_data] */
        return talloc_bstrndup(eap_session, (char *)&eap_packet->data[1], len - 5);
 }
 
Mirror of https://github.com/FreeRADIUS/freeradius-server.git