From: James Jones <jejones3141@gmail.com>
Date: Sun, 12 Jan 2025 20:49:36 +0000 (-0600)
Subject: Annotate return_overflow in mod_write() (CID #1604620) (#5437)
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cd4ccacf1958b1605f56d2914dbe3b1febf1a343;p=thirdparty%2Ffreeradius-server.git

Annotate return_overflow in mod_write() (CID #1604620) (#5437)

This is arguably another example of trying to return a value not
representable in the function return type. It's highly unlikely that
anyone will pass a buffer of more than SSIZE_MAX bytes, but Coverity
apparently doesn't consider that.

CIDs #1604605 and #1604616 explicitly do return error values not
representable as int, but a ridiculously large buffer allocation will
fail long before anyone calls mod_write(), so we annotate.
---

diff --git a/src/listen/tacacs/proto_tacacs_tcp.c b/src/listen/tacacs/proto_tacacs_tcp.c
index bebdbaaadf9..8009364e9d3 100644
--- a/src/listen/tacacs/proto_tacacs_tcp.c
+++ b/src/listen/tacacs/proto_tacacs_tcp.c
@@ -318,6 +318,7 @@ static ssize_t mod_write(fr_listen_t *li, UNUSED void *packet_ctx, UNUSED fr_tim
 	 *	Return the packet we wrote, plus any bytes previously
 	 *	left over from previous packets.
 	 */
+	/* coverity[return_overflow] */
 	return data_size + written;
 }