From: James Jones <jejones3141@gmail.com>
Date: Wed, 21 Sep 2022 13:53:21 +0000 (-0500)
Subject: Annotate false positive tainted data in fr_udp_header_check() (CID #1504068) (#4728)
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e2761c3132406c0d02801ddad37168ea2efde784;p=thirdparty%2Ffreeradius-server.git

Annotate false positive tainted data in fr_udp_header_check() (CID #1504068) (#4728)

Coverity doesn't recognize the check that diff == 0 as a check of
udp_len.
---

diff --git a/src/lib/util/net.c b/src/lib/util/net.c
index ca36d6f5561..11822f26fd8 100644
--- a/src/lib/util/net.c
+++ b/src/lib/util/net.c
@@ -89,6 +89,7 @@ size_t fr_net_af_table_len = NUM_ELEMENTS(fr_net_af_table);
 		return -1;
 	}
 
+	/* coverity[tainted_data] */
 	expected = fr_udp_checksum((uint8_t const *) udp, udp_len, udp->checksum,
 				   ip->ip_src, ip->ip_dst);
 	if (udp->checksum != expected) {