Pull request #4662: dce_rpc: fixing coverity in dce_rpc code

Merge in SNORT/snort3 from ~SUMIKUM7/snort3:coverity_CSCwo16686_snort to master

Squashed commit of the following:

commit 92afd8abbce3613447019c469eb0f7f02eb7ffc3
Author: Sumit Kumar <sumikum7@cisco.com>
Date:   Mon Mar 24 15:16:03 2025 +0530

    dce_rpc: ignoring false positives and fixing spell checks

diff --git a/src/service_inspectors/dce_rpc/dce_co.cc b/src/service_inspectors/dce_rpc/dce_co.cc
index 753e693d40ccfe5b7bf70b2a12a676c207b1042b..7dfe8a224b7dece1ee45f82699e6f3031f1f3fcb 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_co.cc
+++ b/src/service_inspectors/dce_rpc/dce_co.cc
@@ -724,6 +724,8 @@ static DCE2_CoCtxIdNode* dce_co_process_ctx_id(DCE2_SsnData* sd,DCE2_CoTracker*
     dce2_move(frag_ptr, frag_len, sizeof(DceRpcCoContElem));
 
     /* Don't really care about the transfer syntaxes */
+    // Down casting from uint8_t const * to "DceRpcCoContElem" is checked with frag_len
+    // coverity[tainted_scalar]
     for (j = 0; j < num_tsyns; j++)
     {
         if (frag_len < sizeof(DceRpcCoSynId))

diff --git a/src/service_inspectors/dce_rpc/dce_udp_processing.cc b/src/service_inspectors/dce_rpc/dce_udp_processing.cc
index 965ca37b0565ef9b2232766614cdca6ebda55c4d..3de461e69c511babcc65eb8c7faf482d5f285e7a 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_udp_processing.cc
+++ b/src/service_inspectors/dce_rpc/dce_udp_processing.cc
@@ -132,6 +132,8 @@ void DCE2_ClProcess(DCE2_SsnData* sd, DCE2_ClTracker* clt)
         {
         case DCERPC_PDU_TYPE__REQUEST:
             dce2_udp_stats.cl_request++;
+            // Down casting from uint8_t const * to "DceRpcClHdr" is checked with data_len
+            // coverity[tainted_scalar]
             DCE2_ClRequest(sd, at, cl_hdr, data_ptr, data_len);
             break;