Skip to content

[Coverity CID :188890]Insecure data handling in /drivers/watchdog/wdt_qmsi.c #10750

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
mandarcthorat1 opened this issue Oct 22, 2018 · 1 comment
Closed

[Coverity CID :188890]Insecure data handling in /drivers/watchdog/wdt_qmsi.c #10750

mandarcthorat1 opened this issue Oct 22, 2018 · 1 comment
Assignees
@nashif
Labels
area: Drivers bug The issue is a bug, or the PR is fixing a bug Coverity A Coverity detected issue or its fix priority: medium Medium impact/importance bug

Comments

@mandarcthorat1
Copy link
Contributor

Static code scan issues seen in File: /drivers/watchdog/wdt_qmsi.c
Category: Insecure data handling
Function: get_timeout
Component: Drivers
CID: 188890
Please fix or provide comments to square it off in coverity in the link: https://scan9.coverity.com/reports.htm#v32951/p12996
@mandarcthorat1 mandarcthorat1 added area: Drivers bug The issue is a bug, or the PR is fixing a bug Coverity A Coverity detected issue or its fix labels Oct 22, 2018
@nashif nashif added the priority: medium Medium impact/importance bug label Nov 2, 2018
@nashif nashif self-assigned this Jan 30, 2019
@maxxlife
Copy link
Contributor

@nashif Hi. Do you think that it is a good idea to fix that defect by writing a new function sat_subtract and perform a saturating subtract?
As I understand the issue is count - 1 and its ability to underflow if count=0.

Please check my code idea prototype for that fix:
extern int sat_subtract(u32_t a, u32_t b);
inline sat_subtract(u32_t a, u32_t b)
{
return ((a > b) ? (a - b) : 0);
}
static u32_t get_timeout(u32_t timeout)
{
u32_t count = 0U;
return sat_subtract(count,1U);
}

This was referenced Feb 20, 2019
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nashif nashif

Labels
area: Drivers bug The issue is a bug, or the PR is fixing a bug Coverity A Coverity detected issue or its fix priority: medium Medium impact/importance bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@nashif @maxxlife @mandarcthorat1