diff --git a/Source/core/ProcessInfo.cpp b/Source/core/ProcessInfo.cpp index 233cad552..f187a1ad6 100644 --- a/Source/core/ProcessInfo.cpp +++ b/Source/core/ProcessInfo.cpp @@ -145,7 +145,7 @@ namespace Core { int fd; snprintf(buffer, sizeof(buffer), "/proc/%d/stat", pid); - if ((fd = open(buffer, O_RDONLY)) > 0) { + if ((fd = open(buffer, O_RDONLY)) != -1) { if (read(fd, buffer, sizeof(buffer) - sizeof(buffer[0])) > 0) { int ppid = 0; sscanf(buffer, "%*d (%*[^)]) %*c %d", &ppid); @@ -423,7 +423,7 @@ namespace Core { int VmSize = 0; snprintf(buffer, sizeof(buffer), "/proc/%d/statm", _pid); - if ((fd = open(buffer, O_RDONLY)) > 0) { + if ((fd = open(buffer, O_RDONLY)) != -1) { ssize_t readAmount = 0; if ((readAmount = read(fd, buffer, sizeof(buffer))) > 0) { ssize_t nulIndex = std::min(readAmount, static_cast(sizeof(buffer) - 1)); @@ -454,7 +454,7 @@ namespace Core { int VmRSS = 0; snprintf(buffer, sizeof(buffer), "/proc/%d/statm", _pid); - if ((fd = open(buffer, O_RDONLY)) > 0) { + if ((fd = open(buffer, O_RDONLY)) != -1) { ssize_t readAmount = 0; if ((readAmount = read(fd, buffer, sizeof(buffer))) > 0) { ssize_t nulIndex = std::min(readAmount, static_cast(sizeof(buffer) - 1)); @@ -485,7 +485,7 @@ namespace Core { int Share = 0; snprintf(buffer, sizeof(buffer), "/proc/%d/statm", _pid); - if ((fd = open(buffer, O_RDONLY)) > 0) { + if ((fd = open(buffer, O_RDONLY)) != -1) { ssize_t readAmount = 0; if ((readAmount = read(fd, buffer, sizeof(buffer))) > 0) { ssize_t nulIndex = std::min(readAmount, static_cast(sizeof(buffer) - 1)); diff --git a/Source/core/ResourceMonitor.h b/Source/core/ResourceMonitor.h index e0522e106..7450ee803 100644 --- a/Source/core/ResourceMonitor.h +++ b/Source/core/ResourceMonitor.h @@ -209,8 +209,8 @@ namespace Core { char procfn[64]; snprintf(procfn, sizeof(procfn), "/proc/self/fd/%d", info.descriptor); - size_t len = readlink(procfn, info.filename, sizeof(info.filename) - 1); - info.filename[len] = '\0'; + ssize_t len = readlink(procfn, info.filename, sizeof(info.filename) - 1); + info.filename[len >= 0 ? len : 0] = '\0'; #endif #ifdef __WINDOWS__ info.monitor = 0; diff --git a/Source/core/SerialPort.cpp b/Source/core/SerialPort.cpp index cd9566eb7..4221d8cda 100644 --- a/Source/core/SerialPort.cpp +++ b/Source/core/SerialPort.cpp @@ -848,6 +848,9 @@ void SerialPort::Read(const uint16_t readBytes) if (_sendOffset < _sendBytes) { uint32_t sendSize; + // coverity[overflow_sink] - False positive: _sendBytes and _sendOffset are uint16_t (max 65535), + // SendData() returns uint16_t, and POSIX guarantees write() returns at most count bytes. + // The guard above ensures _sendBytes > _sendOffset, so neither subtraction nor addition can overflow. sendSize = write(_descriptor, reinterpret_cast(&_sendBuffer[_sendOffset]), _sendBytes - _sendOffset); @@ -888,6 +891,9 @@ void SerialPort::Read(const uint16_t readBytes) uint32_t size = ::read(_descriptor, reinterpret_cast(&_receiveBuffer[_readBytes]), _receiveBufferSize - _readBytes); if ((size != static_cast(~0)) && (size != 0)) { + // coverity[INTEGER_OVERFLOW] - Intentional: POSIX read() returns at most the requested count + // (_receiveBufferSize - _readBytes), which is a uint16_t difference and thus <= UINT16_MAX. + // The sum _readBytes + size therefore never exceeds _receiveBufferSize, so no overflow occurs. _readBytes += size; if (_readBytes != 0) { diff --git a/Source/core/SocketPort.cpp b/Source/core/SocketPort.cpp index 30f1fe014..baed050c0 100644 --- a/Source/core/SocketPort.cpp +++ b/Source/core/SocketPort.cpp @@ -880,7 +880,7 @@ namespace Thunder { // See if we need to bind to a specific interface. if ((l_Result != INVALID_SOCKET) && (specificInterface.empty() == false)) { - struct ifreq interface; + struct ifreq interface = {}; #ifdef __APPLE__ strncpy(interface.ifr_name, specificInterface.c_str(), IFNAMSIZ - 1); int index = if_nametoindex(interface.ifr_name); diff --git a/Source/core/SystemInfo.cpp b/Source/core/SystemInfo.cpp index ea88cb526..6a69347b4 100644 --- a/Source/core/SystemInfo.cpp +++ b/Source/core/SystemInfo.cpp @@ -262,6 +262,8 @@ namespace Core { uint64_t CurrentIdleTime = CpuFields[3]; // 3 is index of idle ticks time uint64_t CurrentTickCount = 0L; + // coverity[OVERRUN] - Intentional: fscanf fills at most 4 fields (matching the 4 format specifiers), + // so numFields <= 4 and i < numFields always clamps the loop within CpuFields[0..3]. for (int i = 0; i < numFields && i < 10; ++i) { CurrentTickCount += CpuFields[i]; } diff --git a/Source/cryptalgo/HMAC.h b/Source/cryptalgo/HMAC.h index 41bea0e88..837047de2 100644 --- a/Source/cryptalgo/HMAC.h +++ b/Source/cryptalgo/HMAC.h @@ -70,7 +70,10 @@ namespace Crypto { } // We have a suitable key, move it to the inner and outer pads + // coverity[overrun] - False positive (#754): keyLength is always <= sizeof(_innerKeyPad) (64); + // when keyLength == 64 the memset count is 0, so no bytes are written. ::memset(&_innerKeyPad[keyLength], 0x36, sizeof(_innerKeyPad) - keyLength); + // coverity[overrun] - False positive (#770): same reasoning as above for _outerKeyPad. ::memset(&_outerKeyPad[keyLength], 0x5C, sizeof(_outerKeyPad) - keyLength); /* XOR key with inner keypad and outer key pad values */