diff --git a/source/MRD/mrd.c b/source/MRD/mrd.c index 918bd43..32de413 100644 --- a/source/MRD/mrd.c +++ b/source/MRD/mrd.c @@ -44,9 +44,10 @@ #define MRD_ARP_CACHE "/proc/net/arp" #define MRD_ARP_STRING_LEN 1023 #define MRD_ARP_BUFFER_LEN (MRD_ARP_STRING_LEN + 1) -/* Format for reading the 1st, and 4th space-delimited fields */ +/* Format for reading the 1st, and 4th space-delimited fields */ +/*CID 746316: (#1 of 1): Out-of-bounds write (OVERRUN) coverity fix */ #define MRD_ARP_LINE_FORMAT "%1023s %*s %*s " \ - "%1023s %*s %*s" + "%19s %*s %*s" #define MRD_SHM_EXISTS 17 #define MRD_MAX_LOG 20000 #define MRD_LOG_FILE "/rdklogs/logs/mrdtrace.log" @@ -126,7 +127,8 @@ static int mrd_getMACAddress(char *ipaddress, char *mac) { FILE *arpCache; char header[MRD_ARP_BUFFER_LEN]; - char ipAddr[MAC_ADDRESS_SIZE]; + /*CID 746316: (#1 of 1): Out-of-bounds write (OVERRUN) coverity fix */ + char ipAddr[MRD_ARP_BUFFER_LEN]; errno_t rc = -1; int ind = -1; diff --git a/source/TR-181/board_sbapi/cosa_moca_apis.c b/source/TR-181/board_sbapi/cosa_moca_apis.c index 3ccf0b5..fc3adc3 100644 --- a/source/TR-181/board_sbapi/cosa_moca_apis.c +++ b/source/TR-181/board_sbapi/cosa_moca_apis.c @@ -570,6 +570,12 @@ CosaDmlMocaIfReset { return ANSC_STATUS_FAILURE; } + /* Coverity CID 414230: STRING_NULL — validate all pointer params before any dereference */ + if ( !MCfg ) + { + CcspTraceWarning(("CosaDmlMocaIfReset -- MCfg is NULL\n")); + return ANSC_STATUS_FAILURE; + } if (!pInfo) { @@ -605,7 +611,7 @@ CosaDmlMocaIfReset } mocaCfg.Alias[sizeof(mocaCfg.Alias) - 1] = '\0'; mocaCfg.KeyPassphrase[sizeof(mocaCfg.KeyPassphrase) - 1] = '\0'; - + mocaCfg.NodeTabooMask[sizeof(mocaCfg.NodeTabooMask) - 1] = (UCHAR)'\0'; /* MoCA Interface Setting to FALSE and syscfg commit it. That mean, we are disabled the MoCA interface here */ CcspTraceWarning(("%s > Disabling MoCA Interface...\n", __func__)); pCfg->bEnabled = FALSE; @@ -1069,7 +1075,7 @@ CosaDmlMocaIfGetCfg * Hence disabled it. */ // pCfg->InstanceNumber = mocaCfg.InstanceNumber; - rc = STRCPY_S_NOCLOBBER(pCfg->Alias, sizeof(pCfg->Alias), mocaCfg.Alias); + rc = STRCPY_S_NOCLOBBER(pCfg->Alias, sizeof(pCfg->Alias), mocaCfg.Alias); if(rc != EOK) { ERR_CHK(rc); @@ -1081,6 +1087,8 @@ CosaDmlMocaIfGetCfg { AnscTraceWarning(("syscfg db and moca driver value are not in sync, setting db value to driver\n")); mocaCfg.bEnabled=moca_enable_db; + /* CID 348463 coverity fix for string null error */ + mocaCfg.NodeTabooMask[sizeof(mocaCfg.NodeTabooMask) - 1] = (UCHAR)'\0'; if ( moca_SetIfConfig(uIndex, &mocaCfg) != STATUS_SUCCESS) { AnscTraceWarning(("moca_SetIfConfig returns error\n")); diff --git a/source/TR-181/board_sbapi/cosa_moca_webconfig_api.c b/source/TR-181/board_sbapi/cosa_moca_webconfig_api.c index a284b4d..f495db5 100644 --- a/source/TR-181/board_sbapi/cosa_moca_webconfig_api.c +++ b/source/TR-181/board_sbapi/cosa_moca_webconfig_api.c @@ -300,11 +300,13 @@ int rollback_moca_conf() /* Coverity CID 348464: STRING_NULL — ensure HAL string fields are terminated */ mocaCfg.Alias[sizeof(mocaCfg.Alias) - 1] = '\0'; mocaCfg.KeyPassphrase[sizeof(mocaCfg.KeyPassphrase) - 1] = '\0'; - + if( g_bMocaEnable_bkup != mocaCfg.bEnabled ) { CcspTraceWarning(("%s: updating hal with backup value %d \n", __FUNCTION__, g_bMocaEnable_bkup )); mocaCfg.bEnabled = g_bMocaEnable_bkup; + /* Coverity CID 348464: STRING_NULL — ensure HAL string fields are terminated */ + mocaCfg.NodeTabooMask[sizeof(mocaCfg.NodeTabooMask) - 1] = (UCHAR)'\0'; if ( moca_SetIfConfig(0, &mocaCfg) != STATUS_SUCCESS) { CcspTraceWarning(("%s: rollback_moca_conf hal call failed \n", __FUNCTION__));