Blame SOURCES/0005-tcp-Avoid-false-but-convoluted-positive-Coverity-CWE.patch

f07426
From 65d8d329620973319b577e9a1b0ffad528a4df1f Mon Sep 17 00:00:00 2001
f07426
From: Stefano Brivio <sbrivio@redhat.com>
f07426
Date: Mon, 27 Feb 2023 03:05:26 +0100
f07426
Subject: [PATCH 05/20] tcp: Avoid false (but convoluted) positive Coverity
f07426
 CWE-476 warning
f07426
f07426
If there are no TCP options in the header, tcp_tap_handler() will
f07426
pass the corresponding pointer, fetched via packet_get(), as NULL to
f07426
tcp_conn_from_sock_finish(), which in turn indirectly calls
f07426
tcp_opt_get().
f07426
f07426
If there are no options, tcp_opt_get() will stop right away because
f07426
the option length is indicated as zero. However, if the logic is
f07426
complicated enough to follow for static checkers, adding an explicit
f07426
check against NULL in tcp_opt_get() is probably a good idea.
f07426
f07426
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
f07426
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
f07426
(cherry picked from commit a1d5537741679c117b4c1a9b736ea2540a976eee)
f07426
---
f07426
 tcp.c | 2 +-
f07426
 1 file changed, 1 insertion(+), 1 deletion(-)
f07426
f07426
diff --git a/tcp.c b/tcp.c
f07426
index c62fe44..a811b5e 100644
f07426
--- a/tcp.c
f07426
+++ b/tcp.c
f07426
@@ -1114,7 +1114,7 @@ static int tcp_opt_get(const char *opts, size_t len, uint8_t type_find,
f07426
 {
f07426
 	uint8_t type, optlen;
f07426
 
f07426
-	if (!len)
f07426
+	if (!opts || !len)
f07426
 		return -1;
f07426
 
f07426
 	for (; len >= 2; opts += optlen, len -= optlen) {
f07426
-- 
f07426
2.39.2
f07426