-
Epic
-
Resolution: Unresolved
-
Undefined
-
None
-
None
-
[virtio-win] Coverity scan issues
-
100% To Do, 0% In Progress, 0% Done
-
rhel-virt-windows
-
ssg_virtualization
-
False
-
-
Unspecified
-
Unspecified
-
Unspecified
Goal
- < Goal-based statement, with context>
- For example: As a <user/actor>, I Want <to achieve some goal>, so that <some reason/context>.
- https://scan.coverity.com/projects/virtio-win-kvm-guest-drivers-windows?tab=overview
- Please find the latest report on new defect(s) introduced to virtio-win/kvm-guest-drivers-windows found with Coverity Scan.
121 new defect(s) introduced to virtio-win/kvm-guest-drivers-windows found with Coverity Scan.
136 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 121 defect(s)
** CID 475476: (DC.DEBUGAPI)
/NetKVM/CoInstaller/NetKVMnetsh.cpp: 1182 in NetKVMNetshStartHelper(const _GUID *, unsigned long)()
/NetKVM/CoInstaller/NetKVMnetsh.cpp: 1172 in NetKVMNetshStartHelper(const _GUID *, unsigned long)()
/NetKVM/CoInstaller/NetKVMnetsh.cpp: 1144 in NetKVMNetshStartHelper(const _GUID *, unsigned long)()
__________________________________________________________________________________________________________
*** CID 475476: (DC.DEBUGAPI)
/NetKVM/CoInstaller/NetKVMnetsh.cpp: 1182 in NetKVMNetshStartHelper(const _GUID *, unsigned long)()
1176 PrintError(g_hinstThisDLL, IDS_LOGICEXCEPTION);
1177 tcout << TEXT(": ") << string2tstring(string(ex.what())) << endl;
1178 return ERROR_EXCEPTION_IN_SERVICE;
1179 }
1180 catch (...)
1181 {
>>> CID 475476: (DC.DEBUGAPI)
>>> Calling "OutputDebugStringW" may expose sensitive information.
1182 NETCO_DEBUG_PRINT(TEXT("Unknown exception"));
1183 return ERROR_UNKNOWN_EXCEPTION;
1184 }
1185
1186 return NO_ERROR;
1187 }
/NetKVM/CoInstaller/NetKVMnetsh.cpp: 1172 in NetKVMNetshStartHelper(const _GUID *, unsigned long)()
1166 attr.ulNumGroups = ARRAYSIZE(g_TopLevelGroups);
1167 attr.pCmdGroups = (CMD_GROUP_ENTRY
[])g_TopLevelGroups;
1168 attr.pfnDumpFn = (PNS_CONTEXT_DUMP_FN)_NetKVMDumpCdmHandler;
1169 attr.pReserved = NULL;
1170 RegisterContext(&attr);
1171
>>> CID 475476: (DC.DEBUGAPI)
>>> Calling "OutputDebugStringW" may expose sensitive information.
1172 NETCO_DEBUG_PRINT(TEXT("RegisterContext returned"));
1173 }
1174 catch (const exception &ex)
1175 {
1176 PrintError(g_hinstThisDLL, IDS_LOGICEXCEPTION);
1177 tcout << TEXT(": ") << string2tstring(string(ex.what())) << endl;
/NetKVM/CoInstaller/NetKVMnetsh.cpp: 1144 in NetKVMNetshStartHelper(const _GUID *, unsigned long)()
1138 {
1139 try
1140 {
1141 UNREFERENCED_PARAMETER(pguidParent);
1142 UNREFERENCED_PARAMETER(dwVersion);
1143
>>> CID 475476: (DC.DEBUGAPI)
>>> Calling "OutputDebugStringW" may expose sensitive information.
1144 NETCO_DEBUG_PRINT(TEXT("NetKVMNetshStartHelper called"));
1145
1146 pair<HDEVINFO, vector<_NetKVMDeviceInfo>> Devices = _NetKVMGetDevicesOfInterest();
1147 g_hDeviceInfoList = Devices.first;
1148 g_DevicesOfInterest = Devices.second;
1149
** CID 475475: Control flow issues (DEADCODE)
/Program Files/Microsoft Visual Studio/2022/BuildTools/VC/Tools/MSVC/14.38.33130/atlmfc/include/statreg.h: 294 in ATL::CRegParser::CParseBuffer::AddString(const wchar_t *)()
__________________________________________________________________________________________________________
*** CID 475475: Control flow issues (DEADCODE)
/Program Files/Microsoft Visual Studio/2022/BuildTools/VC/Tools/MSVC/14.38.33130/atlmfc/include/statreg.h: 294 in ATL::CRegParser::CParseBuffer::AddString(const wchar_t *)()
288 {
289 if (lpsz == NULL)
290 {
291 return FALSE;
292 }
293 USES_CONVERSION_EX;
>>> CID 475475: Control flow issues (DEADCODE)
>>> Execution cannot reach the expression "NULL" inside this statement: "lpszT = (LPCSTR)(((_lpw_ex ...".
294 LPCTSTR lpszT = OLE2CT_EX(lpsz, _ATL_SAFE_ALLOCA_DEF_THRESHOLD);
295 if (lpszT == NULL)
296 {
297 return FALSE;
298 }
299 return Append(lpszT, (int)_tcslen(lpszT));
** CID 475474: Security best practices violations (DC.DEBUGAPI)
/NetKVM/CoInstaller/netkvmco.cpp: 253 in ProcessCommand(int, char **, _CMD_ENTRY *)()
__________________________________________________________________________________________________________
*** CID 475474: Security best practices violations (DC.DEBUGAPI)
/NetKVM/CoInstaller/netkvmco.cpp: 253 in ProcessCommand(int, char **, _CMD_ENTRY *)()
247 {
248 CArguments a(argc, argv);
249 BOOL done = false;
250 ULONG res = Cmd->pfnCmdHandler(NULL, a.GetCopy(), 1, argc, 0, NULL, &done);
251 if (res)
252 {
>>> CID 475474: Security best practices violations (DC.DEBUGAPI)
>>> Calling "OutputDebugStringA" may expose sensitive information.
253 Log("%s: returns %d", __FUNCTION, res);
254 CString help;
255 (void)help.LoadString(Cmd->dwCmdHlpToken);
256 printf("%S", help.GetString());
257 }
258 return res;
** CID 475473: Insecure data handling (INTEGER_OVERFLOW)
/viostor/virtio_stor.c: 1593 in RhelScsiGetInquiryData()
__________________________________________________________________________________________________________
*** CID 475473: Insecure data handling (INTEGER_OVERFLOW)
/viostor/virtio_stor.c: 1593 in RhelScsiGetInquiryData()
1587
1588 if (dataLen >= 0x18)
1589 {
1590 UCHAR len = strlen(adaptExt->sn);
1591 SerialPage->PageLength = min(BLOCK_SERIAL_STRLEN, len);
1592 RhelDbgPrint(TRACE_LEVEL_INFORMATION, "PageLength = %d (%d)\n", SerialPage->PageLength, len);
>>> CID 475473: Insecure data handling (INTEGER_OVERFLOW)
>>> "SerialPage->PageLength", which might have overflowed, is passed to "memcpy(&SerialPage->SerialNumber, &adaptExt->sn, SerialPage->PageLength)".
1593 StorPortCopyMemory(&SerialPage->SerialNumber, &adaptExt->sn, SerialPage->PageLength);
1594 SRB_SET_DATA_TRANSFER_LENGTH(Srb, (sizeof(VPD_SERIAL_NUMBER_PAGE) + SerialPage->PageLength));
1595 }
1596 else
1597 {
1598 RhelDbgPrint(TRACE_LEVEL_ERROR, "RhelGetSerialNumber invalid dataLen = %d.\n", dataLen);
** CID 475472: Security best practices violations (DC.DEBUGAPI)
/NetKVM/ProtocolService/ProtocolService.cpp: 412 in CDeviceNotification::Register(_CM_NOTIFY_FILTER *)()
__________________________________________________________________________________________________________
*** CID 475472: Security best practices violations (DC.DEBUGAPI)
/NetKVM/ProtocolService/ProtocolService.cpp: 412 in CDeviceNotification::Register(_CM_NOTIFY_FILTER *)()
406 }
407 return res;
408 },
409 &m_Notification);
410 if (!m_Notification)
411 {
>>> CID 475472: Security best practices violations (DC.DEBUGAPI)
>>> Calling "OutputDebugStringA" may expose sensitive information.
412 Log("%s: failed to register, cr %d", __FUNCTION, cr);
413 }
414 return m_Notification != NULL;
415 // clang-format on
416 }
417 ~CDeviceNotification()
** CID 475471: Uninitialized variables (MISSING_RETURN)
/viosock/sys/viosock.h: 567 in VIOSockReadProcessDequeueCb()
__________________________________________________________________________________________________________
*** CID 475471: Uninitialized variables (MISSING_RETURN)
/viosock/sys/viosock.h: 567 in VIOSockReadProcessDequeueCb()
561 _Requires_lock_not_held(pSocket->RxLock) BOOLEAN VIOSockReadDequeueCb(IN PSOCKET_CONTEXT pSocket);_
562
563 _Requires_lock_not_held(pSocket->RxLock) _inline VIOSockReadProcessDequeueCb(IN PSOCKET_CONTEXT pSocket)
564 {
565 while (VIOSockReadDequeueCb(pSocket))
566 ;
>>> CID 475471: Uninitialized variables (MISSING_RETURN)
>>> Arriving at the end of a function without returning a value.
567 }
568
569 _Requires_lock_not_held(pSocket->RxLock) VOID VIOSockReadCleanupCb(IN PSOCKET_CONTEXT pSocket);_
570
571 NTSTATUS
572 VIOSockReadWithFlags(IN WDFREQUEST Request);
** CID 475470: Security best practices violations (DC.DEBUGAPI)
/NetKVM/ProtocolService/ProtocolService.cpp: 138 in CNetCfg::EnableComponents(const ATL::CStringT<unsigned short, ATL::StrTraitATL<unsigned short, ATL::ChTraitsCRT<unsigned short>>> &, _tBindingState)()
__________________________________________________________________________________________________________
*** CID 475470: Security best practices violations (DC.DEBUGAPI)
/NetKVM/ProtocolService/ProtocolService.cpp: 138 in CNetCfg::EnableComponents(const ATL::CStringT<unsigned short, ATL::StrTraitATL<unsigned short, ATL::ChTraitsCRT<unsigned short>>> &, _tBindingState)()
132 continue;
133 }
134 bool found = !Name.CompareNoCase(id);
135 CoTaskMemFree(id);
136 if (found)
137 {
>>> CID 475470: Security best practices violations (DC.DEBUGAPI)
>>> Calling "OutputDebugStringA" may expose sensitive information.
138 Log("found %S", Name.GetString());
139 CComPtr<INetCfgComponentBindings> bindings;
140 CComPtr<IEnumNetCfgBindingPath> paths;
141 hr = adapter->QueryInterface(IID_INetCfgComponentBindings, (LPVOID *)&bindings);
142 if (hr != S_OK)
143 {
** CID 475469: Control flow issues (DEADCODE)
/Program Files/Microsoft Visual Studio/2022/BuildTools/VC/Tools/MSVC/14.38.33130/atlmfc/include/statreg.h: 608 in ATL::CRegObject::ResourceUnregisterSz(const wchar_t *, const wchar_t *, const wchar_t *)()
__________________________________________________________________________________________________________
*** CID 475469: Control flow issues (DEADCODE)
/Program Files/Microsoft Visual Studio/2022/BuildTools/VC/Tools/MSVC/14.38.33130/atlmfc/include/statreg.h: 608 in ATL::CRegObject::ResourceUnregisterSz(const wchar_t *, const wchar_t *, const wchar_t *)()
602 _In_z LPCOLESTR szType)_
603 {
604 USES_CONVERSION_EX;
605 if (szID == NULL || szType == NULL)
606 return E_INVALIDARG;
607
>>> CID 475469: Control flow issues (DEADCODE)
>>> Execution cannot reach the expression "NULL" inside this statement: "lpszID = (LPCSTR)(((_lpw_ex...".
608 LPCTSTR lpszID = OLE2CT_EX(szID, _ATL_SAFE_ALLOCA_DEF_THRESHOLD);
609 LPCTSTR lpszType = OLE2CT_EX(szType, _ATL_SAFE_ALLOCA_DEF_THRESHOLD);
610 #ifndef _UNICODE
611 if (lpszID == NULL || lpszType == NULL)
612 {
613 return E_OUTOFMEMORY;
** CID 475468: Performance inefficiencies (COPY_INSTEAD_OF_MOVE)
/NetKVM/CoInstaller/NetKVMnetsh.cpp: 714 in _NetKVMGetParamCmdHandler(unsigned short *, unsigned short **, unsigned long, unsigned long, unsigned long, void *, int *)()
__________________________________________________________________________________________________________
*** CID 475468: Performance inefficiencies (COPY_INSTEAD_OF_MOVE)
/NetKVM/CoInstaller/NetKVMnetsh.cpp: 714 in _NetKVMGetParamCmdHandler(unsigned short *, unsigned short **, unsigned long, unsigned long, unsigned long, void *, int *)()
708 {
709 DWORD dwIndex;
710 if (NetKVMConvertDeviceIndex(ppwcArguments[dwCurrentIndex + pdwTagMatchResults.get()[0]],
711 &dwIndex))
712 {
713 wstring wstrParamName = ppwcArguments[dwCurrentIndex + pdwTagMatchResults.get()[1]];
>>> CID 475468: Performance inefficiencies (COPY_INSTEAD_OF_MOVE)
>>> "wstrParamName" is passed-by-value as parameter to "std::basic_string<unsigned short, std::char_traits<unsigned short>, std::allocator<unsigned short> >::basic_string(std::basic_string<unsigned short, std::char_traits<unsigned short>, std::allocator<unsigned short> > const &)", when it could be moved instead.
714 tstring strParamName = wstring2tstring(wstrParamName);
715 tstring strParamValue;
716
717 if (!_NetKVMQueryParamValue(dwIndex, strParamName, strParamValue))
718 {
719 return ERROR_INVALID_PARAMETER;
** CID 475467: Security best practices violations (DC.DEBUGAPI)
/NetKVM/ProtocolService/ProtocolService.cpp: 1062 in CProtocolServiceImplementation::Notification(_CM_NOTIFY_ACTION, _CM_NOTIFY_EVENT_DATA *, unsigned long)()
__________________________________________________________________________________________________________
*** CID 475467: Security best practices violations (DC.DEBUGAPI)
/NetKVM/ProtocolService/ProtocolService.cpp: 1062 in CProtocolServiceImplementation::Notification(_CM_NOTIFY_ACTION, _CM_NOTIFY_EVENT_DATA *, unsigned long)()
1056 CMutex m_AdaptersMutex;
1057 bool Notification(CM_NOTIFY_ACTION action, PCM_NOTIFY_EVENT_DATA data, DWORD dataSize) override
1058 {
1059 UNREFERENCED_PARAMETER(action);
1060 UNREFERENCED_PARAMETER(data);
1061 UNREFERENCED_PARAMETER(dataSize);
>>> CID 475467: Security best practices violations (DC.DEBUGAPI)
>>> Calling "OutputDebugStringA" may expose sensitive information.
1062 Log(" => Network change notification");
1063 m_ThreadEvent.Set();
1064 return true;
1065 }
1066
1067 private:
** CID 475466: (DC.DEBUGAPI)
/NetKVM/ProtocolService/CProcessRunner.h: 100 in CProcessRunner::RunProcess(ATL::CStringT<unsigned short, ATL::StrTraitATL<unsigned short, ATL::ChTraitsCRT<unsigned short>>> &)()
/NetKVM/ProtocolService/CProcessRunner.h: 112 in CProcessRunner::RunProcess(ATL::CStringT<unsigned short, ATL::StrTraitATL<unsigned short, ATL::ChTraitsCRT<unsigned short>>> &)()
/NetKVM/ProtocolService/CProcessRunner.h: 119 in CProcessRunner::RunProcess(ATL::CStringT<unsigned short, ATL::StrTraitATL<unsigned short, ATL::ChTraitsCRT<unsigned short>>> &)()
/NetKVM/ProtocolService/CProcessRunner.h: 81 in CProcessRunner::RunProcess(ATL::CStringT<unsigned short, ATL::StrTraitATL<unsigned short, ATL::ChTraitsCRT<unsigned short>>> &)()
__________________________________________________________________________________________________________
*** CID 475466: (DC.DEBUGAPI)
/NetKVM/ProtocolService/CProcessRunner.h: 100 in CProcessRunner::RunProcess(ATL::CStringT<unsigned short, ATL::StrTraitATL<unsigned short, ATL::ChTraitsCRT<unsigned short>>> &)()
94 if (m_Redirect)
95 {
96 m_StdOut.CloseWrite();
97 m_StdErr.CloseWrite();
98 }
99 ResumeThread(pi.hThread);
>>> CID 475466: (DC.DEBUGAPI)
>>> Calling "OutputDebugStringA" may expose sensitive information.
100 Log(" Running %S succeded", CommandLine.GetString());
101 while (m_WaitTime && WaitForSingleObject(pi.hProcess, m_WaitTime) == WAIT_TIMEOUT)
102 {
103 if (ShouldTerminate())
104 {
105 Terminate();
/NetKVM/ProtocolService/CProcessRunner.h: 112 in CProcessRunner::RunProcess(ATL::CStringT<unsigned short, ATL::StrTraitATL<unsigned short, ATL::ChTraitsCRT<unsigned short>>> &)()
106 }
107 }
108 Flush();
109 if (!GetExitCodeProcess(pi.hProcess, &m_ExitCode))
110 {
111 m_ExitCode = GetLastError();
>>> CID 475466: (DC.DEBUGAPI)
>>> Calling "OutputDebugStringA" may expose sensitive information.
112 Log(" exit code %d after waiting %d ms", m_ExitCode, m_WaitTime);
113 }
114 PostProcess(m_ExitCode);
115 }
116 else
117 {
/NetKVM/ProtocolService/CProcessRunner.h: 119 in CProcessRunner::RunProcess(ATL::CStringT<unsigned short, ATL::StrTraitATL<unsigned short, ATL::ChTraitsCRT<unsigned short>>> &)()
113 }
114 PostProcess(m_ExitCode);
115 }
116 else
117 {
118 m_ExitCode = GetLastError();
>>> CID 475466: (DC.DEBUGAPI)
>>> Calling "OutputDebugStringA" may expose sensitive information.
119 Log(" Running %S failed, error %d", CommandLine.GetString(), m_ExitCode);
120 }
121 if (pi.hProcess)
122 {
123 CloseHandle(pi.hProcess);
124 }
/NetKVM/ProtocolService/CProcessRunner.h: 81 in CProcessRunner::RunProcess(ATL::CStringT<unsigned short, ATL::StrTraitATL<unsigned short, ATL::ChTraitsCRT<unsigned short>>> &)()
75 si.hStdOutput = m_StdOut.WriteHandle();
76 si.hStdError = m_StdErr.WriteHandle();
77 si.hStdInput = m_StdIn.ReadHandle();
78 si.dwFlags |= STARTF_USESTDHANDLES;
79 }
80
>>> CID 475466: (DC.DEBUGAPI)
>>> Calling "OutputDebugStringA" may expose sensitive information.
81 Log(" Running %S ...", CommandLine.GetString());
82 result = CreateProcess(NULL,
83 CommandLine.GetBuffer(),
84 NULL,
85 NULL,
86 m_Redirect,
** CID 475465: Control flow issues (DEADCODE)
/viomem/sys/viomem.c: 1730 in SynchronizeDeviceAndDriverMemory()
__________________________________________________________________________________________________________
*** CID 475465: Control flow issues (DEADCODE)
/viomem/sys/viomem.c: 1730 in SynchronizeDeviceAndDriverMemory()
1724 // If all blocks of memory are plugged, the state VIRTIO_MEM_STATE_PLUGGED
1725 // is returned. The bitmap representation of memory must be updated to
1726 // reflect the state. For VIRTIO_MEM_STATE_UNPLUGGED, there is no need
1727 // to do anything (the bitmap representation is filled with zeros already).
1728 //
1729
>>> CID 475465: Control flow issues (DEADCODE)
>>> Execution cannot reach this statement: "if (SendStateRequest(Device...".
1730 if (SendStateRequest(Device, startBlockAddr, (virtio16)NumberOfBlocks, &state))
1731 {
1732 if (state == VIRTIO_MEM_STATE_PLUGGED || state == VIRTIO_MEM_STATE_UNPLUGGED)
1733 {
1734 if (state == VIRTIO_MEM_STATE_PLUGGED)
1735 {
** CID 475464: Security best practices violations (DC.DEBUGAPI)
/NetKVM/ProtocolService/Service.h: 210 in CService::Control(unsigned char)()
__________________________________________________________________________________________________________
*** CID 475464: Security best practices violations (DC.DEBUGAPI)
/NetKVM/ProtocolService/Service.h: 210 in CService::Control(unsigned char)()
204 {
205 if (m_Handle)
206 {
207 SERVICE_STATUS status;
208 if (!ControlService(m_Handle, code, &status))
209 {
>>> CID 475464: Security best practices violations (DC.DEBUGAPI)
>>> Calling "OutputDebugStringA" may expose sensitive information.
210 Log("%s: error %d", __FUNCTION, GetLastError());
211 }
212 }
213 }
214
215 protected:
** CID 475463: Integer handling issues (INTEGER_OVERFLOW)
/Program Files/Windows Kits/10/Include/10.0.26100.0/shared/strsafe.h: 9972 in StringCopyWorkerW()
__________________________________________________________________________________________________________
*** CID 475463: Integer handling issues (INTEGER_OVERFLOW)
/Program Files/Windows Kits/10/Include/10.0.26100.0/shared/strsafe.h: 9972 in StringCopyWorkerW()
9966 }
9967
9968 if (cchDest == 0)
9969 {
9970 // we are going to truncate pszDest
9971 pszDest--;
>>> CID 475463: Integer handling issues (INTEGER_OVERFLOW)
>>> Expression "cchNewDestLength-", where "cchNewDestLength" is known to be equal to 0, underflows the type of "cchNewDestLength-", which is type "size_t".
9972 cchNewDestLength--;
9973
9974 hr = STRSAFE_E_INSUFFICIENT_BUFFER;
9975 }
9976
9977 *pszDest = L'\0';
** CID 475462: (TAINTED_SCALAR)
/viofs/svc/virtiofs.cpp: 2274 in ReadDirectory(_FSP_FILE_SYSTEM *, void *, wchar_t *, wchar_t *, void *, unsigned long, unsigned long *)()
/viofs/svc/virtiofs.cpp: 2261 in ReadDirectory(_FSP_FILE_SYSTEM *, void *, wchar_t *, wchar_t *, void *, unsigned long, unsigned long *)()
__________________________________________________________________________________________________________
*** CID 475462: (TAINTED_SCALAR)
/viofs/svc/virtiofs.cpp: 2274 in ReadDirectory(_FSP_FILE_SYSTEM *, void *, wchar_t *, wchar_t *, void *, unsigned long, unsigned long *)()
2268 DirEntryPlus->dirent.name);
2269
2270 ZeroMemory(DirInfoBuf, sizeof(DirInfoBuf));
2271
2272 // Not using FspPosixMapPosixToWindowsPath so we can do
2273 // the conversion in-place.
>>> CID 475462: (TAINTED_SCALAR)
>>> Passing tainted expression "DirEntryPlus->dirent.namelen" to "MultiByteToWideChar", which uses it as an offset.
2274 FileNameLength = MultiByteToWideChar(CP_UTF8,
2275 0,
2276 DirEntryPlus->dirent.name,
2277 DirEntryPlus->dirent.namelen,
2278 DirInfo->FileNameBuf,
2279 MAX_PATH);
/viofs/svc/virtiofs.cpp: 2261 in ReadDirectory(_FSP_FILE_SYSTEM *, void *, wchar_t *, wchar_t *, void *, unsigned long, unsigned long *)()
2255 // entries.
2256 break;
2257 }
2258
2259 DirEntryPlus = (struct fuse_direntplus *)read_out->buf;
2260
>>> CID 475462: (TAINTED_SCALAR)
>>> Using tainted variable "Remains" as a loop boundary.
2261 while (Remains > sizeof(struct fuse_direntplus))
2262 {
2263 DBG("ino=%I64u off=%I64u namelen=%u type=%u name=%s",
2264 DirEntryPlus->dirent.ino,
2265 DirEntryPlus->dirent.off,
2266 DirEntryPlus->dirent.namelen,
** CID 475461: Error handling issues (UNCAUGHT_EXCEPT)
/NetKVM/CoInstaller/netkvmco.cpp: 346 in main()
__________________________________________________________________________________________________________
*** CID 475461: Error handling issues (UNCAUGHT_EXCEPT)
/NetKVM/CoInstaller/netkvmco.cpp: 346 in main()
340 Usage();
341 }
342 NetKVMNetshStopHelper(0);
343 return res;
344 }
345
>>> CID 475461: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ATL::CAtlException" is thrown and never caught.
346 int main(int argc, char **argv)
347 {
348 return ProcessNetkvmCommand(argc - 1, argv + 1);
** CID 475460: Control flow issues (DEADCODE)
/Program Files/Microsoft Visual Studio/2022/BuildTools/VC/Tools/MSVC/14.38.33130/atlmfc/include/statreg.h: 572 in ATL::CRegObject::ResourceRegisterSz(const wchar_t *, const wchar_t *, const wchar_t *)()
__________________________________________________________________________________________________________
*** CID 475460: Control flow issues (DEADCODE)
/Program Files/Microsoft Visual Studio/2022/BuildTools/VC/Tools/MSVC/14.38.33130/atlmfc/include/statreg.h: 572 in ATL::CRegObject::ResourceRegisterSz(const wchar_t *, const wchar_t *, const wchar_t *)()
566 {
567 USES_CONVERSION_EX;
568 if (szID == NULL || szType == NULL)
569 return E_INVALIDARG;
570
571 LPCTSTR lpszID = OLE2CT_EX(szID, _ATL_SAFE_ALLOCA_DEF_THRESHOLD);
>>> CID 475460: Control flow issues (DEADCODE)
>>> Execution cannot reach the expression "NULL" inside this statement: "lpszType = (LPCSTR)(((_lpw..."._
572 LPCTSTR lpszType = OLE2CT_EX(szType, _ATL_SAFE_ALLOCA_DEF_THRESHOLD);
573 #ifndef _UNICODE
574 if (lpszID == NULL || lpszType==NULL)
575 {
576 return E_OUTOFMEMORY;
577 }
** CID 475459: Security best practices violations (DC.DEBUGAPI)
/NetKVM/ProtocolService/Service.h: 433 in CServiceImplementation::CServiceState::Stoppable()()
__________________________________________________________________________________________________________
*** CID 475459: Security best practices violations (DC.DEBUGAPI)
/NetKVM/ProtocolService/Service.h: 433 in CServiceImplementation::CServiceState::Stoppable()()
427 Log("%s = %d", __FUNCTION, b);
428 SetServiceStatus(hService, &status);
429 }
430 bool Stoppable()
431 {
432 bool b = (status.dwControlsAccepted & SERVICE_ACCEPT_STOP) != 0;
>>> CID 475459: Security best practices violations (DC.DEBUGAPI)
>>> Calling "OutputDebugStringA" may expose sensitive information.
433 Log("%s = %d", __FUNCTION, b);
434 return b;
435 }
436 CEvent m_StopEvent;
437 };
438 CServiceState m_State;
** CID 475458: (NO_EFFECT)
/viomem/sys/Device.c: 205 in ViomemEvtDevicePrepareHardware()
/viomem/sys/Device.c: 188 in ViomemEvtDevicePrepareHardware()
__________________________________________________________________________________________________________
*** CID 475458: (NO_EFFECT)
/viomem/sys/Device.c: 205 in ViomemEvtDevicePrepareHardware()
199 PAGE_SIZE,
200 VIRTIO_MEM_POOL_TAG);
201 }
202
203 if (devCtx->MemoryResponse)
204 {
>>> CID 475458: (NO_EFFECT)
>>> Argument "1836346710" in "memset" loses precision in "memset(devCtx->MemoryResponse, 1836346710, 10U)".
205 RtlFillMemory(devCtx->MemoryResponse, sizeof(virtio_mem_resp), VIRTIO_MEM_POOL_TAG);
206 }
207 else
208 {
209 TraceEvents(TRACE_LEVEL_ERROR, DBG_POWER, "Failed to allocate MemoryResponse block\n");
210 status = STATUS_INSUFFICIENT_RESOURCES;
/viomem/sys/Device.c: 188 in ViomemEvtDevicePrepareHardware()
182 PAGE_SIZE,
183 VIRTIO_MEM_POOL_TAG);
184 }
185
186 if (devCtx->plugRequest)
187 {
>>> CID 475458: (NO_EFFECT)
>>> Argument "1836346710" in "memset" loses precision in "memset(devCtx->plugRequest, 1836346710, 24U)".
188 RtlFillMemory(devCtx->plugRequest, sizeof(virtio_mem_req), VIRTIO_MEM_POOL_TAG);
189 }
190 else
191 {
192 TraceEvents(TRACE_LEVEL_ERROR, DBG_POWER, "Failed to allocate MemStats block\n");
193 status = STATUS_INSUFFICIENT_RESOURCES;
** CID 475457: Security best practices violations (DC.DEBUGAPI)
/NetKVM/ProtocolService/ProtocolService.cpp: 404 in CDeviceNotification::Register(_CM_NOTIFY_FILTER *)::[lambda(HCMNOTIFICATION__ *, void *, _CM_NOTIFY_ACTION, _CM_NOTIFY_EVENT_DATA *, unsigned long) (instance 1)]::operator ()(HCMNOTIFICATION_ *, void *, CM_NOTIFY_ACTION, _CM_NOTIFY_EVENT_DATA *, unsigned long) const()
__________________________________________________________________________________________________________
*** CID 475457: Security best practices violations (DC.DEBUGAPI)
/NetKVM/ProtocolService/ProtocolService.cpp: 404 in CDeviceNotification::Register(_CM_NOTIFY_FILTER *)::[lambda(HCMNOTIFICATION__ *, void *, _CM_NOTIFY_ACTION, _CM_NOTIFY_EVENT_DATA *, unsigned long) (instance 1)]::operator ()(HCMNOTIFICATION_ *, void *, CM_NOTIFY_ACTION, _CM_NOTIFY_EVENT_DATA *, unsigned long) const()
398 [](HCMNOTIFICATION h, PVOID Context, CM_NOTIFY_ACTION Action, PCM_NOTIFY_EVENT_DATA EventData, DWORD EventDataSize) -> DWORD
399 {
400 CDeviceNotification* obj = (CDeviceNotification*)Context;
401 DWORD res = obj->Notification(Action, EventData, EventDataSize) ? ERROR_SUCCESS : ERROR_CANCELLED;
402 if (res != ERROR_SUCCESS)
403 {
>>> CID 475457: Security best practices violations (DC.DEBUGAPI)
>>> Calling "OutputDebugStringA" may expose sensitive information.
404 Log("WARNING: returning %d from PnP notification", res);
405 UNREFERENCED_PARAMETER(h);
406 }
407 return res;
408 },
409 &m_Notification);
Acceptance criteria
A list of verification conditions, successful functional tests, or expected outcomes in order to declare this story/task successfully completed.
- Verify X
- Verify Y
- Verify Z
