freeipa

Clone
Source Code
GIT

#9274 ipa-join: pass the curl write function by name, not address
Closed: fixed a year ago by frenaud. Opened a year ago by rcritten.

Closed: fixed
Reopen Issue

Issue

Coverity warns about passing in the curl write callback function by address rather than by name.

Error: BAD_SIZEOF (CWE-467): [#def30]
freeipa-4.10.0/client/ipa-join.c:725: bad_sizeof: Taking the size of "&jsonrpc_handle_response", which is the address of an object, is suspicious.
freeipa-4.10.0/client/ipa-join.c:725: remediation: Did you intend the size of "jsonrpc_handle_response" itself?
#  723|       CURL_SETOPT(curl, CURLOPT_CAINFO, DEFAULT_CA_CERT_FILE);
#  724|   
#  725|->     CURL_SETOPT(curl, CURLOPT_WRITEFUNCTION, &jsonrpc_handle_response);
#  726|       CURL_SETOPT(curl, CURLOPT_WRITEDATA, response);
#  727|

The sample in the curl documentation also doesn't pass by address, https://curl.se/libcurl/c/CURLOPT_WRITEFUNCTION.html

C treats these equivalently but Coverity I guess doesn't handle function pointers correctly in all cases. Still, it is more correct per the curl examples, etc to pass by name so do that.

master:

  • 4a2c7b3 Pass the curl write callback by name instead of address

ipa-4-9:

  • 9d184a2 Pass the curl write callback by name instead of address

ipa-4-10:

  • 5631e47 Pass the curl write callback by name instead of address

Metadata Update from @frenaud:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)
a year ago

Login to comment on this ticket.

Metadata
None
None
None
normal
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.