From 72604f866b8d7b7e4edf2ae1b55d11cad72a50ba Mon Sep 17 00:00:00 2001 From: Tim Wojtulewicz Date: Mon, 29 Nov 2021 10:43:34 -0700 Subject: [PATCH] Fix a number of Coverity findings 1466460: Uninitialized field in gtp-analyzer.pac 1462465: Null pointer dereference in CompositeHash::SingleValHash 1462463: Copy/paste error in TCPSessionAdapter::build_syn_packet_val 1462067: Uninitialized fields in Zinst --- src/CompHash.cc | 7 ++++++- src/packet_analysis/protocol/gtpv1/gtpv1-analyzer.pac | 4 +++- src/packet_analysis/protocol/tcp/TCPSessionAdapter.cc | 2 +- src/script_opt/ZAM/ZInst.h | 8 ++++---- 4 files changed, 14 insertions(+), 7 deletions(-) diff --git a/src/CompHash.cc b/src/CompHash.cc index 89b5201238..56b626fa7f 100644 --- a/src/CompHash.cc +++ b/src/CompHash.cc @@ -501,6 +501,11 @@ bool CompositeHash::SingleValHash(HashKey& hk, const Val* v, Type* bt, bool type return true; } + // All of the rest of the code here depends on v not being null, since it needs + // to get values from it. + if ( ! v ) + return false; + switch ( t ) { case TYPE_INTERNAL_INT: @@ -695,7 +700,7 @@ bool CompositeHash::SingleValHash(HashKey& hk, const Val* v, Type* bt, bool type } break; - case TYPE_INTERNAL_ERROR: + default: return false; } diff --git a/src/packet_analysis/protocol/gtpv1/gtpv1-analyzer.pac b/src/packet_analysis/protocol/gtpv1/gtpv1-analyzer.pac index 6fc18befea..7b81126469 100644 --- a/src/packet_analysis/protocol/gtpv1/gtpv1-analyzer.pac +++ b/src/packet_analysis/protocol/gtpv1/gtpv1-analyzer.pac @@ -610,7 +610,9 @@ connection GTPv1_Conn(zeek_analyzer: ZeekPacketAnalyzer) %} %init{ - valid_orig = valid_resp = false; + valid_orig = false; + valid_resp = false; + packet = nullptr; %} function valid(orig: bool): bool diff --git a/src/packet_analysis/protocol/tcp/TCPSessionAdapter.cc b/src/packet_analysis/protocol/tcp/TCPSessionAdapter.cc index 53027538e8..3e04adb844 100644 --- a/src/packet_analysis/protocol/tcp/TCPSessionAdapter.cc +++ b/src/packet_analysis/protocol/tcp/TCPSessionAdapter.cc @@ -422,7 +422,7 @@ static zeek::RecordValPtr build_syn_packet_val(bool is_orig, const zeek::IP_Hdr* if ( TSval ) v->Assign(8, *TSval); - if ( TSval ) + if ( TSecr ) v->Assign(9, *TSecr); return v; diff --git a/src/script_opt/ZAM/ZInst.h b/src/script_opt/ZAM/ZInst.h index 9bc41cd72a..b1dc751ea1 100644 --- a/src/script_opt/ZAM/ZInst.h +++ b/src/script_opt/ZAM/ZInst.h @@ -64,9 +64,9 @@ public: } // Create a stub instruction that will be populated later. - ZInst() { } + ZInst() = default; - virtual ~ZInst() { } + virtual ~ZInst() = default; // Methods for printing out the instruction for debugging/maintenance. void Dump(bro_uint_t inst_num, const FrameReMap* mappings) const; @@ -93,8 +93,8 @@ public: // Returns a string describing the constant. std::string ConstDump() const; - ZOp op; - ZAMOpType op_type; + ZOp op = OP_NOP; + ZAMOpType op_type = OP_X; // Usually indices into frame, though sometimes hold integer constants. // When an instruction has both frame slots and integer constants,