diff options
| author | ShyamsundarR <srangana@redhat.com> | 2018-07-24 20:23:14 -0400 |
|---|---|---|
| committer | Amar Tumballi <amarts@redhat.com> | 2018-07-27 09:06:09 +0000 |
| commit | 46a2cbfb73f7fade3426fd07c5830e9fac82883c (patch) | |
| tree | 5fc20c3724eae8e1a6145dbb31fea8f7d0aa126d | |
| parent | 1739f7e0b2af6245d54b130e87d805944e9f7e63 (diff) | |
| download | glusterfs-46a2cbfb73f7fade3426fd07c5830e9fac82883c.tar.gz glusterfs-46a2cbfb73f7fade3426fd07c5830e9fac82883c.tar.xz glusterfs-46a2cbfb73f7fade3426fd07c5830e9fac82883c.zip | |
coverity: Ignore most of SECURE_TEMP issues
mkstemp as per the Linux man page, uses 0600 as the permission
bits when creating the file. This is hence safe and a Coverity
warning that should be ignored.
Further, we are mostly a multi-threaded program in all our daemons
and cannot set and unset umask at will in a multi-threaded
program, to address the coverity issue.
This change attempts to nudge coverity to ignore this warning,
using the pattern,
/* coverity[EVENT_TAG_NAME] ... */
<line of code that has the issue>
This commit is an experiment, if post merge the next coverity
report ignores these errors, the above pattern (as found using
an internet search) works and can be applied to certain other
warnings as well.
Change-Id: I73a184ce1a54dd9e66542952b1190a74438c826a
Updates: bz#789278
Signed-off-by: ShyamsundarR <srangana@redhat.com>
| -rw-r--r-- | libglusterfs/src/graph.c | 1 | ||||
| -rw-r--r-- | libglusterfs/src/graph.y | 1 | ||||
| -rw-r--r-- | libglusterfs/src/monitoring.c | 1 | ||||
| -rw-r--r-- | xlators/cluster/ec/src/ec-code.c | 1 | ||||
| -rw-r--r-- | xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc-helper.c | 1 | ||||
| -rw-r--r-- | xlators/mgmt/glusterd/src/glusterd-svc-helper.c | 2 | ||||
| -rw-r--r-- | xlators/mgmt/glusterd/src/glusterd-tierd-svc-helper.c | 2 |
7 files changed, 9 insertions, 0 deletions
diff --git a/libglusterfs/src/graph.c b/libglusterfs/src/graph.c index 2d560b7f26..d690047cb6 100644 --- a/libglusterfs/src/graph.c +++ b/libglusterfs/src/graph.c @@ -968,6 +968,7 @@ gf_volfile_reconfigure (int oldvollen, FILE *newvolfile_fp, LG_MSG_ACTIVE_GRAPH_NULL, "glusterfs_ctx->active is NULL"); + /* coverity[secure_temp] mkstemp uses 0600 as the mode and is safe */ file_desc = mkstemp(temp_file); if (file_desc < 0) { gf_msg ("glusterfsd-mgmt", GF_LOG_ERROR, errno, diff --git a/libglusterfs/src/graph.y b/libglusterfs/src/graph.y index ddd2c9672f..bf7886b5a8 100644 --- a/libglusterfs/src/graph.y +++ b/libglusterfs/src/graph.y @@ -563,6 +563,7 @@ glusterfs_graph_construct (FILE *fp) goto err; strcpy (template, "/tmp/tmp.XXXXXX"); + /* coverity[secure_temp] mkstemp uses 0600 as the mode and is safe */ tmp_fd = mkstemp (template); if (-1 == tmp_fd) goto err; diff --git a/libglusterfs/src/monitoring.c b/libglusterfs/src/monitoring.c index 62738c79e7..10b0a817e4 100644 --- a/libglusterfs/src/monitoring.c +++ b/libglusterfs/src/monitoring.c @@ -237,6 +237,7 @@ gf_monitor_metrics (glusterfs_ctx_t *ctx) return NULL; } + /* coverity[secure_temp] mkstemp uses 0600 as the mode and is safe */ fd = mkstemp (filepath); if (fd < 0) { gf_msg ("monitoring", GF_LOG_ERROR, 0, LG_MSG_STRDUP_ERROR, diff --git a/xlators/cluster/ec/src/ec-code.c b/xlators/cluster/ec/src/ec-code.c index 2cdd5bebe1..e33cb42d9d 100644 --- a/xlators/cluster/ec/src/ec-code.c +++ b/xlators/cluster/ec/src/ec-code.c @@ -417,6 +417,7 @@ ec_code_space_create(ec_code_t *code, size_t size) /* We need to create a temporary file as the backend storage for the * memory mapped areas. */ + /* coverity[secure_temp] mkstemp uses 0600 as the mode and is safe */ fd = mkstemp(path); if (fd < 0) { err = errno; diff --git a/xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc-helper.c b/xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc-helper.c index 7098ae27ea..781cdbf681 100644 --- a/xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc-helper.c +++ b/xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc-helper.c @@ -101,6 +101,7 @@ glusterd_svc_get_gfproxyd_volfile (glusterd_volinfo_t *volinfo, char *svc_name, snprintf (tmpvol, path_len, "/tmp/g%s-XXXXXX", svc_name); + /* coverity[secure_temp] mkstemp uses 0600 as the mode and is safe */ tmp_fd = mkstemp (tmpvol); if (tmp_fd < 0) { gf_msg ("glusterd", GF_LOG_WARNING, errno, diff --git a/xlators/mgmt/glusterd/src/glusterd-svc-helper.c b/xlators/mgmt/glusterd/src/glusterd-svc-helper.c index 14c2fce535..abf979eada 100644 --- a/xlators/mgmt/glusterd/src/glusterd-svc-helper.c +++ b/xlators/mgmt/glusterd/src/glusterd-svc-helper.c @@ -180,6 +180,7 @@ glusterd_svc_check_volfile_identical (char *svc_name, snprintf (tmpvol, sizeof (tmpvol), "/tmp/g%s-XXXXXX", svc_name); + /* coverity[secure_temp] mkstemp uses 0600 as the mode and is safe */ tmp_fd = mkstemp (tmpvol); if (tmp_fd < 0) { gf_msg (this->name, GF_LOG_WARNING, errno, @@ -231,6 +232,7 @@ glusterd_svc_check_topology_identical (char *svc_name, /* Create the temporary volfile */ snprintf (tmpvol, sizeof (tmpvol), "/tmp/g%s-XXXXXX", svc_name); + /* coverity[secure_temp] mkstemp uses 0600 as the mode and is safe */ tmpfd = mkstemp (tmpvol); if (tmpfd < 0) { gf_msg (this->name, GF_LOG_WARNING, errno, diff --git a/xlators/mgmt/glusterd/src/glusterd-tierd-svc-helper.c b/xlators/mgmt/glusterd/src/glusterd-tierd-svc-helper.c index 42cf896842..8b54ac1059 100644 --- a/xlators/mgmt/glusterd/src/glusterd-tierd-svc-helper.c +++ b/xlators/mgmt/glusterd/src/glusterd-tierd-svc-helper.c @@ -105,6 +105,7 @@ glusterd_svc_check_tier_volfile_identical (char *svc_name, snprintf (tmpvol, sizeof (tmpvol), "/tmp/g%s-XXXXXX", svc_name); + /* coverity[secure_temp] mkstemp uses 0600 as the mode and is safe */ tmp_fd = mkstemp (tmpvol); if (tmp_fd < 0) { gf_msg (this->name, GF_LOG_WARNING, errno, @@ -158,6 +159,7 @@ glusterd_svc_check_tier_topology_identical (char *svc_name, snprintf (tmpvol, sizeof (tmpvol), "/tmp/g%s-XXXXXX", svc_name); + /* coverity[secure_temp] mkstemp uses 0600 as the mode and is safe */ tmpfd = mkstemp (tmpvol); if (tmpfd < 0) { gf_msg (this->name, GF_LOG_WARNING, errno, |