Ticket #9950 (closed: fixed)

Opened 6 years ago

Last modified 5 years ago

Coverity - High impact outstanding issues caused by ISISRAW

Reported by: Wenduo Zhou Owned by: Martyn Gigg
Priority: critical Milestone: Release 3.3
Component: Framework Keywords: Maintenance
Cc: Blocked By:
Blocking: Tester: Wenduo Zhou

Description

Two high impact outstanding issues reported by coverity are rooted from ISISRAW.

They are (1) CID 1076094: Out-of-bounds access (OVERRUN):

overrun-buffer-arg: Overrunning array localISISRaw->hdr.inst_abrv of 3 bytes by passing it to a function which accesses it at byte offset 79 using argument 80UL.

(2) CID 1076093: Out-of-bounds access (OVERRUN)

overrun-buffer-arg: Overrunning array isis_raw.hdr.hd_run of 5 bytes by passing it to a function which accesses it at byte offset 68 using argument 69UL.

Change History

comment:1 Changed 6 years ago by Martyn Gigg

  • Keywords Maintenance added

comment:2 Changed 6 years ago by Nick Draper

  • Status changed from new to assigned

comment:3 Changed 6 years ago by Martyn Gigg

  • Status changed from assigned to inprogress

comment:4 Changed 6 years ago by Martyn Gigg

Fix coverity issue in ISISRAW out-of-bounds access.

Code has been refactored to a common place in RawFileInfo and LoadISISNexus has been updated to format the header in the same manner. Refs #9950

Changeset: d1a5ba524a72d244d8a3c51dfbdbfffb4d155cc7

comment:5 Changed 6 years ago by Martyn Gigg

Fix doxygen warning.

Refs #9950

Changeset: 41c185af403fd86a2bcab2914bd2389d82e473ad

comment:8 Changed 6 years ago by Martyn Gigg

Fix buffer overrun in isis raw header access.

Refs #9950

Changeset: 81b5a9eb443d88dff3d32a8c1c45fd94c077689c

comment:9 Changed 6 years ago by Martyn Gigg

  • Status changed from inprogress to verify
  • Resolution set to fixed

Branch: bugfix/9950_coverity_issues_isisraw

Tester: All tests should be passing and you'll need to convince yourself by code review that this fixes the issues.

comment:10 Changed 6 years ago by Wenduo Zhou

  • Status changed from verify to verifying
  • Tester set to Wenduo Zhou

comment:11 Changed 6 years ago by Wenduo Zhou

All tests are passed. Ticket is closed for coverity to check.

comment:10 Changed 6 years ago by Wenduo Zhou

  • Status changed from verifying to closed

Merge remote-tracking branch 'origin/bugfix/9950_coverity_issues_isisraw'

Full changeset: 1496119a22da3fd49e3edaeb39058262add8d52c

comment:11 Changed 5 years ago by Stuart Campbell

This ticket has been transferred to github issue 10792

Note: See TracTickets for help on using tickets.