Issue 32183: Coverity: CID 1423264: Insecure data handling (TAINTED_SCALAR) (original) (raw)

I got a new report from Coverity: CID 1423264: Insecure data handling (TAINTED_SCALAR)

** CID 1423265: Insecure data handling (TAINTED_SCALAR) /Modules/main.c: 1393 in pymain_get_env_var_dup()

*** CID 1423265: Insecure data handling (TAINTED_SCALAR) /Modules/main.c: 1393 in pymain_get_env_var_dup() 1387 if (!var || var[0] == '\0') { 1388 *dest = NULL; 1389 return 0; 1390 } 1391 1392 size_t len;

CID 1423265:  Insecure data handling  (TAINTED_SCALAR)
Passing tainted variable "var" to a tainted sink. [Note: The source code implementation of the function has been overridden by a user model.]

1393 wchar_t wvar = Py_DecodeLocale(var, &len); 1394 if (!wvar) { 1395 if (len == (size_t)-2) { 1396 / don't set pymain->err */ 1397 return -2; 1398 }

** CID 1423264: Insecure data handling (TAINTED_SCALAR) /Modules/getpath.c: 909 in calculate_init()

*** CID 1423264: Insecure data handling (TAINTED_SCALAR) /Modules/getpath.c: 909 in calculate_init() 903 return err; 904 } 905 906 size_t len; 907 char *path = getenv("PATH"); 908 if (path) {

CID 1423264:  Insecure data handling  (TAINTED_SCALAR)
Passing tainted variable "path" to a tainted sink. [Note: The source code implementation of the function has been overridden by a user model.]

909 calculate->path_env = Py_DecodeLocale(path, &len); 910 if (!calculate->path_env) { 911 return DECODE_FAILED("PATH environment variable", len); 912 } 913 } 914

Christian Heimes told me on IRC that Coverity "thinks that all values from getenv are bad". Ok.

coverity_tainted_data_sink() is supposed to say that we sanitized data, and this is what Py_DecodeLocale() model does:

wchar_t Py_DecodeLocale(const char arg, size_t *size) { wchar_t *w; coverity_tainted_data_sink(arg); coverity_tainted_data_sink(size); return w; }

I refactored recently Modules/main.c, Modules/getpath.c and PC/getpathp.c code, but the code isn't really new, I mostly "moved" code. Maybe these warnings were simply ignored previously?