You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@qpid.apache.org by sc...@coverity.com on 2013/11/10 23:51:26 UTC

New Defects reported by Coverity Scan for Apache-Qpid

Hi,

Please find the latest report on new defect(s) introduced to Apache-Qpid found with Coverity Scan

Defect(s) Reported-by: Coverity Scan

	
** CID 1127840: Use of untrusted string value (TAINTED_STRING)


________________________________________________________________________
CID 1127840: Use of untrusted string value (TAINTED_STRING)

/qpidbuilds/trunk/qpid/cpp/src/tests/XmlClientSessionTest.cpp: 49 ( tainted_string_return_content)
   46    
   47    struct XmlFixture {
   48        XmlFixture() {
>>> "qpid::tests::getLibPath(char const *, char const *)" returns tainted string content.
   49            qpid::sys::Shlib shlib(getLibPath("XML_LIB"));
   50        }
   51        ~XmlFixture() {}
   52    };
   53    
  

/qpidbuilds/trunk/qpid/cpp/src/tests/XmlClientSessionTest.cpp: 49 ( tainted_string)
   46    
   47    struct XmlFixture {
   48        XmlFixture() {
>>> CID 1127840: Use of untrusted string value (TAINTED_STRING)
>>> Passing tainted string "std::string(getLibPath("XML_LIB", NULL))" to "qpid::sys::Shlib::Shlib(std::string const &)", which cannot accept tainted data.
   49            qpid::sys::Shlib shlib(getLibPath("XML_LIB"));
   50        }
   51        ~XmlFixture() {}
   52    };
   53    
  
________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com

To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org