From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: passt.top; dmarc=none (p=none dis=none) header.from=gibson.dropbear.id.au Authentication-Results: passt.top; dkim=pass (2048-bit key; secure) header.d=gibson.dropbear.id.au header.i=@gibson.dropbear.id.au header.a=rsa-sha256 header.s=202606 header.b=HS69bNYq; dkim-atps=neutral Received: from mail.ozlabs.org (gandalf.ozlabs.org [150.107.74.76]) by passt.top (Postfix) with ESMTPS id DD3E15A0262 for ; Tue, 09 Jun 2026 03:05:29 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gibson.dropbear.id.au; s=202606; t=1780967126; bh=yJczO0pdfPoVlFG0Wd+MhaugGFeCQbsIhcLk9Fms55k=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=HS69bNYqBnyqxSikPtAU4Dgm/mv5aJVa3EkbtBKHTWj8ihq0vFSJo6yda8LGgQxr0 evrKCZeKDCFGBfGKKqSZIMV2Wt9sFAHSamMrhUYth8AcE3JjnaKYWuER2Q9SXXsX7l 4FVGE6BDbzqN44ioOcx0RSthPqDEpLI0+eayAbVeefTLkzn5zRVqDxmSLSfH7zdHpT i44wgJq6+qbts4DmcNYEiGkqM2x2nyvQimW9uHiziN5OkLGIYqWPLKbUikUo+Nh938 oPW3kQyJvWt6IP2t8YO5ZnmSCbyHTM5AK/9o9584cOKCXU6XhcdxivLeffhUemBJ59 GDvfSCCjf7eNg== Received: by gandalf.ozlabs.org (Postfix, from userid 1007) id 4gZ9gp4Qbsz4wTs; Tue, 09 Jun 2026 11:05:26 +1000 (AEST) Date: Tue, 9 Jun 2026 10:42:04 +1000 From: David Gibson To: Jon Maloy Subject: Re: [PATCH v2] udp: Provide dummy iov in udp_peek_addr() to avoid Coverity warning Message-ID: References: <20260608005026.515574-1-jmaloy@redhat.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="PLqVbfCdC1kmDrxK" Content-Disposition: inline In-Reply-To: <20260608005026.515574-1-jmaloy@redhat.com> Message-ID-Hash: E56ERPKYEGYNE4UKHAYIYDK5F6DLOC2J X-Message-ID-Hash: E56ERPKYEGYNE4UKHAYIYDK5F6DLOC2J X-MailFrom: dgibson@gandalf.ozlabs.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: sbrivio@redhat.com, passt-dev@passt.top X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --PLqVbfCdC1kmDrxK Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Jun 07, 2026 at 08:50:26PM -0400, Jon Maloy wrote: > udp_peek_addr() initialises struct msghdr without setting msg_iov, > leaving it implicitly NULL. Coverity flags this as FORWARD_NULL, > believing recvmsg() will dereference the NULL pointer. >=20 > In practice, msg_iovlen being zero means the kernel never touches > msg_iov, so the warning is a false positive. We now provide a > one-byte dummy iov to make msg_iov non-NULL, hence suppressing this > warning without changing the function's behaviour. >=20 > Signed-off-by: Jon Maloy Following on from our discussion yesterday. Although this is based on my suggestion, I'm now inclined to believe v1 is marginally less ugly. Fwiw, I double checked the code and can now confirm that this is only called for packets arriving on a "listening" socket, rather than a flow-specific socket. Typically that will only be once, or at worst a handful of times, per flow. >=20 > ---- > v2: - Make the dummy iov conditional on an ANALYZER macro, so it has > zero runtime cost in production builds. > - Add a new 'analyzer' Makefile target (similar to 'valgrind') > that defines ANALYZER via CPPFLAGS for use with static analysis > builds. > --- > Makefile | 3 +++ > udp.c | 11 +++++++++++ > 2 files changed, 14 insertions(+) >=20 > diff --git a/Makefile b/Makefile > index 0a0a60b0..4dcf4cd1 100644 > --- a/Makefile > +++ b/Makefile > @@ -122,6 +122,9 @@ passt-repair: $(PASST_REPAIR_SRCS) $(PASST_REPAIR_HEA= DERS) seccomp_repair.h > pesto: BASE_CPPFLAGS +=3D -DPESTO > pesto: $(PESTO_SRCS) $(PESTO_HEADERS) seccomp_pesto.h > =20 > +analyzer: BASE_CPPFLAGS +=3D -DANALYZER > +analyzer: all > + > valgrind: EXTRA_SYSCALLS +=3D rt_sigprocmask rt_sigtimedwait rt_sigactio= n \ > rt_sigreturn getpid gettid kill clock_gettime \ > mmap|mmap2 munmap open unlink gettimeofday futex \ > diff --git a/udp.c b/udp.c > index c28d6ee2..36c8c070 100644 > --- a/udp.c > +++ b/udp.c > @@ -734,9 +734,20 @@ static int udp_peek_addr(int s, union sockaddr_inany= *src, > { > char sastr[SOCKADDR_STRLEN], dstr[INANY_ADDRSTRLEN]; > char cmsg[PKTINFO_SPACE]; > +#ifdef ANALYZER > + char dummy; > + struct iovec iov =3D { > + .iov_base =3D &dummy, > + .iov_len =3D sizeof(dummy), > + }; > +#endif /* ANALYZER */ > struct msghdr msg =3D { > .msg_name =3D src, > .msg_namelen =3D sizeof(*src), > +#ifdef ANALYZER > + .msg_iov =3D &iov, > + .msg_iovlen =3D 1, > +#endif /* ANALYZER */ > .msg_control =3D cmsg, > .msg_controllen =3D sizeof(cmsg), > }; > --=20 > 2.52.0 >=20 >=20 --=20 David Gibson (he or they) | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you, not the other way | around. http://www.ozlabs.org/~dgibson --PLqVbfCdC1kmDrxK Content-Type: application/pgp-signature; name=signature.asc -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEO+dNsU4E3yXUXRK2zQJF27ox2GcFAmonYVsACgkQzQJF27ox 2GfaEg//ebB8tC5d4gX2rX/9fxAZFf7In/Q8x94z3hJWbAztxflb0eDx2eDHKBp8 nJZFGXlrZb6pPKkEFx/m0vEwr1KT7W90XDlBCiKPETwwiYjCIpPSuFBR+sRblI4w ZPWnEvUijG0OrcKXlCpMq57zQMm8vgBSPJtZKm3mAb11ars4G4b9IuJJx1+wvjdS aItUcNJAOqSbXBpRG41Y8aDXBBqqxCWGKfYo8LczxqTGlFxHLpa/B46HrU7UCIzM +qK/bB/hj/Gki+gExcKqcsTFo2UXNzxddFiCSLff42+UcohXLft4dRMn1PMD/Lgy ZKrQWjrD8gOl0sPhAsArWvQhm5GzvDkJMFOCz8DcB78qDMTCFdRhHuw+prgzjYJl FPpzdmTKzTu0DQCBQTropjDE2o5RUmqkiAJminxTNyRoujEH/SW/a8eSSjVDrKCr Lrxs1ndFJK9dsOUg624KlZuPOhjaKB9QiYeF83SLh3GczU/NwzSSXEHoewma2XZ+ Gh87JbHcrPdTxO7s2zLH1QSwBa+UfxfzcAKAeCtubXQVP+KRtTBoUHSttEwzZfMy Ki2+5qKSHBAUGC5rt6oj4K5sM9KqcoGsmsMe/2j7Y+VZw0Y0xU5u0C3EKIXFfr28 5dSymcuK6KM3zu/X+gECBCUNcxd6Hnk6Qypou03vpGHYgspllbg= =3fa/ -----END PGP SIGNATURE----- --PLqVbfCdC1kmDrxK--