[Libguestfs] Coverity: possible false positive in do_lxattrlist

Richard W.M. Jones rjones at redhat.com
Thu Jun 9 10:39:20 UTC 2011


Coverity complains about the strcpy on line 295:

 295     strcpy (&pathname[path_len+1], names[k]);

"Overrunning static array of size 4096 bytes at byte position 4096 by
accessing with pointer "&pathname[path_len + 1UL]" through dereference
in call to "strcpy". (Deref assumed on the basis of 'nonnull'
parameter attribute.)"

However AFAICT the check at line 290 should be sufficient to avoid


Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
libguestfs lets you edit virtual machines.  Supports shell scripting,
bindings from many languages.  http://libguestfs.org

More information about the Libguestfs mailing list