Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Run a Coverity scan (week 20) #23398

Closed
MarcelKemp opened this issue May 14, 2024 · 2 comments
Closed

Run a Coverity scan (week 20) #23398

MarcelKemp opened this issue May 14, 2024 · 2 comments
Assignees
@MarcelKemp
Labels
level/task request/operational type/test/coverity type/test

Comments

@MarcelKemp
Copy link
Member

Version Branch Commit Previous run
v4.8.0-r40810 v4.8.0-rc2 de414d0 #23345
@MarcelKemp MarcelKemp self-assigned this May 14, 2024
@MarcelKemp
Copy link
Member Author

MarcelKemp commented May 14, 2024
edited

Summary

Snapshot ID Coverity version Platform Total detected Newly detected Newly eliminated
79027 2023.6.2 Ubuntu 22.04.1 285 9 0

Results

New defects:
Status CID Type Impact Date Component Origin Notes
🔴 1587879 Use of auto that causes a copy Low May 14, 2024 Vulnerability Detector 4.8.0 RC 2 #23442
🔴 1587878 Use of auto that causes a copy Low May 14, 2024 Vulnerability Detector 4.8.0 RC 2 #23442
🔴 1587877 Use of auto that causes a copy Low May 14, 2024 Vulnerability Detector 4.8.0 RC 2 #23442
🔴 1587875 Use of auto that causes a copy Low May 14, 2024 Vulnerability Detector 4.8.0 RC 2 #23442
🔴 1587874 Uninitialized scalar field Medium May 14, 2024 SocketDBWrapper 4.8.0 RC 2 #23442
🔴 1587873 Use of auto that causes a copy Low May 14, 2024 Vulnerability Detector 4.8.0 RC 2 #23442
Fixed defects:
Status CID Type Impact Date Component Origin Notes
Previously detected defects:
Status CID Type Impact Date Component Origin Notes
🟢 1586306 Data race condition Medium May 03, 2024 IndexerConnector 4.8.0 RC 1 #23249
🟢 1586303 Data race condition Medium May 03, 2024 SocketDBWrapper 4.8.0 RC 1 #23249
🟢 1585278 Data race condition Medium Apr 19, 2024 threadSafeMultiQueue 4.8.0 Beta 6
🟢 1585277 Data race condition Medium Apr 19, 2024 threadSafeMultiQueue 4.8.0 Beta 6
🟢 1585274 Data race condition Medium Apr 19, 2024 threadSafeQueue 4.8.0 Beta 6
🟢 1585273 COPY_INSTEAD_OF_MOVE Low Apr 19, 2024 Vulnerability Detector 4.8.0 Beta 6
🟢 1585270 Data race condition Medium Apr 19, 2024 threadSafeQueue 4.8.0 Beta 6
🟢 1583807 Data race condition Medium Feb 26, 2024 shared_modules/utils 4.8.0 Beta 4 #22184
🟢 1583725 Data race condition Medium Feb 22, 2024 Wazuh DB #21997 #22184
🟢 1580138 COPY_INSTEAD_OF_MOVE Low Feb 07, 2024 Other 4.8.0 Beta 1 #21808
🟢 1580137 COPY_INSTEAD_OF_MOVE Low Feb 07, 2024 Other 4.8.0 Beta 1 #21808
🟢 1580135 COPY_INSTEAD_OF_MOVE Low Feb 07, 2024 Other 4.8.0 Beta 1 #21808
1575474 Thread deadlock Medium January 8, 2024 RWlock wrapper
🔴 1575473 Use of auto that causes a copy Low January 8, 2024 Syscollector #14673
1575472 Data race condition Low January 8, 2024 Analysisd
1575471 Data race condition Low January 8, 2024 Analysisd
🔴 1575470 COPY_INSTEAD_OF_MOVE Low January 8, 2024 File integrity monitoring #9103 #17945
🔴 1575469 Use of auto that causes a copy Low January 8, 2024 Rsync #14673
1575468 Data race condition Medium January 8, 2024 Analysisd
1575467 Data race condition Medium January 8, 2024 Logcollector
1575466 Data race condition Medium January 8, 2024 Analysisd
🟢 1575465 Indefinite wait High January 8, 2024 Wazuh modules (exec)
1575464 Data race condition Medium January 8, 2024 Analysisd
🔴 1575463 Data race condition Medium January 8, 2024 Shared library #21307
1575462 Data race condition Medium January 8, 2024 Analysisd
🔴 1575461 COPY_INSTEAD_OF_MOVE Low January 8, 2024 File integrity monitoring #9103 #17945
🔴 1575460 COPY_INSTEAD_OF_MOVE Low January 8, 2024 Data provider #17025
🔴 1575459 COPY_INSTEAD_OF_MOVE Low January 8, 2024 Data provider #17025
1575458 Data race condition Medium January 8, 2024 Analysisd
🔴 1575457 COPY_INSTEAD_OF_MOVE Low January 8, 2024 DBsync #17025
1575455 Data race condition Medium January 8, 2024 Analysisd
🟢 1575454 Data race condition Medium January 8, 2024 Crypto library
🔴 1575453 Data race condition Medium January 8, 2024 Shared library #21307
🔴 1575452 COPY_INSTEAD_OF_MOVE Low January 8, 2024 Data provider #17025
🔵 1575451 Data race condition Medium January 8, 2024 Analysisd Won't fix
🔴 1575450 COPY_INSTEAD_OF_MOVE Low January 8, 2024 File integrity monitoring #9103 #17945
🔴 1575449 COPY_INSTEAD_OF_MOVE Low January 8, 2024 Data provider #17025
🔴 1575448 COPY_INSTEAD_OF_MOVE Low January 8, 2024 File integrity monitoring #9103 #17945
1575447 Data race condition Medium January 8, 2024 Analysisd
1575446 Thread deadlock Medium January 8, 2024 RWlock wrapper
🔴 1575445 COPY_INSTEAD_OF_MOVE Low January 8, 2024 Data provider #17025
🔴 1575443 Use of auto that causes a copy Low January 8, 2024 Data provider #14673
1575442 Data race condition Medium January 8, 2024 Analysisd
1575441 Data race condition Medium January 8, 2024 Analysisd
🔴 1575440 Data race condition Medium January 8, 2024 Shared library #21307
🔴 1575439 COPY_INSTEAD_OF_MOVE Low January 8, 2024 Data provider #17025
1575438 Data race condition Medium January 8, 2024 Analysisd
🟢 1575437 Data race condition Medium January 8, 2024 Analysisd
1575436 Data race condition Medium January 8, 2024 Analysisd
🔴 1575435 Use of auto that causes a copy Low January 8, 2024 Data provider #14673
🟢 1575434 Data race condition Medium January 8, 2024 Analysisd
1575433 Data race condition Medium January 8, 2024 Analysisd
🔵 1575432 Data race condition Medium January 8, 2024 Analysisd Won't fix
🔴 1575431 COPY_INSTEAD_OF_MOVE Low January 8, 2024 Data provider #17025
1575430 Data race condition Medium January 8, 2024 Analysisd
🟢 1575429 Data race condition Medium January 8, 2024 Analysisd
🔴 1575428 Use of auto that causes a copy Low January 8, 2024 DBsync #14673
1575427 Data race condition Medium January 8, 2024 Analysisd
🔴 1575426 Use of auto that causes a copy Low January 8, 2024 File integrity monitoring #9103 #17945
🔴 1575425 Use of auto that causes a copy Low January 8, 2024 File integrity monitoring #9103 #17945
🔴 1575424 Use of auto that causes a copy Low January 8, 2024 DBsync #14673
🔴 1575423 COPY_INSTEAD_OF_MOVE Low January 8, 2024 Rsync #17025
🔴 1575422 COPY_INSTEAD_OF_MOVE Low January 8, 2024 File integrity monitoring #9103 #17945
🔴 1575421 Data race condition Medium January 8, 2024 Shared library #21307
🔴 1575420 COPY_INSTEAD_OF_MOVE Low January 8, 2024 File integrity monitoring #9103 #17945
🔴 1575419 Data race condition Medium January 8, 2024 File integrity monitoring
🟢 1575418 Check of thread-shared field evades lock acquisition High January 8, 2024 Remoted #21309
🔴 1575417 COPY_INSTEAD_OF_MOVE Low January 8, 2024 Data provider #17025
1575416 Data race condition Medium January 8, 2024 Analysisd
🟢 1575414 Indefinite wait High January 8, 2024 Wazuh modules
1575413 Data race condition Medium January 8, 2024 Analysisd
1575412 Data race condition Medium January 8, 2024 Analysisd
🟢 1575411 Data race condition Medium January 8, 2024 Wazuh modules
1575410 Data race condition Medium January 8, 2024 Analysisd
🔴 1575409 Use of auto that causes a copy Low January 8, 2024 Rsync #14673
1575408 Data race condition Medium January 8, 2024 Analysisd
🔵 1575406 Data race condition Medium January 8, 2024 Analysisd Won't fix
🟢 1575405 Data race condition Medium January 8, 2024 Crypto library
1575404 Data race condition Medium January 8, 2024 Analysisd
🔴 1575403 Indefinite wait High January 8, 2024 File integrity monitoring #21310
🔵 1575402 Data race condition Medium January 8, 2024 Analysisd Won't fix
🔴 1575401 Use of auto that causes a copy Low January 8, 2024 DBsync #14673
1575400 Data race condition Medium January 8, 2024 Analysisd
🟢 1575399 Check of thread-shared field evades lock acquisition High January 8, 2024 Remoted
1575398 Data race condition Medium January 8, 2024 Analysisd
1575397 Data race condition Medium January 8, 2024 Analysisd
🔴 1575396 COPY_INSTEAD_OF_MOVE Low January 8, 2024 Data provider #17025
🔴 1575395 Data race condition Medium January 8, 2024 Syscollector
1575394 Data race condition Medium January 8, 2024 Analysisd
🔴 1575393 COPY_INSTEAD_OF_MOVE Low January 8, 2024 Data provider #17025
🔵 1574439 Unchecked return value Low 12/13/23 Wazuh DB From 3.9.4
🔵 1574438 Unchecked return value Low 12/13/23 Wazuh DB From 3.2.0
🔵 1574437 Unchecked return value Low 12/13/23 Wazuh DB From 4.4.0
🔴 1567850 COPY_INSTEAD_OF_MOVE Low September 7, 2023 File integrity monitoring #9103 #17945
🔴 1567849 COPY_INSTEAD_OF_MOVE Low September 7, 2023 File integrity monitoring #9103 #17945
🔴 1567847 COPY_INSTEAD_OF_MOVE Low September 7, 2023 File integrity monitoring #9103 #17945
🔴 1567846 COPY_INSTEAD_OF_MOVE Low September 7, 2023 File integrity monitoring #9103 #17945
🔴 1567845 COPY_INSTEAD_OF_MOVE Low September 7, 2023 File integrity monitoring #9103 #17945
🔴 1567844 COPY_INSTEAD_OF_MOVE Low September 7, 2023 File integrity monitoring #9103 #17945
🔴 1567843 COPY_INSTEAD_OF_MOVE Low September 7, 2023 File integrity monitoring #9103 #17945
🔴 1567842 COPY_INSTEAD_OF_MOVE Low September 7, 2023 File integrity monitoring #9103 #17945
🔴 1567841 COPY_INSTEAD_OF_MOVE Low September 7, 2023 File integrity monitoring #9103 #17945
🔴 1567840 COPY_INSTEAD_OF_MOVE Low September 7, 2023 File integrity monitoring #9103 #17945
🔴 1567838 COPY_INSTEAD_OF_MOVE Low September 7, 2023 File integrity monitoring #9103 #17945
🔴 1567835 COPY_INSTEAD_OF_MOVE Low September 7, 2023 File integrity monitoring #9103 #17945
🔴 1567834 Use of 32-bit time_t High September 7, 2023 Rsync #14664
🔴 1567833 Waiting while holding a lock Medium September 7, 2023 File integrity monitoring #9103 #18895
🔴 1567831 COPY_INSTEAD_OF_MOVE Low September 7, 2023 File integrity monitoring #9103 #17945
🔴 1567830 COPY_INSTEAD_OF_MOVE Low September 7, 2023 Shared modules #17025
🔴 1567829 COPY_INSTEAD_OF_MOVE Low September 7, 2023 File integrity monitoring #9103 #17945
🔴 1567828 COPY_INSTEAD_OF_MOVE Low September 7, 2023 File integrity monitoring #9103 #17945
🔴 1567827 COPY_INSTEAD_OF_MOVE Low September 7, 2023 File integrity monitoring #9103 #17945
🔴 1567826 COPY_INSTEAD_OF_MOVE Low September 7, 2023 File integrity monitoring #9103 #17945
🔴 1567825 COPY_INSTEAD_OF_MOVE Low September 7, 2023 File integrity monitoring #9103 #17945
🔴 1567824 COPY_INSTEAD_OF_MOVE Low September 7, 2023 File integrity monitoring #9103 #17945
🔴 1567822 COPY_INSTEAD_OF_MOVE Low September 7, 2023 Shared modules #17025
🔴 1567821 COPY_INSTEAD_OF_MOVE Low September 7, 2023 File integrity monitoring #9103 #17945
🔴 1566331 Thread deadlock Medium July 17, 2023 FIM #9096 #17957
🔴 1566329 Thread deadlock Medium July 17, 2023 FIM #9096 #17957
🔴 1561381 COPY_INSTEAD_OF_MOVE Low May 5, 2023 Data Provider #17025
🔴 1561380 COPY_INSTEAD_OF_MOVE Low May 5, 2023 DBsync #17025
🔴 1561379 COPY_INSTEAD_OF_MOVE Low May 5, 2023 DBsync #17025
🔴 1561378 COPY_INSTEAD_OF_MOVE Low May 5, 2023 Syscollector #17025
🟢 1561377 Unused value Low May 5, 2023 Rootcheck Good practices
🔴 1561376 COPY_INSTEAD_OF_MOVE Low May 5, 2023 Syscollector #17025
🔴 1561375 COPY_INSTEAD_OF_MOVE Low May 5, 2023 Syscollector #17025
🔴 1561372 COPY_INSTEAD_OF_MOVE Low May 5, 2023 Data provider #17025
🔴 1561371 COPY_INSTEAD_OF_MOVE Low May 5, 2023 Data provider #17025
🟢 1561370 Unused value Low May 5, 2023 Rootcheck Good practices
🔴 1561369 COPY_INSTEAD_OF_MOVE Low May 5, 2023 Rsync #17025
🔴 1561368 COPY_INSTEAD_OF_MOVE Low May 5, 2023 Data Provider #17025
🔴 1561367 COPY_INSTEAD_OF_MOVE Low May 5, 2023 Data Provider #17025
🟢 1561366 Unused value Low May 5, 2023 Shared Good practices
🔴 1561365 COPY_INSTEAD_OF_MOVE Low May 5, 2023 Shared #17025
🔴 1527748 Use of 32-bit time_t High November 30, 2022 Wazuh DB #11753 (4.4.0) Will impact in 2106. #14664
🟢 1527747 Waiting while holding a lock Medium November 30, 2022 Syscollector #10249 (4.3.0) #15556
🔴 1527746 Use of 32-bit time_t High November 30, 2022 Wazuh DB #11753 (4.4.0) Will impact in 2106. #14664
1527743 Copy into fixed size buffer Low November 30, 2022 Execd #9407 (4.2.0) The string size is limited by get_keys_from_json().
🔴 1519900 Use of 32-bit time_t High August 16, 2022 Fluent forwarder module #14664
🔴 1519899 Use of 32-bit time_t High August 16, 2022 DBD #14664
🔴 1519898 Use of 32-bit time_t High August 16, 2022 Task module #14664
🔴 1519896 Use of 32-bit time_t High August 16, 2022 Task module #14664
🔴 1519895 Use of 32-bit time_t High August 16, 2022 Integrator #14664
🔴 1519894 Use of 32-bit time_t High August 16, 2022 SCA #14664
🔴 1519892 Use of 32-bit time_t High August 16, 2022 Wazuh DB #14664
🔴 1519891 Use of 32-bit time_t High August 16, 2022 Wazuh DB #14664
🔴 1519890 Out-of-bounds access High August 16, 2022 Regex library
🔴 1519889 Use of 32-bit time_t High August 16, 2022 Agentd #14664
🔴 1519888 Use of 32-bit time_t High August 16, 2022 DBD #14664
🔴 1519887 Use of 32-bit time_t High August 16, 2022 Task module #14664
🔴 1519886 Use of 32-bit time_t High August 16, 2022 Authd #14664
🔴 1519882 Use of 32-bit time_t High August 16, 2022 Remoted #14664
🔴 1519880 Use of 32-bit time_t High August 16, 2022 GitHub integration #14664
🔴 1519879 Use of 32-bit time_t High August 16, 2022 Office365 integration #14664
🔴 1519878 Use of 32-bit time_t High August 16, 2022 Google Cloud integration #14664
🔴 1519877 Use of 32-bit time_t High August 16, 2022 Agentless #14664
🔴 1519875 Use of 32-bit time_t High August 16, 2022 Agentd #14664
🔴 1519874 Use of 32-bit time_t High August 16, 2022 CIS-CAT integration #14664
🔴 1519873 Use of 32-bit time_t High August 16, 2022 SCA #14664
🔴 1519872 Use of 32-bit time_t High August 16, 2022 Authd #14664
🔴 1519871 Use of 32-bit time_t High August 16, 2022 manage_agents tool #14664
🔴 1519870 Logically dead code Medium August 16, 2022 Analysisd
🔴 1519869 Use of 32-bit time_t High August 16, 2022 Commands module #14664
🔴 1519868 Use of 32-bit time_t High August 16, 2022 Agentd #14664
🔴 1519867 Use of 32-bit time_t High August 16, 2022 OpenSCAP integration #14664
🔴 1519866 Use of 32-bit time_t High August 16, 2022 Wazuh DB #14664
🔴 1519865 Use of 32-bit time_t High August 16, 2022 Wazuh DB #14664
🔴 1519864 Use of 32-bit time_t High August 16, 2022 Docker integration #14664
🔴 1519863 Use of 32-bit time_t High August 16, 2022 Agentless #14664
🔴 1519861 Use of 32-bit time_t High August 16, 2022 Google Cloud integration #14664
🔴 1519860 Use of 32-bit time_t High August 16, 2022 WPK upgrade #14664
🔴 1519858 Use of 32-bit time_t High August 16, 2022 manage_agents tool #14664
🔴 1519857 Use of 32-bit time_t High August 16, 2022 Azure integration #14664
🔴 1519856 Use of 32-bit time_t High August 16, 2022 Task module #14664
🔴 1519854 Use of 32-bit time_t High August 16, 2022 AWS integration #14664
🔴 1518063 Untrusted loop bound Medium Jun 3, 2022 Shared
🔴 1515492 Out-of-bounds access High Mar 24, 2022 Regex tool
1515491 String not null terminated High Mar 24, 2022 Remoted
1510192 Incorrect sizeof expression Medium Nov 25, 2021 Shared
1510191 Incorrect sizeof expression Medium Nov 25, 2021 Shared
🟡 1503039 Filesystem path, filename, or URI manipulation High Mar 29, 2021 Modulesd
1503036 Illegal address computation High Mar 29, 2021 FIM
1503034 Cleartext sensitive data in a file Low Mar 29, 2021 Agentd
1503032 Cleartext transmission of sensitive data High Mar 29, 2021 Remoted
🟢 1503031 Cleartext sensitive data in a file Low Mar 29, 2021 Shared
🟡 1503028 Filesystem path, filename, or URI manipulation High Mar 29, 2021 Agentd
🟡 1503027 Filesystem path, filename, or URI manipulation High Mar 29, 2021 Wazuh DB
🟡 1500006 Waiting while holding a lock Medium Dec 5, 2020 Analysisd
🟡 1500005 Waiting while holding a lock Medium Dec 5, 2020 Modulesd
1493723 SQL injection High Dec 5, 2020 Wazuh DB
🟢 1479722 Waiting while holding a lock Medium May 1, 2019 Shared
1476147 Incorrect sizeof expression Medium Dec 31, 2018 Shared
1469286 Time of check time of use Low May 23, 2018 Shared
🟡 1378747 Untrusted allocation size Medium Nov 18, 2016 Analysisd
🟡 1378744 Untrusted loop bound Medium Nov 18, 2016 Analysisd
🟡 1378579 Time of check time of use Low Nov 16, 2016 Rootcheck
🟡 1378578 Time of check time of use Low Nov 16, 2016 Rootcheck
1378569 String not null terminated High Nov 16, 2016 FIM
1378547 Out-of-bounds access High Nov 16, 2016 Logcollector
1378529 Constant expression result Medium Nov 16, 2016 Shared
🔴 1035344 Untrusted loop bound Medium Jun 19, 2013 Analysisd

Status legend

🔴 Fix pending
🟡 Untriaged
🟢 Intentional
🔵 Ignore
🟣 Fixed
⚪ False positive

@MarcelKemp
Copy link
Member Author

New defects issues

Open issue to work on the defects:

@MarcelKemp MarcelKemp mentioned this issue May 22, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@MarcelKemp MarcelKemp

Labels
level/task request/operational type/test/coverity type/test
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@MarcelKemp