diff options
| author | Caolán McNamara <caolanm@redhat.com> | 2016-10-14 09:11:38 +0100 |
|---|---|---|
| committer | Caolán McNamara <caolanm@redhat.com> | 2016-10-14 09:13:19 +0100 |
| commit | 482f6261791c5467918213f63d198e19c0e7720d (patch) | |
| tree | e73a8a2db64566a77d955b7e6531cb401aa85800 | |
| parent | 04e544dd51d9a0d3a1d19c42e1ec5dc63f7284cb (diff) | |
coverity#1373663 consider backupfilehelper byte twiddling as untainted
Change-Id: I13f7c3df20b3c9f81a9519b4bb84f556a8f4db7e
| -rw-r--r-- | comphelper/source/misc/backupfilehelper.cxx | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/comphelper/source/misc/backupfilehelper.cxx b/comphelper/source/misc/backupfilehelper.cxx index d5468f4cdce5..518a5e954b00 100644 --- a/comphelper/source/misc/backupfilehelper.cxx +++ b/comphelper/source/misc/backupfilehelper.cxx @@ -104,7 +104,14 @@ namespace // read rTarget if (osl::File::E_None == rFile->read(static_cast<void*>(aArray), 4, nBaseRead) && 4 == nBaseRead) { - rTarget = (sal_uInt32(aArray[0]) << 24) + (sal_uInt32(aArray[1]) << 16) + (sal_uInt32(aArray[2]) << 8) + sal_uInt32(aArray[3]); + //This is untainted data which comes from a controlled source + //so, using a byte-swapping pattern which coverity doesn't + //detect as such + //http://security.coverity.com/blog/2014/Apr/on-detecting-heartbleed-with-static-analysis.html + rTarget = aArray[0]; rTarget <<= 8; + rTarget |= aArray[1]; rTarget <<= 8; + rTarget |= aArray[2]; rTarget <<= 8; + rTarget |= aArray[3]; return true; } |