-
Bug
-
Resolution: Done
-
Medium
-
None
-
None
-
None
-
- CID 197707: Insecure data handling (TAINTED_SCALAR)
/src/plugins/nat/nat_api.c: 1934 in vl_api_nat44_add_del_lb_static_mapping_t_handler()
- CID 197707: Insecure data handling (TAINTED_SCALAR)
________________________________________________________________________________________________________
-
-
- CID 197707: Insecure data handling (TAINTED_SCALAR)
/src/plugins/nat/nat_api.c: 1934 in vl_api_nat44_add_del_lb_static_mapping_t_handler()
1928 sizeof (vl_api_nat44_lb_addr_port_t) *
1929 clib_net_to_host_u32 (mp->local_num);
1930
1931 len = vl_api_string_len (sp);
1932
1933 tag = vec_new (u8, len);
- CID 197707: Insecure data handling (TAINTED_SCALAR)
-
CID 197707: Insecure data handling (TAINTED_SCALAR)
Passing tainted variable "len" to a tainted sink.
1934 memcpy (tag, sp->buf, len);
1935 vec_terminate_c_string (tag);
1936
1937 rv =
1938 nat44_add_del_lb_static_mapping (e_addr,
1939 clib_net_to_host_u16 (mp->external_port),
-
- CID 197706: Insecure data handling (TAINTED_SCALAR)
/src/plugins/nat/nat_api.c: 1214 in vl_api_nat44_add_del_static_mapping_t_handler()
- CID 197706: Insecure data handling (TAINTED_SCALAR)
________________________________________________________________________________________________________
-
-
- CID 197706: Insecure data handling (TAINTED_SCALAR)
/src/plugins/nat/nat_api.c: 1214 in vl_api_nat44_add_del_static_mapping_t_handler()
1208 else if (mp->flags & NAT_API_IS_SELF_TWICE_NAT)
1209 twice_nat = TWICE_NAT_SELF;
1210
1211 len = vl_api_string_len (&mp->tag);
1212
1213 tag = vec_new (u8, len);
- CID 197706: Insecure data handling (TAINTED_SCALAR)
-
CID 197706: Insecure data handling (TAINTED_SCALAR)
Passing tainted variable "len" to a tainted sink.
1214 memcpy (tag, mp->tag.buf, len);
1215 vec_terminate_c_string (tag);
1216
1217 rv = snat_add_static_mapping (local_addr, external_addr, local_port,
1218 external_port, vrf_id,
1219 mp->flags & NAT_API_IS_ADDR_ONLY,