From aca2668c88a048ab556c53411dcf2ccd43099d50 Mon Sep 17 00:00:00 2001 From: Vedansh Bhartia Date: Fri, 12 May 2023 11:36:38 +0530 Subject: [PATCH] rgw: Add coverity annotations to ignore warnings about 32 bit time There are two types of occurences of this warning: 1. Where time intervals are stored. These intervals are generally very small (like 30s for TOTP window duration), and are unlikely to overflow. These are marked as false positives. 2. Where time data is written to disk. Moving to 64 bit time would require significant work to ensure backwards compatibility. These shall be addressed via a separate PR. A bug addressing this has been opened at https://tracker.ceph.com/issues/61160 Signed-off-by: Vedansh Bhartia --- src/rgw/driver/rados/rgw_trim_datalog.cc | 3 +++ src/rgw/driver/rados/rgw_trim_mdlog.cc | 3 +++ src/rgw/rgw_admin.cc | 5 +++++ src/rgw/rgw_common.h | 2 ++ src/rgw/rgw_torrent.cc | 2 ++ 5 files changed, 15 insertions(+) diff --git a/src/rgw/driver/rados/rgw_trim_datalog.cc b/src/rgw/driver/rados/rgw_trim_datalog.cc index 72a160039cf..88f840818b2 100644 --- a/src/rgw/driver/rados/rgw_trim_datalog.cc +++ b/src/rgw/driver/rados/rgw_trim_datalog.cc @@ -223,6 +223,9 @@ int DataLogTrimPollCR::operate(const DoutPrefixProvider *dpp) // request a 'data_trim' lock that covers the entire wait interval to // prevent other gateways from attempting to trim for the duration set_status("acquiring trim lock"); + + // interval is a small number and unlikely to overflow + // coverity[Y2K38_SAFETY:FALSE] yield call(new RGWSimpleRadosLockCR(store->svc()->rados->get_async_processor(), store, rgw_raw_obj(store->svc()->zone->get_zone_params().log_pool, lock_oid), "data_trim", lock_cookie, diff --git a/src/rgw/driver/rados/rgw_trim_mdlog.cc b/src/rgw/driver/rados/rgw_trim_mdlog.cc index d8e19594aea..4f813582032 100644 --- a/src/rgw/driver/rados/rgw_trim_mdlog.cc +++ b/src/rgw/driver/rados/rgw_trim_mdlog.cc @@ -668,6 +668,9 @@ int MetaTrimPollCR::operate(const DoutPrefixProvider *dpp) // prevent others from trimming for our entire wait interval set_status("acquiring trim lock"); + + // interval is a small number and unlikely to overflow + // coverity[Y2K38_SAFETY:FALSE] yield call(new RGWSimpleRadosLockCR(store->svc()->rados->get_async_processor(), store, obj, name, cookie, interval.sec())); if (retcode < 0) { diff --git a/src/rgw/rgw_admin.cc b/src/rgw/rgw_admin.cc index 228e165647f..91a6b9fc984 100644 --- a/src/rgw/rgw_admin.cc +++ b/src/rgw/rgw_admin.cc @@ -3036,6 +3036,9 @@ static int scan_totp(CephContext *cct, ceph::real_time& now, rados::cls::otp::ot nullptr, pins[0].c_str()); if (rc != OATH_INVALID_OTP) { + // oath_totp_validate2 is an external library function, cannot fix internally + // Further, step_size is a small number and unlikely to overflow + // coverity[Y2K38_SAFETY:FALSE] rc = oath_totp_validate2(totp.seed_bin.c_str(), totp.seed_bin.length(), start_time, step_size, @@ -10371,6 +10374,8 @@ next: return -ret; } + // time offset is a small number and unlikely to overflow + // coverity[Y2K38_SAFETY:FALSE] config.time_ofs = time_ofs; /* now update the backend */ diff --git a/src/rgw/rgw_common.h b/src/rgw/rgw_common.h index 1b317b01b6f..782d82a85aa 100644 --- a/src/rgw/rgw_common.h +++ b/src/rgw/rgw_common.h @@ -1292,6 +1292,8 @@ struct RGWBucketEnt { void encode(bufferlist& bl) const { ENCODE_START(7, 5, bl); uint64_t s = size; + // issue tracked here: https://tracker.ceph.com/issues/61160 + // coverity[Y2K38_SAFETY] __u32 mt = ceph::real_clock::to_time_t(creation_time); std::string empty_str; // originally had the bucket name here, but we encode bucket later encode(empty_str, bl); diff --git a/src/rgw/rgw_torrent.cc b/src/rgw/rgw_torrent.cc index 0ad3f37f6e1..af9c4a632dc 100644 --- a/src/rgw/rgw_torrent.cc +++ b/src/rgw/rgw_torrent.cc @@ -169,6 +169,8 @@ bufferlist RGWPutObj_Torrent::bencode_torrent(std::string_view filename) const // Only encode create_date and sha1 info. Other fields will be added during // GetObjectTorrent by rgw_read_torrent_file() + // issue tracked here: https://tracker.ceph.com/issues/61160 + // coverity[Y2K38_SAFETY] bencode(CREATION_DATE, std::time(nullptr), bl); bencode_key(INFO_PIECES, bl); -- 2.39.5