CID 1444908: MISSING_LOCK / CID 1444769: TAINTED_SCALAR
Got two new coverity issues:
*** CID 1444908: Concurrent data access violations (MISSING_LOCK)
/src/test/rng_test_helpers.c: 190 in testing_enable_prefilled_rng()
184 {
185 tor_assert(buflen > 0);
186 rng_mutex = tor_mutex_new();
187
188 prefilled_rng_buffer = tor_memdup(buffer, buflen);
189 prefilled_rng_buflen = buflen;
>>> CID 1444908: Concurrent data access violations (MISSING_LOCK)
>>> Accessing "prefilled_rng_idx" without holding lock "tor_mutex_t.mutex". Elsewhere, "prefilled_rng_idx" is accessed with
>>> "tor_mutex_t.mutex" held 3 out of 4 times (1 of these accesses strongly imply that it is necessary).
190 prefilled_rng_idx = 0;
191
192 MOCK(crypto_rand, crypto_rand_prefilled);
193 MOCK(crypto_strongest_rand_, mock_crypto_strongest_rand);
194 }
195
** CID 1444769: Insecure data handling (TAINTED_SCALAR)
________________________________________________________________________________________________________
*** CID 1444769: Insecure data handling (TAINTED_SCALAR)
/src/feature/nodelist/microdesc.c: 540 in microdesc_cache_reload()
534 }
535
536 journal_content = read_file_to_str(cache->journal_fname,
537 RFTS_IGNORE_MISSING, &st);
538 if (journal_content) {
539 cache->journal_len = (size_t) st.st_size;
>>> CID 1444769: Insecure data handling (TAINTED_SCALAR)
>>> Passing tainted variable "journal_content" to a tainted sink.
540 warn_if_nul_found(journal_content, cache->journal_len, 0,
541 "reading microdesc journal");
542 added = microdescs_add_to_cache(cache, journal_content,
543 journal_content+st.st_size,
544 SAVED_IN_JOURNAL, 0, -1, NULL);
545 if (added) {
```}