[PATCH 1/6] VSMS: Coverity cleanups

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



A new version of Coverity found a number of issues:

parse_ip_address(): FORWARD_NULL
  - Benign issue regarding how 'tmp_ip' was compared against NULL for
    the IPv6 processing and then used blindly later when strdup()'ing
    into *ip. Rather than use NULL check, compare against return of 1
    or more which indicates that something is there

update_system_settings(): RESOURCE_LEAK
  - The 'uuid' value was being leaked if strdup()'d.  Also rather than
    strdup()'g and strdup()'d value and risking failure, just assign the
    initially strdup()'d value and reinitialize uuid to NULL

fv_vssd_to_domain(): USE_AFTER_FREE
  - The domain->os_info.fv.arch is free()'d only to be potentially
    strdup()'d after processing the 'cu_get_str_prop()' for "Arch".
    The complaint was that it was possible to not strdup() a new value
    and thus possible to pass a free()'d value to get_default_machine().
    Passing a NULL is not an issue as that is checked.

    Additionally found by inspection, 'val' was not initialized to NULL,
    so the setting of os_info.fv.arch may not be what was expected. Also,
    after processing "Arch" it was not reinitialized to NULL so its
    contents could potentially have been saved in os_info.fv.machine.

Signed-off-by: John Ferlan <jferlan@xxxxxxxxxx>
---
 src/Virt_VirtualSystemManagementService.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/src/Virt_VirtualSystemManagementService.c b/src/Virt_VirtualSystemManagementService.c
index 5c7238f..b624d8c 100644
--- a/src/Virt_VirtualSystemManagementService.c
+++ b/src/Virt_VirtualSystemManagementService.c
@@ -464,7 +464,7 @@ static int fv_vssd_to_domain(CMPIInstance *inst,
 {
         int ret = 1;
         int retr;
-        const char *val;
+        const char *val = NULL;
         const char *domtype = NULL;
         const char *ostype = "hvm";
         struct capabilities *capsinfo = NULL;
@@ -494,6 +494,7 @@ static int fv_vssd_to_domain(CMPIInstance *inst,
         }
 
         free(domain->os_info.fv.arch);
+        domain->os_info.fv.arch = NULL;
         retr = cu_get_str_prop(inst, "Arch", &val);
         if (retr != CMPI_RC_OK) {
                 if (capsinfo != NULL) { /* set default */
@@ -506,6 +507,8 @@ static int fv_vssd_to_domain(CMPIInstance *inst,
                 domain->os_info.fv.arch = strdup(val);
 
         free(domain->os_info.fv.machine);
+        domain->os_info.fv.machine = NULL;
+        val = NULL;
         retr = cu_get_str_prop(inst, "Machine", &val);
         if (retr != CMPI_RC_OK) {
                 if (capsinfo != NULL && domtype != NULL) { /* set default */
@@ -1415,7 +1418,7 @@ static int parse_ip_address(const char *id,
         if (strstr(id, "[") != NULL) {
                 /* its an ipv6 address */
                 ret = sscanf(id, "%a[^]]]:%as",  &tmp_ip, &tmp_port);
-                if (tmp_ip != NULL) {
+                if (ret >= 1) {
                         tmp_ip = realloc(tmp_ip, strlen(tmp_ip) + 2);
                         if (tmp_ip == NULL) {
                                 ret = 0;
@@ -2798,7 +2801,8 @@ static CMPIStatus update_system_settings(const CMPIContext *context,
         }
 
         if ((dominfo->uuid == NULL) || (STREQ(dominfo->uuid, ""))) {
-                dominfo->uuid = strdup(uuid);
+                dominfo->uuid = uuid;
+                uuid = NULL;
         } else if (!STREQ(uuid, dominfo->uuid)) {
                 cu_statusf(_BROKER, &s,
                            CMPI_RC_ERR_FAILED,
@@ -2829,6 +2833,7 @@ static CMPIStatus update_system_settings(const CMPIContext *context,
         }
 
  out:
+        free(uuid);
         free(xml);
         virDomainFree(dom);
         virConnectClose(conn);
-- 
1.8.4.2

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]