Bug 1329002

Summary:	SVRCORE - Fixing coverity issues.
Product:	Red Hat Enterprise Linux 7	Reporter:	Noriko Hosoi <nhosoi>
Component:	svrcore	Assignee:	Noriko Hosoi <nhosoi>
Status:	CLOSED ERRATA	QA Contact:	Viktor Ashirov <vashirov>
Severity:	high	Docs Contact:
Priority:	high
Version:	7.3
Target Milestone:	rc
Target Release:	---
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:	svrcore-4.1.2-1.el7	Doc Type:	Bug Fix
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2016-11-04 02:47:53 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:

Description Noriko Hosoi 2016-04-20 21:19:58 UTC

Description of problem:

Ticket 9 - Coverity deadcode
Bug Description:  Coverity detected deadcode in the systemd handling of pins

Ticket 8 - Coverity compiler warnings
Bug Description:  Coverity detected a number of compiler warnings.

Ticket 6 - Resource leak in systemd ask pass
Bug Description:  In an error case, systemd would set the pin to "", 
which would leak the token memory.

Ticket 7 - Incorrect result check
Bug Description:  Coverity detected an issue where tmp_fd was not checked 
for null with fopen.

Ticket 10 - Use after free
Bug Description:  Coverity and ASAN detected use after frees related to
the reuse of the pin object.

Ticket 5 - Integrate asan support for code quality checking
Bug Description:  Coverity found a number of defects that could have been
detected with asan use during testing.

Comment 2 Noriko Hosoi 2016-04-21 19:58:51 UTC

3 Covscan failures.

1. Defect type: UNINIT
1. svrcore-4.1.1/src/systemd-ask-pass.c:182: var_decl: Declaring variable "tmp_path".
2. svrcore-4.1.1/src/systemd-ask-pass.c:182: alloc_fn: Calling allocator "malloc".
3. svrcore-4.1.1/src/systemd-ask-pass.c:182: assign: Assigning: "tmp_path" = "malloc(50UL)", which is allocated but not initialized.
17. svrcore-4.1.1/src/systemd-ask-pass.c:418: uninit_use_in_call: Using uninitialized value "*tmp_path" when calling "unlink".
#   416|   
#   417|       if (tmp_path) {
#   418|->         unlink(tmp_path);
#   419|           free(tmp_path);
#   420|       }


2. Defect type: UNINIT
1. svrcore-4.1.1/src/systemd-ask-pass.c:181: var_decl: Declaring variable "ask_path".
2. svrcore-4.1.1/src/systemd-ask-pass.c:181: alloc_fn: Calling allocator "malloc".
3. svrcore-4.1.1/src/systemd-ask-pass.c:181: assign: Assigning: "ask_path" = "malloc(50UL)", which is allocated but not initialized.
16. svrcore-4.1.1/src/systemd-ask-pass.c:413: uninit_use_in_call: Using uninitialized value "*ask_path" when calling "unlink".
#   411|       }
#   412|       if (ask_path) {
#   413|->         unlink(ask_path);
#   414|           free(ask_path);
#   415|       }


3. Defect type: UNINIT
1. svrcore-4.1.1/src/systemd-ask-pass.c:180: var_decl: Declaring variable "socket_path".
2. svrcore-4.1.1/src/systemd-ask-pass.c:180: alloc_fn: Calling allocator "malloc".
3. svrcore-4.1.1/src/systemd-ask-pass.c:180: assign: Assigning: "socket_path" = "malloc(50UL)", which is allocated but not initialized.
15. svrcore-4.1.1/src/systemd-ask-pass.c:409: uninit_use_in_call: Using uninitialized value "*socket_path" when calling "unlink".
#   407|   
#   408|       if (socket_path) {
#   409|->         unlink(socket_path);
#   410|           free(socket_path);
#   411|       }

Comment 5 errata-xmlrpc 2016-11-04 02:47:53 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-2285.html