Bug 2095523

Summary: coverity scan - thinlv checked for None after access
Product: Red Hat Enterprise Linux 9 Reporter: Rich Megginson <rmeggins>
Component: rhel-system-rolesAssignee: Rich Megginson <rmeggins>
Status: CLOSED ERRATA QA Contact: Jakub Haruda <jharuda>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 9.1CC: jharuda, nhosoi, spetrosi, vtrefny
Target Milestone: rcKeywords: Triaged
Target Release: 9.1Flags: pm-rhel: mirror+
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: role:storage
Fixed In Version: rhel-system-roles-1.19.2-1.el9 Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of:
: 2096397 (view as bug list) Environment:
Last Closed: 2022-11-15 10:23:47 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2096397    

Description Rich Megginson 2022-06-09 20:41:02 UTC 
in blivet.py:1371 thinlv is accessed - then at line 1378 it is checked for None - should either be guaranteed not None, or checked for None first
Comment 1 Rich Megginson 2022-06-09 20:49:39 UTC 
This bug was introduced with https://github.com/linux-system-roles/storage/pull/269

This is the coverity output:

Error: REVERSE_INULL (CWE-476): [#def1]
auto-maintenance-fe4fd028db23607414acce481388f23ac51cd944/storage/library/blivet.py:1369: alias: Assigning: "thinlv" = "__coverity_temp_var5".
auto-maintenance-fe4fd028db23607414acce481388f23ac51cd944/storage/library/blivet.py:1371: deref: Accessing a property of "thinlv".
auto-maintenance-fe4fd028db23607414acce481388f23ac51cd944/storage/library/blivet.py:1378: check_after_deref: Null-checking "thinlv" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.

Here is the code in question: https://github.com/linux-system-roles/storage/blob/master/library/blivet.py#L1369-L1379

        for thinlv in thinlvs_to_create:

            if thinlv['size'] is None:
                tlv_size = Size(calculated_thinlv_size)
            else:
                tlv_size = Size(thinlv['size'])

            thinlv_params = dict(thin_pool=True, size=tlv_size, parents=[pool_device])

            if thinlv is not None:
                thinlv_params.update(dict(name=thinlv['name']))

If it is possible for thinlv to be None, then the code will blow up on thinlv['size'] - either we need to guarantee that thinlv will never be None, and get rid of the 'if thinlv is not None' check, or move that check to the first line of code inside the loop, and do something to avoid using thinlv in subsequent code.

Jan, please take a look.
Comment 10 errata-xmlrpc 2022-11-15 10:23:47 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (rhel-system-roles bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2022:8117