Bug 723546

Summary: Defects revealed by Coverity scan
Product: Red Hat Enterprise Linux 6 Reporter: Michal Luscon <mluscon>
Component: util-linux-ngAssignee: Karel Zak <kzak>
Status: CLOSED ERRATA QA Contact: qe-baseos-daemons
Severity: low Docs Contact:
Priority: low    
Version: 6.1CC: azelinka, jmarko, kvolny
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-12-06 17:11:20 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Michal Luscon 2011-07-20 14:37:48 UTC 
Description of problem:

util-linux-ng-2.17.2/misc-utils/findmnt.c:425: check_return: Calling function "mnt_tab_next_fs" without checking return value (as is done elsewhere 12 out of 13 times).

util-linux-ng-2.17.2/misc-utils/lsblk.c:835 - unsigned int n == 9223372036854775807UL * 2UL + 1UL is always false.

util-linux-ng-2.17.2/shlibs/mount/src/optstr.c:482 - Comparing "ent" to null implies that "ent" might be null.
util-linux-ng-2.17.2/shlibs/mount/src/optstr.c:486 - Dereferencing null variable "ent".

util-linux-ng-2.17.2/shlibs/mount/src/fs.c:470: - Calling allocation function mnt_split_optstr on f. Variable "f" is not freed in function mnt_fs_append_options.


Version-Release number of selected component (if applicable):
2.17.2-12

Additional info:
These defects were probably introduced by Red Hat patches.
Comment 2 Karel Zak 2011-07-20 16:03:10 UTC 
(In reply to comment #0)
> Description of problem:
> 
> util-linux-ng-2.17.2/misc-utils/findmnt.c:425: check_return: Calling function
> "mnt_tab_next_fs" without checking return value (as is done elsewhere 12 out of
> 13 times).

 Fixed by upstream commit e3963f60134722065d7d7cb95f347208e5b7a812

> util-linux-ng-2.17.2/misc-utils/lsblk.c:835 - unsigned int n ==
> 9223372036854775807UL * 2UL + 1UL is always false.

 Fixed by upstream commit ed34643cbc78a018302789a7c1f51a833f8e5031
 
> util-linux-ng-2.17.2/shlibs/mount/src/optstr.c:482 - Comparing "ent" to null
> implies that "ent" might be null.
> util-linux-ng-2.17.2/shlibs/mount/src/optstr.c:486 - Dereferencing null
> variable "ent".

 Fixed by upstream commit 1734f82c2435c35a9b575297a93942cf880b5913

> util-linux-ng-2.17.2/shlibs/mount/src/fs.c:470: - Calling allocation function
> mnt_split_optstr on f. Variable "f" is not freed in function
> mnt_fs_append_options.

 Fixed by upstream commit f2b3a3a3288d56b09d878c3e2b5310268f2f4d31.

Fix all in RHEL should pretty simple.
Comment 6 Karel Volný 2011-10-21 14:25:11 UTC 
SanityOnly

there is the new patch util-linux-ng-2.17-coverity-e62.patch which fixes the mentioned issues and it applies cleanly during the build:

+ echo 'Patch #47 (util-linux-ng-2.17-coverity-e62.patch):'
Patch #47 (util-linux-ng-2.17-coverity-e62.patch):
+ /bin/cat /builddir/build/SOURCES/util-linux-ng-2.17-coverity-e62.patch
+ /usr/bin/patch -s -p1 --fuzz=0
+ echo 'Patch #48 (util-linux-ng-2.17-cfdisk-size.patch):'

http://download.devel.redhat.com/brewroot/packages/util-linux-ng/2.17.2/12.4.el6/data/logs/i686/build.log


NEEDINFO reporter - please could you re-run the coverity scan and eventually switch this to VERIFIED?
Comment 9 errata-xmlrpc 2011-12-06 17:11:20 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2011-1691.html