| Summary: | Coverity scan revealed defects | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Michal Luscon <mluscon> | ||||
| Component: | libvirt-cim | Assignee: | Daniel Veillard <veillard> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Virtualization Bugs <virt-bugs> | ||||
| Severity: | unspecified | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | 6.2 | CC: | ajia, dyuan, elima, kdudka, mzhan, ovasik | ||||
| Target Milestone: | rc | ||||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | libvirt-cim-0.5.14-2.el6 | Doc Type: | Bug Fix | ||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | |||||||
| : | 750418 (view as bug list) | Environment: | |||||
| Last Closed: | 2011-12-06 12:11:59 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | ||||||
| Bug Depends On: | |||||||
| Bug Blocks: | 750418 | ||||||
| Attachments: |
|
||||||
|
Description
Michal Luscon
2011-08-04 13:54:14 UTC
(In reply to comment #0) > Description of problem: > Patches on the mailing list, waiting for review and push. > 1. > /src/Virt_SwitchService.c:5 - Comparing "stream" to null implies that "stream" > might be null. > /src/Virt_SwitchService.c:94 - Passing null variable "stream" to function > "pclose", which dereferences it. > https://www.redhat.com/archives/libvirt-cim/2011-August/msg00010.html > 2. > /src/Virt_VirtualSystemManagementService.c:1048 - Comparing "path" to null > implies that "path" might be null. > /src/Virt_VirtualSystemManagementService.c:1057 - Dereferencing null variable > "path". > > 3. > /src/Virt_VirtualSystemManagementService.c:1088 - Comparing "port" to null > implies that "port" might be null. > /src/Virt_VirtualSystemManagementService.c:1094 - Dereferencing null variable > "port". > https://www.redhat.com/archives/libvirt-cim/2011-August/msg00008.html > 4. > /libxkutil/acl_parsing.c:630, 659: - Function "malloc" without NULL check. > > 5. > libxkutil/acl_parsing.c:397 - Dynamically allocated variable rule is not freed > in function parse_acl_filter as a result of line #399. > > 6. > /libxkutil/acl_parsing.c144 - Function cleanup_filter does not free its > parameter filter (this causes a lot of Coverity Resource leak warnings). > > https://www.redhat.com/archives/libvirt-cim/2011-August/msg00009.html > 5. > /libxkutil/device_parsing.c:106 - Function cleanup_virt_device does not free > its parameter dev (this causes a lot of Coverity Resource leak warnings). > https://www.redhat.com/archives/libvirt-cim/2011-August/msg00015.html Okay but it would be better if that was commited to Mercurial :-) Daniel Build libvirt-cim-0.5.14-2.el6 done including the patches Daniel Last one of those patches went upstream, but there were other patches pushed as well. If possible, use mercurial revision 1133. Thanks for the report. There are still many issues need be resolved such as resource leak:
Analysis summary report:
------------------------
Files analyzed : 65
Total LoC input to cov-analyze : 54250
Functions analyzed : 981
Paths analyzed : 21930
New defects found : 101 Total
2 ARRAY_VS_SINGLETON
6 CHECKED_RETURN
2 DEADCODE
14 FORWARD_NULL
4 NEGATIVE_RETURNS
2 NO_EFFECT
7 NULL_RETURNS
34 RESOURCE_LEAK
5 REVERSE_INULL
6 UNINIT
9 UNUSED_VALUE
10 USE_AFTER_FREE
For details, please see attachment.
Alex
Created attachment 530435 [details]
CoverityScan
covscan on libvirt-cim-0.5.14-2.el6.
Alex - with these CoverityScan bugzillas we care only about the differences from previous RHEL-6 version of the package - from the rest, only the most important issues should be fixed in the RHEL-6. As any fix brings some risk of introducing new issues the further cleanup of defects found by Coverity should probably be done upstream and possibly for the most critical ones new 6.3 bugzilla should be opened. (In reply to comment #9) > Created attachment 530435 [details] > CoverityScan > > covscan on libvirt-cim-0.5.14-2.el6. Thanks for the detailed report, we will address those as soon as possible. FYI, the patches which fix the issues raised by this last report have been pushed upstream. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2011-1587.html |