Bug 728245

Summary: Coverity scan revealed defects
Product: Red Hat Enterprise Linux 6 Reporter: Michal Luscon <mluscon>
Component: libvirt-cimAssignee: Daniel Veillard <veillard>
Status: CLOSED ERRATA QA Contact: Virtualization Bugs <virt-bugs>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.2CC: ajia, dyuan, elima, kdudka, mzhan, ovasik
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: libvirt-cim-0.5.14-2.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 750418 (view as bug list) Environment:
Last Closed: 2011-12-06 12:11:59 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On:    
Bug Blocks: 750418    
Attachments:
Description Flags
CoverityScan none

Description Michal Luscon 2011-08-04 13:54:14 UTC
Description of problem:

1.
/src/Virt_SwitchService.c:5 - Comparing "stream" to null implies that "stream" might be null.
/src/Virt_SwitchService.c:94 - Passing null variable "stream" to function "pclose", which dereferences it.

2.
/src/Virt_VirtualSystemManagementService.c:1048 - Comparing "path" to null implies that "path" might be null.
/src/Virt_VirtualSystemManagementService.c:1057 - Dereferencing null variable "path".

3.
/src/Virt_VirtualSystemManagementService.c:1088 - Comparing "port" to null implies that "port" might be null.
/src/Virt_VirtualSystemManagementService.c:1094 - Dereferencing null variable "port".

4.
/libxkutil/acl_parsing.c:630, 659: - Function "malloc" without NULL check.

5.
libxkutil/acl_parsing.c:397 - Dynamically allocated variable rule is not freed in function parse_acl_filter as a result of line #399.

5.
/libxkutil/device_parsing.c:106 - Function cleanup_virt_device does not free its parameter dev (this causes a lot of Coverity Resource leak warnings). 

6.
/libxkutil/acl_parsing.c144 - Function cleanup_filter does not free its parameter filter (this causes a lot of Coverity Resource leak warnings).


Version-Release number of selected component (if applicable):
0.5.14

Additional info:
These defects were added between RHEL-6.1 and RHEL-6.2 version of package.

Comment 3 Eduardo Lima (Etrunko) 2011-08-11 15:15:00 UTC
(In reply to comment #0)
> Description of problem:
> 

Patches on the mailing list, waiting for review and push.

> 1.
> /src/Virt_SwitchService.c:5 - Comparing "stream" to null implies that "stream"
> might be null.
> /src/Virt_SwitchService.c:94 - Passing null variable "stream" to function
> "pclose", which dereferences it.
> 

https://www.redhat.com/archives/libvirt-cim/2011-August/msg00010.html

> 2.
> /src/Virt_VirtualSystemManagementService.c:1048 - Comparing "path" to null
> implies that "path" might be null.
> /src/Virt_VirtualSystemManagementService.c:1057 - Dereferencing null variable
> "path".
> 
> 3.
> /src/Virt_VirtualSystemManagementService.c:1088 - Comparing "port" to null
> implies that "port" might be null.
> /src/Virt_VirtualSystemManagementService.c:1094 - Dereferencing null variable
> "port".
> 

https://www.redhat.com/archives/libvirt-cim/2011-August/msg00008.html

> 4.
> /libxkutil/acl_parsing.c:630, 659: - Function "malloc" without NULL check.
> 
> 5.
> libxkutil/acl_parsing.c:397 - Dynamically allocated variable rule is not freed
> in function parse_acl_filter as a result of line #399.
> 
> 6.
> /libxkutil/acl_parsing.c144 - Function cleanup_filter does not free its
> parameter filter (this causes a lot of Coverity Resource leak warnings).
> 
> 

https://www.redhat.com/archives/libvirt-cim/2011-August/msg00009.html

> 5.
> /libxkutil/device_parsing.c:106 - Function cleanup_virt_device does not free
> its parameter dev (this causes a lot of Coverity Resource leak warnings). 
> 

https://www.redhat.com/archives/libvirt-cim/2011-August/msg00015.html

Comment 4 Daniel Veillard 2011-08-15 08:14:47 UTC
Okay but it would be better if that was commited to Mercurial :-)

Daniel

Comment 5 Daniel Veillard 2011-08-16 14:16:11 UTC
Build libvirt-cim-0.5.14-2.el6 done including the patches

Daniel

Comment 7 Eduardo Lima (Etrunko) 2011-08-19 18:54:56 UTC
Last one of those patches went upstream, but there were other patches pushed as well. If possible, use mercurial revision 1133. Thanks for the report.

Comment 8 Alex Jia 2011-10-27 07:27:17 UTC
There are still many issues need be resolved such as resource leak:

Analysis summary report:
------------------------
Files analyzed                 : 65
Total LoC input to cov-analyze : 54250
Functions analyzed             : 981
Paths analyzed                 : 21930
New defects found              : 101 Total
                                   2 ARRAY_VS_SINGLETON
                                   6 CHECKED_RETURN
                                   2 DEADCODE
                                  14 FORWARD_NULL
                                   4 NEGATIVE_RETURNS
                                   2 NO_EFFECT
                                   7 NULL_RETURNS
                                  34 RESOURCE_LEAK
                                   5 REVERSE_INULL
                                   6 UNINIT
                                   9 UNUSED_VALUE
                                  10 USE_AFTER_FREE

For details, please see attachment.

Alex

Comment 9 Alex Jia 2011-10-27 07:28:14 UTC
Created attachment 530435 [details]
CoverityScan

covscan on libvirt-cim-0.5.14-2.el6.

Comment 10 Ondrej Vasik 2011-10-27 08:29:16 UTC
Alex - with these CoverityScan bugzillas we care only about the differences from previous RHEL-6 version of the package - from the rest, only the most important issues should be fixed in the RHEL-6.
As any fix brings some risk of introducing new issues the further cleanup of defects found by Coverity should probably be done upstream and possibly for the most critical ones new 6.3 bugzilla should be opened.

Comment 12 Eduardo Lima (Etrunko) 2011-10-27 13:36:30 UTC
(In reply to comment #9)
> Created attachment 530435 [details]
> CoverityScan
> 
> covscan on libvirt-cim-0.5.14-2.el6.

Thanks for the detailed report, we will address those as soon as possible.

Comment 15 Eduardo Lima (Etrunko) 2011-11-22 19:40:09 UTC
FYI, the patches which fix the issues raised by this last report have been pushed upstream.

Comment 16 errata-xmlrpc 2011-12-06 12:11:59 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1587.html