1525980 – Fix Covscan detected programming errors

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1525980 - Fix Covscan detected programming errors

Summary: Fix Covscan detected programming errors

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	iptables
Sub Component:
Version:	7.5
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Phil Sutter
QA Contact:	Tomas Dolezal
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	1504660 (view as bug list)
Depends On:
Blocks:	1654714
TreeView+	depends on / blocked

Reported:	2017-12-14 14:21 UTC by Phil Sutter
Modified:	2019-08-06 13:06 UTC (History)
CC List:	4 users (show)
Fixed In Version:	iptables-1.4.21-32.el7
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2019-08-06 13:06:28 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
scan-results.err (70.23 KB, text/plain) 2017-12-14 14:21 UTC, Phil Sutter	no flags	Details
scan results with own notes added (75.25 KB, text/plain) 2019-02-18 15:18 UTC, Phil Sutter	no flags	Details
Show Obsolete (1) View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2019:2218	0	None	None	None	2019-08-06 13:06:36 UTC

Description Phil Sutter 2017-12-14 14:21:08 UTC

Created attachment 1368015 [details]
scan-results.err

Covscan detected a number of issues in current iptables build for RHEL7.

Comment 2 Phil Sutter 2018-06-04 12:59:15 UTC

*** Bug 1504660 has been marked as a duplicate of this bug. ***

Comment 4 Phil Sutter 2019-02-18 15:17:24 UTC

All relevant issues fixed upstream. These commits need backporting:

1788f545aae285fa3cd6595d5d25b2ae1b215282
22ef371abeeec789bb6a701352dcb961556595c2
4144571f87c094471419ef59e8bb89ef33cd1365
4e499d53d558bed55c8fe74390250dbfd6da3efc
52aa15098ebd62eaca9eb3c57c240df2455d8e9b
56d7ab42f37829ab8d42f34b77fd630ce08f5a7c
6fc7762f6f78526e3cb0c189ac2778a6be4c00b5
61ebf3f72ac62d887414c50fc83e277386f54e8f
6b7145fa2112e257073cc44346e9891fa23ce9c2
71de414c21f7f31270e5d62e782e52257e5c3d06
749d3c2ecd6a9dc21f5a442c44495cb705621dff
74eb2395c838460384286c2b95f711ae275a46cb
7e50ebabbf9c3a5eeb9511d9f32c6104b56da5cd
8c786a351a441ff23ad5d9d1da8cec492f88f542
8e798e050367dfe43bb958f11dd3170b03bda49e
a3716cc1a501e40e26a96d78b2e1285bb081f366
a76ba54e2833761c46fd57cbe2486cbc38686717
ab639f236ff85d2f447cc6601c7ff42cefdaf853
d0c1f1b4ad4e3b91220a03514031ee879db832d0
d0e3d95fa3442c6ff32f7fed3e0d2eeb2248ef9f
d95c1e8b65c4ec66b8fcd2f7ede257853a888750
e6f986762667ee2b2d61e7978d460f28916158a3

Following backports are optional:

8da04ffdca1931402a6bc22c43c1a2fa1c6f1e14
-> just to silence covscan, it's not an actual bug

29b1d97764d1849651388d870565b3fa815a0bd8
-> only if feasible, also check for follow-ups
-> if not, fix libxt_devgroup.c downstream only

In addition to that, downstream only fixes should be applied for:

* trailing whitespace after variable declaration in ip{6,}tables.init
* array overrun in libip{6,}t_REJECT.c (upstream fix doesn't apply)

Comment 5 Phil Sutter 2019-02-18 15:18:46 UTC

Created attachment 1536018 [details]
scan results with own notes added

scan results with own notes added

Comment 6 Phil Sutter 2019-03-15 16:18:34 UTC

(In reply to Phil Sutter from comment #4)
> 29b1d97764d1849651388d870565b3fa815a0bd8
> -> only if feasible, also check for follow-ups
> -> if not, fix libxt_devgroup.c downstream only

This one is actually a false-positive, described code-path calls
xtables_error() which causes program exit.

Comment 10 errata-xmlrpc 2019-08-06 13:06:28 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:2218

Note You need to log in before you can comment on or make changes to this bug.