Bug 1960323 - Address issues raised by coverity security scan
Summary: Address issues raised by coverity security scan
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Installer
Version: 4.8
Hardware: Unspecified
OS: Unspecified
low
low
Target Milestone: ---
: 4.8.0
Assignee: Aditya Narayanaswamy
QA Contact: Gaoyun Pei
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-05-13 16:38 UTC by Aditya Narayanaswamy
Modified: 2021-07-27 23:08 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Coverity security scan picked up some defects in the installer code which are mostly lack of logging or dead code. Fixed the defects that seemed relevant.
Clone Of:
Environment:
Last Closed: 2021-07-27 23:08:23 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift installer pull 4932 0 None open Bug 1960323: Fix defects in the installer code 2021-05-13 16:54:15 UTC
Red Hat Product Errata RHSA-2021:2438 0 None None None 2021-07-27 23:08:37 UTC

Description Aditya Narayanaswamy 2021-05-13 16:38:48 UTC
Thanks for opening a bug report!
Before hitting the button, please fill in as much of the template below as you can.
If you leave out information, it's harder to help you.
Be ready for follow-up questions, and please respond in a timely manner.
If we can't reproduce a bug we might close your issue.
If we're wrong, PLEASE feel free to reopen it and explain why.

Version:

$ openshift-install version
<your output here>

Platform: All


What happened?
There are a few defects in the installer code that are reported by
http://download.eng.bos.redhat.com/rcm-guest/puddles/RHAOS/coverity/results/ose-installer/fe9e87fb04ae777d913e5787792756208392cf3a/stage_1/all_results.html

These need to be addressed.

Comment 3 Gaoyun Pei 2021-05-20 07:13:38 UTC
The proposed PR was merged into nightly build since payload 4.8.0-0.nightly-2021-05-17-231618.

Checked QE's CI jobs triggered with newer payload, such as the following ones:
4.8.0-0.nightly-2021-05-18-072155 
4.8.0-0.nightly-2021-05-18-205323
4.8.0-0.nightly-2021-05-19-123944

The installation on AWS/Azure/GCP/vSphere all passed, no regression issue found, move the bug to verified.

Comment 6 errata-xmlrpc 2021-07-27 23:08:23 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.8.2 bug fix and security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:2438


Note You need to log in before you can comment on or make changes to this bug.