Bugzilla will be upgraded to version 5.0 on December 2, 2018. The outage period for the upgrade will start at 0:00 UTC and have a duration of 12 hours
Bug 611790 - fix coverity Defect Type: Null pointer dereferences issues 11940 - 12166
fix coverity Defect Type: Null pointer dereferences issues 11940 - 12166
Status: CLOSED CURRENTRELEASE
Product: 389
Classification: Retired
Component: Directory Server (Show other bugs)
1.2.7
All All
low Severity low
: ---
: ---
Assigned To: Rich Megginson
Chandrasekar Kannan
:
Depends On:
Blocks: 389_1.2.7 639035
  Show dependency treegraph
 
Reported: 2010-07-06 10:41 EDT by Endi Sukma Dewata
Modified: 2015-01-04 18:43 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-05-17 10:08:59 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
0001-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (2.88 KB, patch)
2010-07-06 17:18 EDT, Endi Sukma Dewata
rmeggins: review-
Details | Diff
0002-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (23.20 KB, patch)
2010-07-06 17:18 EDT, Endi Sukma Dewata
no flags Details | Diff
0003-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (1.40 KB, patch)
2010-07-06 17:19 EDT, Endi Sukma Dewata
rmeggins: review+
Details | Diff
0004-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (1.22 KB, patch)
2010-07-06 17:19 EDT, Endi Sukma Dewata
rmeggins: review-
Details | Diff
0005-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (1.29 KB, patch)
2010-07-06 17:20 EDT, Endi Sukma Dewata
rmeggins: review-
Details | Diff
0006-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (1.43 KB, patch)
2010-07-06 17:21 EDT, Endi Sukma Dewata
rmeggins: review+
Details | Diff
0007-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (4.79 KB, patch)
2010-07-06 17:21 EDT, Endi Sukma Dewata
rmeggins: review+
Details | Diff
0008-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (4.78 KB, patch)
2010-07-06 17:22 EDT, Endi Sukma Dewata
no flags Details | Diff
0009-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (1.68 KB, patch)
2010-07-06 17:22 EDT, Endi Sukma Dewata
rmeggins: review+
Details | Diff
0010-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (1.53 KB, patch)
2010-07-06 17:23 EDT, Endi Sukma Dewata
rmeggins: review+
Details | Diff
0011-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (1.61 KB, patch)
2010-07-06 17:23 EDT, Endi Sukma Dewata
rmeggins: review-
Details | Diff
0012-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (2.04 KB, patch)
2010-07-06 17:24 EDT, Endi Sukma Dewata
rmeggins: review-
Details | Diff
0013-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (4.33 KB, patch)
2010-07-06 17:25 EDT, Endi Sukma Dewata
rmeggins: review+
Details | Diff
0014-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (1.60 KB, patch)
2010-07-06 17:25 EDT, Endi Sukma Dewata
rmeggins: review+
Details | Diff
0015-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (2.44 KB, patch)
2010-07-06 17:26 EDT, Endi Sukma Dewata
rmeggins: review+
Details | Diff
0016-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (1.15 KB, patch)
2010-07-06 17:27 EDT, Endi Sukma Dewata
rmeggins: review+
Details | Diff
0017-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (2.88 KB, patch)
2010-07-06 17:27 EDT, Endi Sukma Dewata
nhosoi: review+
Details | Diff
0018-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (1.56 KB, patch)
2010-07-06 17:28 EDT, Endi Sukma Dewata
nhosoi: review+
Details | Diff
0019-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (939 bytes, patch)
2010-07-06 17:29 EDT, Endi Sukma Dewata
nhosoi: review+
Details | Diff
0020-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (1.16 KB, patch)
2010-07-06 17:29 EDT, Endi Sukma Dewata
nhosoi: review+
Details | Diff
0021-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (1.81 KB, patch)
2010-07-06 17:30 EDT, Endi Sukma Dewata
nhosoi: review+
Details | Diff
0004a-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (1.27 KB, patch)
2010-07-07 12:18 EDT, Endi Sukma Dewata
no flags Details | Diff
0005a-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (1.34 KB, patch)
2010-07-07 12:18 EDT, Endi Sukma Dewata
nhosoi: review+
Details | Diff
0008a-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (4.67 KB, patch)
2010-07-07 15:58 EDT, Endi Sukma Dewata
nhosoi: review+
Details | Diff
0011a-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (1.72 KB, patch)
2010-07-07 15:59 EDT, Endi Sukma Dewata
no flags Details | Diff
0012a-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (1.53 KB, patch)
2010-07-07 16:00 EDT, Endi Sukma Dewata
nhosoi: review+
Details | Diff
0011b-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (1.65 KB, patch)
2010-07-12 15:37 EDT, Endi Sukma Dewata
nhosoi: review+
Details | Diff
0004b-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch (2.29 KB, patch)
2010-08-20 21:07 EDT, Noriko Hosoi
nhosoi: review?
nhosoi: review?
rmeggins: review+
Details | Diff

  None (edit)
Description Endi Sukma Dewata 2010-07-06 10:41:36 EDT
fix coverity Defect Type: Null pointer dereferences issues 11940 - 12166
Comment 2 Endi Sukma Dewata 2010-07-06 17:18:06 EDT
Created attachment 429893 [details]
0001-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch
Comment 3 Endi Sukma Dewata 2010-07-06 17:18:47 EDT
Created attachment 429894 [details]
0002-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch
Comment 4 Endi Sukma Dewata 2010-07-06 17:19:15 EDT
Created attachment 429895 [details]
0003-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch
Comment 5 Endi Sukma Dewata 2010-07-06 17:19:56 EDT
Created attachment 429896 [details]
0004-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch
Comment 6 Endi Sukma Dewata 2010-07-06 17:20:30 EDT
Created attachment 429897 [details]
0005-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch
Comment 7 Endi Sukma Dewata 2010-07-06 17:21:01 EDT
Created attachment 429898 [details]
0006-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch
Comment 8 Endi Sukma Dewata 2010-07-06 17:21:33 EDT
Created attachment 429899 [details]
0007-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch
Comment 9 Endi Sukma Dewata 2010-07-06 17:22:20 EDT
Created attachment 429900 [details]
0008-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch
Comment 10 Endi Sukma Dewata 2010-07-06 17:22:54 EDT
Created attachment 429901 [details]
0009-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch
Comment 11 Endi Sukma Dewata 2010-07-06 17:23:29 EDT
Created attachment 429902 [details]
0010-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch
Comment 12 Endi Sukma Dewata 2010-07-06 17:23:56 EDT
Created attachment 429903 [details]
0011-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch
Comment 13 Endi Sukma Dewata 2010-07-06 17:24:32 EDT
Created attachment 429904 [details]
0012-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch
Comment 14 Endi Sukma Dewata 2010-07-06 17:25:01 EDT
Created attachment 429906 [details]
0013-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch
Comment 15 Endi Sukma Dewata 2010-07-06 17:25:47 EDT
Created attachment 429907 [details]
0014-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch
Comment 16 Endi Sukma Dewata 2010-07-06 17:26:24 EDT
Created attachment 429908 [details]
0015-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch
Comment 17 Endi Sukma Dewata 2010-07-06 17:27:07 EDT
Created attachment 429909 [details]
0016-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch
Comment 18 Endi Sukma Dewata 2010-07-06 17:27:43 EDT
Created attachment 429910 [details]
0017-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch
Comment 19 Endi Sukma Dewata 2010-07-06 17:28:51 EDT
Created attachment 429911 [details]
0018-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch
Comment 20 Endi Sukma Dewata 2010-07-06 17:29:31 EDT
Created attachment 429912 [details]
0019-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch
Comment 21 Endi Sukma Dewata 2010-07-06 17:29:56 EDT
Created attachment 429913 [details]
0020-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch
Comment 22 Endi Sukma Dewata 2010-07-06 17:30:55 EDT
Created attachment 429914 [details]
0021-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch
Comment 23 Rich Megginson 2010-07-06 19:12:06 EDT
Comment on attachment 429893 [details]
0001-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch

I just pushed a patch that removes lexer.h and lexer.cpp

commit 4a103859b7100bc30046ecba3efca2e8f0b09c7d
Author: Rich Megginson <rmeggins@redhat.com>
Date:   Thu Jul 1 11:39:02 2010 -0600
Comment 24 Rich Megginson 2010-07-06 19:13:19 EDT
Comment on attachment 429894 [details]
0002-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch

I think noriko has a patch that conflicts with this one - you should coordinate with her
Comment 25 Rich Megginson 2010-07-06 19:17:01 EDT
Comment on attachment 429896 [details]
0004-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch

I think this will leak macro_str and working_list
Comment 26 Rich Megginson 2010-07-06 19:18:17 EDT
Comment on attachment 429897 [details]
0005-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch

This will leak macro_prefix
Comment 27 Rich Megginson 2010-07-06 19:25:08 EDT
Comment on attachment 429899 [details]
0007-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch

in general, it's not a good idea to change the formatting - this one was ok, not too big, and easy to find the actual bug fix intermixed with the formatting changes - but for large patches, with many lines of formatting changes, it makes it difficult to read
I know the formatting is really bad in a lot of files - I have to resist the urge to reformat things constantly . . .
Comment 28 Rich Megginson 2010-07-06 19:37:24 EDT
Comment on attachment 429900 [details]
0008-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch

This change:
@@ -4781,6 +4775,12 @@ static int _cl5GetRUV2Purge2 (Object *fileObj, RUV **ruv)
     
     rObj = replica_get_by_name (dbFile->replName);
     PR_ASSERT (rObj);
+
+    if (!rObj) {
+        rc = CL5_MEMORY_ERROR;
+        goto out;
+    }
+

skips line 4800
    object_release (supRUVObj);

is this ok to do?
Comment 29 Endi Sukma Dewata 2010-07-07 12:18:00 EDT
Created attachment 430107 [details]
0004a-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch
Comment 30 Endi Sukma Dewata 2010-07-07 12:18:46 EDT
Created attachment 430108 [details]
0005a-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch
Comment 31 Rich Megginson 2010-07-07 13:28:07 EDT
Comment on attachment 429903 [details]
0011-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch

need to init value in my_ber_scanf_attr:
    Slapi_Value *value = NULL;
Comment 32 Rich Megginson 2010-07-07 13:32:35 EDT
Comment on attachment 429904 [details]
0012-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch

The caller may expect *entry = NULL even if !windows_conn_connected(conn)

just do something like this at the beginning of the function:
if (!entry) {
    log error message
    return CONN_LOCAL_ERROR; /* entry should never == NULL here */
}

*entry = NULL;
....
Comment 33 Endi Sukma Dewata 2010-07-07 15:58:26 EDT
Created attachment 430165 [details]
0008a-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch
Comment 34 Endi Sukma Dewata 2010-07-07 15:59:50 EDT
Created attachment 430166 [details]
0011a-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch
Comment 35 Endi Sukma Dewata 2010-07-07 16:00:17 EDT
Created attachment 430167 [details]
0012a-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch
Comment 37 Endi Sukma Dewata 2010-07-12 15:37:41 EDT
Created attachment 431250 [details]
0011b-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch

Fixed a problem during merging.
Comment 38 Noriko Hosoi 2010-08-20 21:07:37 EDT
Created attachment 440076 [details]
0004b-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch

http://10.16.47.145:8080/sourcebrowser.htm?projectId=10030#mergedDefectId=11961&streamDefectId=12147&defectInstanceId=14012&evidenceId=35035&fileInstanceId=49276

I propose a new patch for 0004a-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch

Description: Caller aclutil_evaluate_macro was not checking the NULL return. Added the check to the patch.  Also, another error case could just return NULL.
Comment 39 Rich Megginson 2010-08-20 22:09:32 EDT
Comment on attachment 440076 [details]
0004b-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch

You could use LDAPDebug1Arg here, and use slapi_ch_free_string(&macro_str);
Comment 49 Noriko Hosoi 2010-08-23 19:56:43 EDT
Comment on attachment 429894 [details]
0002-Bug-611790-fix-coverify-Defect-Type-Null-pointer-der.patch

Subset of this change.

    609255 - fix coverity Defect Type: Memory - illegal accesses issues
    
    https://bugzilla.redhat.com/show_bug.cgi?id=609255
    
    12241 Triaged Unassigned Bug Minor Fix Required
    delete_acl_from_file(char *, char *…) ds/lib/libaccess/acltools.cpp
    
    12242 UNINIT Triaged Unassigned Bug Minor Fix Required
    get_acl_from_file(char *, char *, ACLListHandle **…) ds/lib/libaccess/acltools.cpp
    
    12243 UNINIT Triaged Unassigned Bug Minor Fix Required
    ACL_FileGetNameList() ds/lib/libaccess/acltools.cpp
    
    12244 UNINIT Triaged Unassigned Bug Minor Fix Required
    ACL_FileGetNameList() ds/lib/libaccess/acltools.cpp
    
    12245 UNINIT Triaged Unassigned Bug Minor Fix Required
    rename_acl_in_file(char *, char *, char *…) ds/lib/libaccess/acltools.cpp
    
    12246 UNINIT Triaged Unassigned Bug Minor Fix Required
    append_acl_to_file(char *, char *, char *…) ds/lib/libaccess/acltools.cpp
    
    12247 UNINIT Triaged Unassigned Bug Minor Fix Required
    append_acl_to_file(char *, char *, char *…) ds/lib/libaccess/acltools.cpp
    
    Comment:
    ACL_FileRenameAcl, ACL_FileDeleteAcl, ACL_FileGetAcl, ACL_FileSetAcl,
    ACL_FileMergeAcl, ACL_FileMergeFile and their helper functions are
    not used.  These functions and their helper functions plus libaccess
    test programs under the directory ./utest are eliminated.
Comment 50 Noriko Hosoi 2010-08-23 20:24:25 EDT
On behalf of Endi (edewata@redhat.com), pushed to master.

$ git merge coverity
Updating e5fe26a..0712904
Fast-forward
 ldap/servers/plugins/acl/acl.c                     |    7 ++-
 ldap/servers/plugins/acl/acllas.c                  |   56 +++++++------
 ldap/servers/plugins/acl/aclutil.c                 |   29 +++++---
 ldap/servers/plugins/cos/cos_cache.c               |   12 +++-
 ldap/servers/plugins/http/http_impl.c              |   81 +++++++++++---------
 ldap/servers/plugins/replication/cl5_api.c         |   52 ++++++++-----
 ldap/servers/plugins/replication/repl5_replica.c   |   16 ++++
 ldap/servers/plugins/replication/repl5_ruv.c       |    8 ++-
 ldap/servers/plugins/replication/repl5_total.c     |   11 ++-
 .../plugins/replication/windows_connection.c       |    7 ++
 .../plugins/replication/windows_protocol_util.c    |   41 ++++++----
 ldap/servers/plugins/retrocl/retrocl_trim.c        |   15 +++-
 ldap/servers/plugins/roles/roles_cache.c           |   19 ++++-
 ldap/servers/slapd/back-ldbm/dblayer.c             |    2 +
 ldap/servers/slapd/plugin.c                        |   60 ++++++---------
 ldap/servers/slapd/result.c                        |    4 +-
 lib/ldaputil/certmap.c                             |    1 +
 lib/libaccess/lasip.cpp                            |   16 +++-
 lib/libsi18n/reshash.c                             |   21 +++++-
 19 files changed, 292 insertions(+), 166 deletions(-)

$ git push
Counting objects: 160, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (125/125), done.
Writing objects: 100% (125/125), 14.05 KiB, done.
Total 125 (delta 106), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/ds.git
   e5fe26a..0712904  master -> master

Note You need to log in before you can comment on or make changes to this bug.