706390 – Coverity scan

Bug 706390 - Coverity scan

Summary: Coverity scan

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	environment-modules
Sub Component:
Version:	15
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Orion Poplawski
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2011-05-20 11:26 UTC by Michal Luscon
Modified:	2011-11-22 23:15 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2011-11-22 23:15:42 UTC
Type:	---
Dependent Products:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Michal Luscon 2011-05-20 11:26:12 UTC

Description of problem:

utility.c:1042, 1099, 1112, 1129, 1139, - function stringer without NULL check.(potentially dereferencing NULL variable escaped)

utility.c:3043 - Using uninitialized variable result(depending on line 3040)

Please also check
utility.c:2593 - Function strchar may return NULL
utility.c:2601 - If string does not contain ending parenthesis, NULL variable slashptr will be dereferenced. I am not sure about possibility of this situation. 


Version-Release number of selected component (if applicable):
3.2.8

Comment 1 Orion Poplawski 2011-05-20 14:34:53 UTC

I really think things like this are better reported directly upstream.  I'll pass it on though.

Comment 2 Ondrej Vasik 2011-05-23 12:51:54 UTC

Thanks Orion for passing it to upstream, if they are interested, we could provide the full log, so they could check if Michal did filtered false positives correctly. Just let us know in that case... Next time we will try to contact upstream first, if possible and upstream alive. Sorry...

Note You need to log in before you can comment on or make changes to this bug.