Bug 723546 - Defects revealed by Coverity scan
Summary: Defects revealed by Coverity scan
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: util-linux-ng
Version: 6.1
Hardware: Unspecified
OS: Unspecified
low
low
Target Milestone: rc
: ---
Assignee: Karel Zak
QA Contact: qe-baseos-daemons
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-07-20 14:37 UTC by Michal Luscon
Modified: 2011-12-06 17:11 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-12-06 17:11:20 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2011:1691 0 normal SHIPPED_LIVE Low: util-linux-ng security, bug fix, and enhancement update 2011-12-06 01:02:36 UTC

Description Michal Luscon 2011-07-20 14:37:48 UTC 
Description of problem:

util-linux-ng-2.17.2/misc-utils/findmnt.c:425: check_return: Calling function "mnt_tab_next_fs" without checking return value (as is done elsewhere 12 out of 13 times).

util-linux-ng-2.17.2/misc-utils/lsblk.c:835 - unsigned int n == 9223372036854775807UL * 2UL + 1UL is always false.

util-linux-ng-2.17.2/shlibs/mount/src/optstr.c:482 - Comparing "ent" to null implies that "ent" might be null.
util-linux-ng-2.17.2/shlibs/mount/src/optstr.c:486 - Dereferencing null variable "ent".

util-linux-ng-2.17.2/shlibs/mount/src/fs.c:470: - Calling allocation function mnt_split_optstr on f. Variable "f" is not freed in function mnt_fs_append_options.


Version-Release number of selected component (if applicable):
2.17.2-12

Additional info:
These defects were probably introduced by Red Hat patches.
Comment 2 Karel Zak 2011-07-20 16:03:10 UTC 
(In reply to comment #0)
> Description of problem:
> 
> util-linux-ng-2.17.2/misc-utils/findmnt.c:425: check_return: Calling function
> "mnt_tab_next_fs" without checking return value (as is done elsewhere 12 out of
> 13 times).

 Fixed by upstream commit e3963f60134722065d7d7cb95f347208e5b7a812

> util-linux-ng-2.17.2/misc-utils/lsblk.c:835 - unsigned int n ==
> 9223372036854775807UL * 2UL + 1UL is always false.

 Fixed by upstream commit ed34643cbc78a018302789a7c1f51a833f8e5031
 
> util-linux-ng-2.17.2/shlibs/mount/src/optstr.c:482 - Comparing "ent" to null
> implies that "ent" might be null.
> util-linux-ng-2.17.2/shlibs/mount/src/optstr.c:486 - Dereferencing null
> variable "ent".

 Fixed by upstream commit 1734f82c2435c35a9b575297a93942cf880b5913

> util-linux-ng-2.17.2/shlibs/mount/src/fs.c:470: - Calling allocation function
> mnt_split_optstr on f. Variable "f" is not freed in function
> mnt_fs_append_options.

 Fixed by upstream commit f2b3a3a3288d56b09d878c3e2b5310268f2f4d31.

Fix all in RHEL should pretty simple.
Comment 6 Karel Volný 2011-10-21 14:25:11 UTC 
SanityOnly

there is the new patch util-linux-ng-2.17-coverity-e62.patch which fixes the mentioned issues and it applies cleanly during the build:

+ echo 'Patch #47 (util-linux-ng-2.17-coverity-e62.patch):'
Patch #47 (util-linux-ng-2.17-coverity-e62.patch):
+ /bin/cat /builddir/build/SOURCES/util-linux-ng-2.17-coverity-e62.patch
+ /usr/bin/patch -s -p1 --fuzz=0
+ echo 'Patch #48 (util-linux-ng-2.17-cfdisk-size.patch):'

http://download.devel.redhat.com/brewroot/packages/util-linux-ng/2.17.2/12.4.el6/data/logs/i686/build.log


NEEDINFO reporter - please could you re-run the coverity scan and eventually switch this to VERIFIED?
Comment 9 errata-xmlrpc 2011-12-06 17:11:20 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2011-1691.html
Note You need to log in before you can comment on or make changes to this bug.