728184 – Coverity scan results

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 728184 - Coverity scan results

Summary: Coverity scan results

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	netcf
Sub Component:
Version:	6.2
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	rc
Target Release:	---
Assignee:	Laine Stump
QA Contact:	Virtualization Bugs
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	734721 (view as bug list)
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2011-08-04 10:15 UTC by Michal Luscon
Modified:	2011-12-06 15:19 UTC (History)
CC List:	8 users (show)
Fixed In Version:	netcf-0.1.9-2.el6
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2011-12-06 15:19:16 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
CoverityScan for netcf-0.1.9-2.el6.src.rpm (2.11 KB, text/plain) 2011-09-27 07:08 UTC, Alex Jia	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2011:1631	0	normal	SHIPPED_LIVE	netcf bug fix and enhancement update	2011-12-06 00:50:45 UTC

Description Michal Luscon 2011-08-04 10:15:33 UTC

Description of problem:

/netcf-0.1.9/src/dutil_linux.c:1055, 1056 - Using uninitialized variables nphys and phys_names as a result of line #1029.

Version-Release number of selected component (if applicable):
0.1.9

Additional info:

This defect was added between RHEL-6.1 and RHEL-6.2 version of package.

Comment 2 Laine Stump 2011-09-06 17:56:51 UTC

*** Bug 734721 has been marked as a duplicate of this bug. ***

Comment 3 Laine Stump 2011-09-21 18:17:58 UTC

This bug is already fixed upstream:

commit af17ee0ce5d0fbfb5afa5cfc4e6c5f3fd14d8c9a
Author: Laine Stump <laine>
Date:   Thu Aug 4 10:02:50 2011 -0400

    eliminate potential use of uninitialized index/pointer in add_bridge_info
    
    This was detected by Coverity and reported in:
    
    https://bugzilla.redhat.com/show_bug.cgi?id=728184
    
    Commit d32a46 moved the bit of code that adds the <bridge> element to
    bridge interfaces to the top of the function so that it is always
    done, even if there are no physical devices attached to the bridge
    (because <bridge> is a required element of the grammar). What wasn't
    noticed is that the ERR_NOMEM macro could goto error, and in this case
    nphys and phys_names would be uninitialized.
    
    Fortunately this would only happen on a failure to allocate memory.

The next build of netcf for RHEL will contain that fix.

Comment 5 Laine Stump 2011-09-26 19:03:39 UTC

A fix for this bug is available in a new netcf build for RHEL6:

  https://brewweb.devel.redhat.com/buildinfo?buildID=180923

Comment 7 Alex Jia 2011-09-27 06:30:46 UTC

(In reply to comment #5)
> A fix for this bug is available in a new netcf build for RHEL6:
> 
>   https://brewweb.devel.redhat.com/buildinfo?buildID=180923

Hi Laine,

This patch is okay and has resolved uninitialized value issues. However, Kamil provided many more test report raised by Coverity such as 'RESOURCE_LEAK' in Comment 1, IMHO, we should fix them together, you can find them in following link:

https://dell-per610-03.lab.eng.brq.redhat.com/coverity/rhel-6.2-20110729/netcf-0.1.9-1.el6/run1/netcf-0.1.9-1.el6.html

In addition, I have committed a patch to fix memory leak.

Alex

Comment 8 Alex Jia 2011-09-27 06:40:06 UTC

Patch for upstream:
https://fedorahosted.org/pipermail/netcf-devel/2011-September/000635.html

Comment 9 Alex Jia 2011-09-27 07:08:05 UTC

Created attachment 525038 [details]
CoverityScan for netcf-0.1.9-2.el6.src.rpm

Comment 10 Alex Jia 2011-09-28 02:55:51 UTC

(In reply to comment #8)
> Patch for upstream:
> https://fedorahosted.org/pipermail/netcf-devel/2011-September/000635.html

Patch has been ACKed and pushed, and I haven't found 'RESOURCE_LEAK' on upstream again:

Analysis summary report:
------------------------
Files analyzed                 : 14
Total LoC input to cov-analyze : 35436
Functions analyzed             : 158
Paths analyzed                 : 3439
New defects found              : 2 UNUSED_VALUE

So these issues have been resolved, Laine, maybe netcf need to rebase a new rpm package, but, it seems patches are quite less on upstream now, hence, whether simply set the bug to VERIFIED status firstly.

Comment 11 Laine Stump 2011-09-28 18:07:40 UTC

Since this would be the only patch that would go into a new build, and the impact of the bug is extremely small (it is a small leak in an infrequently used commandline tool (i.e. doesn't run for long, doesn't affect users of the API) that only occurs upon a failure to undefine an interface), we think it's best right now to not use up the extra resources it would take to process a new netcf build just for this.

So, best to mark this bug to verified (since the coverity-found regression reported originally in the bug is now fixed), and let the memory leak fix come in later when there are more updates.

Comment 12 Alex Jia 2011-09-29 02:37:16 UTC

(In reply to comment #11)
> So, best to mark this bug to verified (since the coverity-found regression
> reported originally in the bug is now fixed), and let the memory leak fix come
> in later when there are more updates.

Well, move the bug to VERIFIED status.

Comment 13 errata-xmlrpc 2011-12-06 15:19:16 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1631.html

Note You need to log in before you can comment on or make changes to this bug.