RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 728245 - Coverity scan revealed defects
Summary: Coverity scan revealed defects
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: libvirt-cim
Version: 6.2
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Daniel Veillard
QA Contact: Virtualization Bugs
URL:
Whiteboard:
Depends On:
Blocks: 750418
TreeView+ depends on / blocked
 
Reported: 2011-08-04 13:54 UTC by Michal Luscon
Modified: 2011-12-06 12:11 UTC (History)
6 users (show)

Fixed In Version: libvirt-cim-0.5.14-2.el6
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 750418 (view as bug list)
Environment:
Last Closed: 2011-12-06 12:11:59 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
CoverityScan (89.11 KB, text/plain)
2011-10-27 07:28 UTC, Alex Jia 		no flags Details
View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2011:1587 0 normal SHIPPED_LIVE libvirt-cim bug fix and enhancement update 2011-12-06 00:38:49 UTC

Description Michal Luscon 2011-08-04 13:54:14 UTC 
Description of problem:

1.
/src/Virt_SwitchService.c:5 - Comparing "stream" to null implies that "stream" might be null.
/src/Virt_SwitchService.c:94 - Passing null variable "stream" to function "pclose", which dereferences it.

2.
/src/Virt_VirtualSystemManagementService.c:1048 - Comparing "path" to null implies that "path" might be null.
/src/Virt_VirtualSystemManagementService.c:1057 - Dereferencing null variable "path".

3.
/src/Virt_VirtualSystemManagementService.c:1088 - Comparing "port" to null implies that "port" might be null.
/src/Virt_VirtualSystemManagementService.c:1094 - Dereferencing null variable "port".

4.
/libxkutil/acl_parsing.c:630, 659: - Function "malloc" without NULL check.

5.
libxkutil/acl_parsing.c:397 - Dynamically allocated variable rule is not freed in function parse_acl_filter as a result of line #399.

5.
/libxkutil/device_parsing.c:106 - Function cleanup_virt_device does not free its parameter dev (this causes a lot of Coverity Resource leak warnings). 

6.
/libxkutil/acl_parsing.c144 - Function cleanup_filter does not free its parameter filter (this causes a lot of Coverity Resource leak warnings).


Version-Release number of selected component (if applicable):
0.5.14

Additional info:
These defects were added between RHEL-6.1 and RHEL-6.2 version of package.
Comment 3 Eduardo Lima (Etrunko) 2011-08-11 15:15:00 UTC 
(In reply to comment #0)
> Description of problem:
> 

Patches on the mailing list, waiting for review and push.

> 1.
> /src/Virt_SwitchService.c:5 - Comparing "stream" to null implies that "stream"
> might be null.
> /src/Virt_SwitchService.c:94 - Passing null variable "stream" to function
> "pclose", which dereferences it.
> 

https://www.redhat.com/archives/libvirt-cim/2011-August/msg00010.html

> 2.
> /src/Virt_VirtualSystemManagementService.c:1048 - Comparing "path" to null
> implies that "path" might be null.
> /src/Virt_VirtualSystemManagementService.c:1057 - Dereferencing null variable
> "path".
> 
> 3.
> /src/Virt_VirtualSystemManagementService.c:1088 - Comparing "port" to null
> implies that "port" might be null.
> /src/Virt_VirtualSystemManagementService.c:1094 - Dereferencing null variable
> "port".
> 

https://www.redhat.com/archives/libvirt-cim/2011-August/msg00008.html

> 4.
> /libxkutil/acl_parsing.c:630, 659: - Function "malloc" without NULL check.
> 
> 5.
> libxkutil/acl_parsing.c:397 - Dynamically allocated variable rule is not freed
> in function parse_acl_filter as a result of line #399.
> 
> 6.
> /libxkutil/acl_parsing.c144 - Function cleanup_filter does not free its
> parameter filter (this causes a lot of Coverity Resource leak warnings).
> 
> 

https://www.redhat.com/archives/libvirt-cim/2011-August/msg00009.html

> 5.
> /libxkutil/device_parsing.c:106 - Function cleanup_virt_device does not free
> its parameter dev (this causes a lot of Coverity Resource leak warnings). 
> 

https://www.redhat.com/archives/libvirt-cim/2011-August/msg00015.html
Comment 4 Daniel Veillard 2011-08-15 08:14:47 UTC 
Okay but it would be better if that was commited to Mercurial :-)

Daniel
Comment 5 Daniel Veillard 2011-08-16 14:16:11 UTC 
Build libvirt-cim-0.5.14-2.el6 done including the patches

Daniel
Comment 7 Eduardo Lima (Etrunko) 2011-08-19 18:54:56 UTC 
Last one of those patches went upstream, but there were other patches pushed as well. If possible, use mercurial revision 1133. Thanks for the report.
Comment 8 Alex Jia 2011-10-27 07:27:17 UTC 
There are still many issues need be resolved such as resource leak:

Analysis summary report:
------------------------
Files analyzed                 : 65
Total LoC input to cov-analyze : 54250
Functions analyzed             : 981
Paths analyzed                 : 21930
New defects found              : 101 Total
                                   2 ARRAY_VS_SINGLETON
                                   6 CHECKED_RETURN
                                   2 DEADCODE
                                  14 FORWARD_NULL
                                   4 NEGATIVE_RETURNS
                                   2 NO_EFFECT
                                   7 NULL_RETURNS
                                  34 RESOURCE_LEAK
                                   5 REVERSE_INULL
                                   6 UNINIT
                                   9 UNUSED_VALUE
                                  10 USE_AFTER_FREE

For details, please see attachment.

Alex
Comment 9 Alex Jia 2011-10-27 07:28:14 UTC 
Created attachment 530435 [details]
CoverityScan

covscan on libvirt-cim-0.5.14-2.el6.
Comment 10 Ondrej Vasik 2011-10-27 08:29:16 UTC 
Alex - with these CoverityScan bugzillas we care only about the differences from previous RHEL-6 version of the package - from the rest, only the most important issues should be fixed in the RHEL-6.
As any fix brings some risk of introducing new issues the further cleanup of defects found by Coverity should probably be done upstream and possibly for the most critical ones new 6.3 bugzilla should be opened.
Comment 12 Eduardo Lima (Etrunko) 2011-10-27 13:36:30 UTC 
(In reply to comment #9)
> Created attachment 530435 [details]
> CoverityScan
> 
> covscan on libvirt-cim-0.5.14-2.el6.

Thanks for the detailed report, we will address those as soon as possible.
Comment 15 Eduardo Lima (Etrunko) 2011-11-22 19:40:09 UTC 
FYI, the patches which fix the issues raised by this last report have been pushed upstream.
Comment 16 errata-xmlrpc 2011-12-06 12:11:59 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1587.html
Note You need to log in before you can comment on or make changes to this bug.