Defect is found by Coverity difference scan on rhel6.1 and rhel6.2 packages.
1) Unchecked return value of update_refcount()
=> misc/e2image.c:1025 return value is not checked (as is done in 5 of 6 cases)
I'm not sure if this is really a problem, it would be nice if somebody could
look at it.
2) Possible null dereference
passing null variable 'header' to function qcow2_write_raw_image
which dereferences it.
a) 1239: assigning header to NULL
b) 1290: assigning header to check_qcow2_image() return value,
which can fail or even may not happen -->1289 (if branch)
c) 1329: NULL used as parameter of qcow2_write_raw_image() which
I forget to notice third defect:
3) Check for negative value on unsigned variable 'offset'
error in 'llseek' will not be recorded when occurs -- never can reach less
than zero value.
Variable 'offset' should be signed type (e.g. ext2_loff_t which is correct
ext2fs_llseek return type?)
I think that these came about as a result of Lukas' e2image work, so I will assign to him.
Lukas just sent a patch upstream for the issue in comment #2, FWIW.
The problem 1) is false positive, because we really do not need to check return value from the update_refcount() in that case.
Problem 2) Is also false positive, because if check_qcow2_image() would return NULL, then E2IMAGE_IS_QCOW2_FLAG would not be set, hence qcow2_write_raw_image() would not be called at all.
Problem 3) is real, however should not cause any real troubles because if the lseek would fail and we would not catch that, the next lseek will catch the problem, because we are using the offset there as well. However it is a bug and should be fixed.
As Eric already pointed out, I did sent the patch upstream for the problem 3. Problems 1 and 2 are not real, hence no need to fix anything there.
Built and tagged in e2fsprogs-1.41.12-11.el6
I have re-ran Coverity for e2fsprogs-1.41.12-11.el6 and reported problem (3) was successfully removed.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.