Red Hat Bugzilla – Bug 825903
Coverity scan relevant defects
Last modified: 2012-10-09 22:42:30 EDT
Created attachment 587302 [details]
CoverityScan on libvirt-0.9.10-21.el6.x86_64
Description of problem:
The bug is used for tracking CoverityScan relevant issues for 6.4 like 6.3.
Version-Release number of selected component (if applicable):
# rpm -q libvirt
Steps to Reproduce:
CoverityScan on libvirt-0.9.10-21.el6.x86_64:
Analysis summary report:
Files analyzed : 249
Total LoC input to cov-analyze : 310106
Functions analyzed : 7587
Paths analyzed : 868953
Defect occurrences found : 43 Total
Alex, would it be possible for you to file BZs for the specific problems reported by Coverity instead of a single BZ for the entire report?
(In reply to comment #2)
> Alex, would it be possible for you to file BZs for the specific problems
> reported by Coverity instead of a single BZ for the entire report?
Yeah, I'm analysing test report then will pick up some critical issues in here later.
Need to confirm the following issues:
/builddir/build/BUILD/libvirt-0.9.10/src/locking/lock_driver_sanlock.c:158: overrun-buffer-arg: Overrunning static array ""__LIBVIRT__DISKS__"" of size 19 bytes by passing it to a function which indexes it with argument "48UL" at byte position 47.
/builddir/build/BUILD/libvirt-0.9.10/tools/virsh.c:5316: suspicious_sizeof: Passing argument "8UL /* sizeof (cpumap) */" to function "_vshCalloc" and then casting the return value to "unsigned char *" is suspicious.
/builddir/build/BUILD/libvirt-0.9.10/src/lxc/lxc_driver.c:1395: var_decl: Declaring variable "fd" without initializer.
/builddir/build/BUILD/libvirt-0.9.10/src/lxc/lxc_driver.c:1443: uninit_use_in_call: Using uninitialized value "fd" when calling "virFileClose".
/builddir/build/BUILD/libvirt-0.9.10/src/util/virfile.c:50: read_parm: Reading a parameter value.
/builddir/build/BUILD/libvirt-0.9.10/src/lxc/lxc_controller.c:1104: var_decl: Declaring variable "consoles" without initializer.
/builddir/build/BUILD/libvirt-0.9.10/src/lxc/lxc_controller.c:1237: uninit_use: Using uninitialized value "consoles".
Notes, upstream commit f74471de has fixed issue 3 and 4.
For memory leaks and NULL pointer derefing, they should be okay for libvirt.
In addition, I want to open the bug until rhel6.4 release then trace all of Coverity issues into the bug.
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.
This request was erroneously removed from consideration in Red Hat Enterprise Linux 6.4, which is currently under development. This request will be evaluated for inclusion in Red Hat Enterprise Linux 6.4.
Coverity scan on libvirt-0.10.0-0rc0:
Analysis summary report:
Files analyzed : 274
Total LoC input to cov-analyze : 320606
Functions analyzed : 7882
Paths analyzed : 860037
Defect occurrences found : 38 Total
For details, please check attachment.
Created attachment 602408 [details]
CoverityScan on libvirt-0.10.0-0rc0.el6.src.rpm
*** Bug 771022 has been marked as a duplicate of this bug. ***
Alex, I'd like to close this BZ and open new BZs for any specific leaks that need to be fixed in 6.4. Is that ok with you?
(In reply to comment #15)
> Alex, I'd like to close this BZ and open new BZs for any specific leaks that
> need to be fixed in 6.4. Is that ok with you?
Dave, it's okay for me.