Red Hat Bugzilla – Bug 878376
Coverity scan founds some resource leaks and USE_AFTER_FREE
Last modified: 2013-02-21 02:27:00 EST
1 CONSTANT_EXPRESSION_RESULT - in stdio.h, not libvirt 1 COPY_PASTE_ERROR fixed by upstream commit 924a6c7f6ad3fb3c3bb91feadccd12e6e471856f virsh: fix error messages in iface-bridge 17 FORWARD_NULL 4 in gnulib, look like false positives 5 assume that 0 < 0 3 fixed by bug 880919 1 is a bad NULL check in a function that is never called with NULL fixed by cb02215 and 89cf363 upstream, not worth backporting IMO nwfilter: fix NULL pointer check in virNWFilterSnoopReqNew nwfilter: drop dead code 4 left to check 1 MISSING_BREAK fixed upstream by 7475ee0 libssh2_session: support DSS keys as well 2 MISSING_RETURN files in /tmp 5 NEGATIVE_RETURNS 1 in src/util/buf.c:159 can't happen, we already checked for the cases where virBufferGetIndent returns -1 before calling it 3 regarding virXPathNodeSet fixed upstream by 34e5791 conf: check the return value of virXPathNodeSet 1 in src/conf/snapshot_conf.c fixed upstream by commit 0361917 conf: snapshot: check return value of virDomainSnapshotObjListNum 1 NO_EFFECT has no effect :) 2 NULL_RETURNS 1 in src/qemu/qemu_hostdev.c pciDeviceListFind should not return NULL, since the device was succesfully added 2 cycles ago 1 to be checked 2 OVERRUN 1 check in virCgroupAddTaskController is off by one, however it's checked in all the places where it's called. harmless not to backport fixed upstream by commit 28a6fd9 cgroup: fix impossible overrun in virCgroupAddTaskController 4 REVERSE_INULL 1 in bridge_driver.c useless NULL check, can be removed 1 in esx_vi.c is harmless as well, objectSpec is allocated at this point and can be removed as well 1 in netdev_bandwidth_conf.c is a bad NULL check, but none of the callers call virNetDevBandwidthParse with NULL, patch to follow 1 in src/util/processinfo.c is a bad check of allocation, patch to follow. 2 SIZEOF_MISMATCH both in virsh-domain.c, result in allocating a bit more memory than needed, patch to follow 6 UNINIT 1 in src/rpc/virnetmessage.c, uninitialized value is used on OOM, patch to follow. 4 in virsh.c, unitialized before and after values, patch to follow 1 in src/conf/snapshot_conf.c, unitialized value on OOM, patch to follow 5 UNUSED_VALUE these look OK 10 USE_AFTER_FREE all false positives, assuming the file descriptors are both equal and not equal still left to check: 53 BAD_SIZEOF 4 CHECKED_RETURN 22 DEADCODE 4 FORWARD_NULL libvirt-0.10.2/src/conf/storage_conf.c:461: var_deref_model: Passing null pointer "uuid" to function "virUUIDParse(char const *, unsigned char *)", which dereferences it. (The dereference is assumed on the basis of the 'nonnull' parameter attribute.) libvirt-0.10.2/src/util/virauthconfig.c:158:5: deref_parm_in_call: Function "virKeyFileHasValue(virKeyFilePtr, char const *, char const *)" dereferences "credname". (The dereference is assumed on the basis of the 'nonnull' parameter attribute.) libvirt-0.10.2/src/network/bridge_driver.c:3681: var_deref_model: Passing null pointer "&iface->data.network.actual->vlan" to function "virNetDevVlanCopy(virNetDevVlanPtr, virNetDevVlanPtr const)", which dereferences it. libvirt-0.10.2/src/lxc/lxc_container.c:1375: var_deref_model: Passing null pointer "*root" to function "opendir(char const *)", which dereferences it. 1 NULL_RETURNS libvirt-0.10.2/src/lxc/lxc_container.c:1350: dereference: Dereferencing a null pointer "tmp". 175 RESOURCE_LEAK 1 UNREACHABLE
In POST as of: http://post-office.corp.redhat.com/archives/rhvirt-patches/2012-December/msg00011.html
Created attachment 658663 [details] libvirt covscan error result
I don't see anything critical.
thanks jtomko's confirm. per comment 5 & comment 7 , move to verified.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2013-0276.html