Hi,
Please find the latest report on new defect(s) introduced to libvirt found with Coverity Scan.
1 new defect(s) introduced to libvirt found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 405516: Null pointer dereferences (REVERSE_INULL)
/src/qemu/qemu_validate.c: 3350 in qemuValidateDomainDeviceDefDisk()
________________________________________________________________________________________________________
*** CID 405516: Null pointer dereferences (REVERSE_INULL)
/src/qemu/qemu_validate.c: 3350 in qemuValidateDomainDeviceDefDisk()
3344 for (n = disk->src; virStorageSourceIsBacking(n); n = n->backingStore) {
3345 if (qemuDomainValidateStorageSource(n, qemuCaps) < 0)
3346 return -1;
3347 }
3348
3349 if (disk->bus == VIR_DOMAIN_DISK_BUS_SD &&
>>> CID 405516: Null pointer dereferences (REVERSE_INULL)
>>> Null-checking "disk->src" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
3350 disk->src && disk->src->encryption && disk->src->encryption->nsecrets > 1) {
3351 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
3352 _("sd card '%s' does not support multiple encryption secrets"),
3353 disk->dst);
3354 return -1;
3355 }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…
Hi,
Please find the latest report on new defect(s) introduced to libvirt found with Coverity Scan.
1 new defect(s) introduced to libvirt found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 405251: Security best practices violations (TOCTOU)
/src/util/virpidfile.c: 420 in virPidFileAcquirePathFull()
________________________________________________________________________________________________________
*** CID 405251: Security best practices violations (TOCTOU)
/src/util/virpidfile.c: 420 in virPidFileAcquirePathFull()
414 return -1;
415 }
416
417 /* Now make sure the pidfile we locked is the same
418 * one that now exists on the filesystem
419 */
>>> CID 405251: Security best practices violations (TOCTOU)
>>> Calling function "stat" to perform check on "path".
420 if (stat(path, &a) < 0) {
421 VIR_DEBUG("Pid file '%s' disappeared: %s",
422 path, g_strerror(errno));
423 VIR_FORCE_CLOSE(fd);
424 /* Someone else must be racing with us, so try again */
425 continue;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…
Hi,
Please find the latest report on new defect(s) introduced to libvirt found with Coverity Scan.
1 new defect(s) introduced to libvirt found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 405203: Error handling issues (CHECKED_RETURN)
/tests/testutils.c: 781 in virTestFakeRootDirInit()
________________________________________________________________________________________________________
*** CID 405203: Error handling issues (CHECKED_RETURN)
/tests/testutils.c: 781 in virTestFakeRootDirInit()
775
776 if (!g_mkdtemp(fakerootdir)) {
777 fprintf(stderr, "Cannot create fakerootdir");
778 return NULL;
779 }
780
>>> CID 405203: Error handling issues (CHECKED_RETURN)
>>> Calling "g_setenv("LIBVIRT_FAKE_ROOT_DIR", fakerootdir, 1)" without checking return value. This library function may fail and return an error code.
781 g_setenv("LIBVIRT_FAKE_ROOT_DIR", fakerootdir, TRUE);
782
783 return g_steal_pointer(&fakerootdir);
784 }
785
786 void
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…
