CI

Download

ci@lists.libvirt.org

April 2023

1 participants
2 discussions

New Defects reported by Coverity Scan for libvirt
by scan-admin＠coverity.com 07 Apr '23

07 Apr '23

Hi, Please find the latest report on new defect(s) introduced to libvirt found with Coverity Scan. 2 new defect(s) introduced to libvirt found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 2 of 2 defect(s) ** CID 405907: Insecure data handling (TAINTED_STRING) ________________________________________________________________________________________________________ *** CID 405907: Insecure data handling (TAINTED_STRING) /tests/viracpitest.c: 135 in main() 129 VIR_IORT_NODE_TYPE_SMMUV3, 130 VIR_IORT_NODE_TYPE_PMCG); 131 132 return ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE; 133 } 134 >>> CID 405907: Insecure data handling (TAINTED_STRING) >>> Passing tainted string "**argv" to "virTestMain", which cannot accept tainted data. ** CID 405906: Insecure data handling (TAINTED_SCALAR) ________________________________________________________________________________________________________ *** CID 405906: Insecure data handling (TAINTED_SCALAR) /src/util/viracpi.c: 190 in virAcpiParseIORT() 184 185 VIR_DEBUG("IORT header: len = %" PRIu32 " revision = %" PRIu8 186 " nnodes = %" PRIu32 " OEM = %s", 187 header.length, header.revision, 188 header.nnodes, header.oem_id); 189 >>> CID 405906: Insecure data handling (TAINTED_SCALAR) >>> Passing tainted expression "header.length" to "virAcpiParseIORTNodes", which uses it as a loop boundary. 190 return virAcpiParseIORTNodes(fd, filename, &header, nodesRet); 191 } 192 193 194 #define IORT_PATH "/sys/firmware/acpi/tables/IORT" 195 ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…

1 0

New Defects reported by Coverity Scan for libvirt
by scan-admin＠coverity.com 04 Apr '23

04 Apr '23

Hi, Please find the latest report on new defect(s) introduced to libvirt found with Coverity Scan. 1 new defect(s) introduced to libvirt found with Coverity Scan. 3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 405770: Resource leaks (RESOURCE_LEAK) /tests/qemublocktest.c: 990 in mymain() ________________________________________________________________________________________________________ *** CID 405770: Resource leaks (RESOURCE_LEAK) /tests/qemublocktest.c: 990 in mymain() 984 return EXIT_FAILURE; 985 986 VIR_TEST_VERBOSE("\nlatest caps x86_64: %s", capslatest_x86_64); 987 988 if (!(caps_x86_64 = qemuTestParseCapabilitiesArch(virArchFromString("x86_64"), 989 capslatest_x86_64))) >>> CID 405770: Resource leaks (RESOURCE_LEAK) >>> Variable "capslatest_x86_64" going out of scope leaks the storage it points to. 990 return EXIT_FAILURE; 991 992 diskxmljsondata.qemuCaps = caps_x86_64; 993 imagecreatedata.qemuCaps = caps_x86_64; 994 995 if (!(qmp_schema_x86_64 = testQEMUSchemaLoadLatest("x86_64"))) { ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…

1 0