Hi,
Please find the latest report on new defect(s) introduced to libvirt found with Coverity Scan.
1 new defect(s) introduced to libvirt found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 405770: Resource leaks (RESOURCE_LEAK)
/tests/qemublocktest.c: 990 in mymain()
________________________________________________________________________________________________________
*** CID 405770: Resource leaks (RESOURCE_LEAK)
/tests/qemublocktest.c: 990 in mymain()
984 return EXIT_FAILURE;
985
986 VIR_TEST_VERBOSE("\nlatest caps x86_64: %s", capslatest_x86_64);
987
988 if (!(caps_x86_64 = qemuTestParseCapabilitiesArch(virArchFromString("x86_64"),
989 capslatest_x86_64)))
>>> CID 405770: Resource leaks (RESOURCE_LEAK)
>>> Variable "capslatest_x86_64" going out of scope leaks the storage it points to.
990 return EXIT_FAILURE;
991
992 diskxmljsondata.qemuCaps = caps_x86_64;
993 imagecreatedata.qemuCaps = caps_x86_64;
994
995 if (!(qmp_schema_x86_64 = testQEMUSchemaLoadLatest("x86_64"))) {
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…
Hi,
Please find the latest report on new defect(s) introduced to libvirt found with Coverity Scan.
1 new defect(s) introduced to libvirt found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 405516: Null pointer dereferences (REVERSE_INULL)
/src/qemu/qemu_validate.c: 3350 in qemuValidateDomainDeviceDefDisk()
________________________________________________________________________________________________________
*** CID 405516: Null pointer dereferences (REVERSE_INULL)
/src/qemu/qemu_validate.c: 3350 in qemuValidateDomainDeviceDefDisk()
3344 for (n = disk->src; virStorageSourceIsBacking(n); n = n->backingStore) {
3345 if (qemuDomainValidateStorageSource(n, qemuCaps) < 0)
3346 return -1;
3347 }
3348
3349 if (disk->bus == VIR_DOMAIN_DISK_BUS_SD &&
>>> CID 405516: Null pointer dereferences (REVERSE_INULL)
>>> Null-checking "disk->src" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
3350 disk->src && disk->src->encryption && disk->src->encryption->nsecrets > 1) {
3351 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
3352 _("sd card '%s' does not support multiple encryption secrets"),
3353 disk->dst);
3354 return -1;
3355 }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…
Hi,
Please find the latest report on new defect(s) introduced to libvirt found with Coverity Scan.
1 new defect(s) introduced to libvirt found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 405251: Security best practices violations (TOCTOU)
/src/util/virpidfile.c: 420 in virPidFileAcquirePathFull()
________________________________________________________________________________________________________
*** CID 405251: Security best practices violations (TOCTOU)
/src/util/virpidfile.c: 420 in virPidFileAcquirePathFull()
414 return -1;
415 }
416
417 /* Now make sure the pidfile we locked is the same
418 * one that now exists on the filesystem
419 */
>>> CID 405251: Security best practices violations (TOCTOU)
>>> Calling function "stat" to perform check on "path".
420 if (stat(path, &a) < 0) {
421 VIR_DEBUG("Pid file '%s' disappeared: %s",
422 path, g_strerror(errno));
423 VIR_FORCE_CLOSE(fd);
424 /* Someone else must be racing with us, so try again */
425 continue;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…
Hi,
Please find the latest report on new defect(s) introduced to libvirt found with Coverity Scan.
1 new defect(s) introduced to libvirt found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 405203: Error handling issues (CHECKED_RETURN)
/tests/testutils.c: 781 in virTestFakeRootDirInit()
________________________________________________________________________________________________________
*** CID 405203: Error handling issues (CHECKED_RETURN)
/tests/testutils.c: 781 in virTestFakeRootDirInit()
775
776 if (!g_mkdtemp(fakerootdir)) {
777 fprintf(stderr, "Cannot create fakerootdir");
778 return NULL;
779 }
780
>>> CID 405203: Error handling issues (CHECKED_RETURN)
>>> Calling "g_setenv("LIBVIRT_FAKE_ROOT_DIR", fakerootdir, 1)" without checking return value. This library function may fail and return an error code.
781 g_setenv("LIBVIRT_FAKE_ROOT_DIR", fakerootdir, TRUE);
782
783 return g_steal_pointer(&fakerootdir);
784 }
785
786 void
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…
Hi,
Please find the latest report on new defect(s) introduced to libvirt found with Coverity Scan.
1 new defect(s) introduced to libvirt found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 404727: Insecure data handling (TAINTED_STRING)
________________________________________________________________________________________________________
*** CID 404727: Insecure data handling (TAINTED_STRING)
/tests/chxml2xmltest.c: 77 in main()
71 virObjectUnref(driver->caps);
72 g_free(driver);
73
74 return ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE;
75 }
76
>>> CID 404727: Insecure data handling (TAINTED_STRING)
>>> Passing tainted string "**argv" to "virTestMain", which cannot accept tainted data.
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…
Hi,
Please find the latest report on new defect(s) introduced to libvirt found with Coverity Scan.
1 new defect(s) introduced to libvirt found with Coverity Scan.
13 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 404496: Code maintainability issues (UNUSED_VALUE)
/src/vbox/vbox_common.c: 1264 in vboxAttachDrives()
________________________________________________________________________________________________________
*** CID 404496: Code maintainability issues (UNUSED_VALUE)
/src/vbox/vbox_common.c: 1264 in vboxAttachDrives()
1258 /* The following is not needed for vbox 4.2+ but older versions have
1259 * distinct find and open operations where the former looks in vbox
1260 * media registry while the latter at storage location. In 4.2+, the
1261 * OpenMedium call takes care of both cases internally
1262 */
1263 if (!medium) {
>>> CID 404496: Code maintainability issues (UNUSED_VALUE)
>>> Assigning value from "gVBoxAPI.UIVirtualBox.OpenMedium(data->vboxObj, mediumFileUtf16, deviceType, accessMode, &medium)" to "rc" here, but that stored value is overwritten before it can be used.
1264 rc = gVBoxAPI.UIVirtualBox.OpenMedium(data->vboxObj,
1265 mediumFileUtf16,
1266 deviceType, accessMode,
1267 &medium);
1268 }
1269
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…
Hi,
Please find the latest report on new defect(s) introduced to libvirt found with Coverity Scan.
1 new defect(s) introduced to libvirt found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 404482: Control flow issues (DEADCODE)
/src/rpc/virnetsshsession.c: 716 in virNetSSHAuthenticatePassword()
________________________________________________________________________________________________________
*** CID 404482: Control flow issues (DEADCODE)
/src/rpc/virnetsshsession.c: 716 in virNetSSHAuthenticatePassword()
710 libssh2_session_last_error(sess->session, &errmsg, NULL, 0);
711 virReportError(VIR_ERR_AUTH_FAILED,
712 _("authentication failed: %s"), errmsg);
713
714 /* determine exist status */
715 if (rc == LIBSSH2_ERROR_AUTHENTICATION_FAILED)
>>> CID 404482: Control flow issues (DEADCODE)
>>> Execution cannot reach this statement: "ret = 1;".
716 ret = 1;
717 else
718 ret = -1;
719
720 cleanup:
721 VIR_FREE(password);
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…
Hi,
Please find the latest report on new defect(s) introduced to libvirt found with Coverity Scan.
1 new defect(s) introduced to libvirt found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 404444: Integer handling issues (DIVIDE_BY_ZERO)
/src/remote/remote_driver.c: 2759 in remoteDomainGetCPUStats()
________________________________________________________________________________________________________
*** CID 404444: Integer handling issues (DIVIDE_BY_ZERO)
/src/remote/remote_driver.c: 2759 in remoteDomainGetCPUStats()
2753
2754 /* The remote side did not send back any zero entries, so we have
2755 * to expand things back into a possibly sparse array, where the
2756 * tail of the array may be omitted.
2757 */
2758 memset(params, 0, sizeof(*params) * nparams * ncpus);
>>> CID 404444: Integer handling issues (DIVIDE_BY_ZERO)
>>> In expression "ret.params.params_len / ret.nparams", division by expression "ret.nparams" which may be zero has undefined behavior.
2759 ncpus = ret.params.params_len / ret.nparams;
2760 for (cpu = 0; cpu < ncpus; cpu++) {
2761 int tmp = nparams;
2762 virTypedParameterPtr cpu_params = ¶ms[cpu * nparams];
2763 remote_typed_param *stride = &ret.params.params_val[cpu * ret.nparams];
2764
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…
Hi,
Please find the latest report on new defect(s) introduced to libvirt found with Coverity Scan.
2 new defect(s) introduced to libvirt found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)
** CID 404360: Null pointer dereferences (REVERSE_INULL)
/src/qemu/qemu_passt.c: 278 in qemuPasstStart()
________________________________________________________________________________________________________
*** CID 404360: Null pointer dereferences (REVERSE_INULL)
/src/qemu/qemu_passt.c: 278 in qemuPasstStart()
272 return 0;
273
274 error:
275 ignore_value(virPidFileReadPathIfLocked(pidfile, &pid));
276 if (pid != -1)
277 virProcessKillPainfully(pid, true);
>>> CID 404360: Null pointer dereferences (REVERSE_INULL)
>>> Null-checking "pidfile" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
278 if (pidfile)
279 unlink(pidfile);
280
281 return -1;
** CID 404359: Null pointer dereferences (FORWARD_NULL)
/src/conf/domain_conf.c: 2635 in virDomainNetPortForwardFree()
________________________________________________________________________________________________________
*** CID 404359: Null pointer dereferences (FORWARD_NULL)
/src/conf/domain_conf.c: 2635 in virDomainNetPortForwardFree()
2629 {
2630 size_t i;
2631
2632 if (pf)
2633 g_free(pf->dev);
2634
>>> CID 404359: Null pointer dereferences (FORWARD_NULL)
>>> Dereferencing null pointer "pf".
2635 for (i = 0; i < pf->nRanges; i++)
2636 g_free(pf->ranges[i]);
2637
2638 g_free(pf->ranges);
2639 g_free(pf);
2640 }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…
