Hi,
Please find the latest report on new defect(s) introduced to libvirt found with Coverity Scan.
1 new defect(s) introduced to libvirt found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 416608: Control flow issues (UNREACHABLE)
/src/util/virfile.c: 191 in virCloseRangeImpl()
________________________________________________________________________________________________________
*** CID 416608: Control flow issues (UNREACHABLE)
/src/util/virfile.c: 191 in virCloseRangeImpl()
185 unsigned int last G_GNUC_UNUSED)
186 {
187 #if defined(WITH_SYS_SYSCALL_H) && defined(__NR_close_range)
188 return syscall(__NR_close_range, first, last, 0);
189 #endif
190
>>> CID 416608: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "*__errno_location() = 38;".
191 errno = ENOSYS;
192 return -1;
193 }
194
195
196 static void
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…
Hi,
Please find the latest report on new defect(s) introduced to libvirt found with Coverity Scan.
1 new defect(s) introduced to libvirt found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 405770: Resource leaks (RESOURCE_LEAK)
/tests/qemublocktest.c: 990 in mymain()
________________________________________________________________________________________________________
*** CID 405770: Resource leaks (RESOURCE_LEAK)
/tests/qemublocktest.c: 990 in mymain()
984 return EXIT_FAILURE;
985
986 VIR_TEST_VERBOSE("\nlatest caps x86_64: %s", capslatest_x86_64);
987
988 if (!(caps_x86_64 = qemuTestParseCapabilitiesArch(virArchFromString("x86_64"),
989 capslatest_x86_64)))
>>> CID 405770: Resource leaks (RESOURCE_LEAK)
>>> Variable "capslatest_x86_64" going out of scope leaks the storage it points to.
990 return EXIT_FAILURE;
991
992 diskxmljsondata.qemuCaps = caps_x86_64;
993 imagecreatedata.qemuCaps = caps_x86_64;
994
995 if (!(qmp_schema_x86_64 = testQEMUSchemaLoadLatest("x86_64"))) {
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…
Hi,
Please find the latest report on new defect(s) introduced to libvirt found with Coverity Scan.
1 new defect(s) introduced to libvirt found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 405516: Null pointer dereferences (REVERSE_INULL)
/src/qemu/qemu_validate.c: 3350 in qemuValidateDomainDeviceDefDisk()
________________________________________________________________________________________________________
*** CID 405516: Null pointer dereferences (REVERSE_INULL)
/src/qemu/qemu_validate.c: 3350 in qemuValidateDomainDeviceDefDisk()
3344 for (n = disk->src; virStorageSourceIsBacking(n); n = n->backingStore) {
3345 if (qemuDomainValidateStorageSource(n, qemuCaps) < 0)
3346 return -1;
3347 }
3348
3349 if (disk->bus == VIR_DOMAIN_DISK_BUS_SD &&
>>> CID 405516: Null pointer dereferences (REVERSE_INULL)
>>> Null-checking "disk->src" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
3350 disk->src && disk->src->encryption && disk->src->encryption->nsecrets > 1) {
3351 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
3352 _("sd card '%s' does not support multiple encryption secrets"),
3353 disk->dst);
3354 return -1;
3355 }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…
Hi,
Please find the latest report on new defect(s) introduced to libvirt found with Coverity Scan.
1 new defect(s) introduced to libvirt found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 405251: Security best practices violations (TOCTOU)
/src/util/virpidfile.c: 420 in virPidFileAcquirePathFull()
________________________________________________________________________________________________________
*** CID 405251: Security best practices violations (TOCTOU)
/src/util/virpidfile.c: 420 in virPidFileAcquirePathFull()
414 return -1;
415 }
416
417 /* Now make sure the pidfile we locked is the same
418 * one that now exists on the filesystem
419 */
>>> CID 405251: Security best practices violations (TOCTOU)
>>> Calling function "stat" to perform check on "path".
420 if (stat(path, &a) < 0) {
421 VIR_DEBUG("Pid file '%s' disappeared: %s",
422 path, g_strerror(errno));
423 VIR_FORCE_CLOSE(fd);
424 /* Someone else must be racing with us, so try again */
425 continue;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…
Hi,
Please find the latest report on new defect(s) introduced to libvirt found with Coverity Scan.
1 new defect(s) introduced to libvirt found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 405203: Error handling issues (CHECKED_RETURN)
/tests/testutils.c: 781 in virTestFakeRootDirInit()
________________________________________________________________________________________________________
*** CID 405203: Error handling issues (CHECKED_RETURN)
/tests/testutils.c: 781 in virTestFakeRootDirInit()
775
776 if (!g_mkdtemp(fakerootdir)) {
777 fprintf(stderr, "Cannot create fakerootdir");
778 return NULL;
779 }
780
>>> CID 405203: Error handling issues (CHECKED_RETURN)
>>> Calling "g_setenv("LIBVIRT_FAKE_ROOT_DIR", fakerootdir, 1)" without checking return value. This library function may fail and return an error code.
781 g_setenv("LIBVIRT_FAKE_ROOT_DIR", fakerootdir, TRUE);
782
783 return g_steal_pointer(&fakerootdir);
784 }
785
786 void
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…
Hi,
Please find the latest report on new defect(s) introduced to libvirt found with Coverity Scan.
1 new defect(s) introduced to libvirt found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 404727: Insecure data handling (TAINTED_STRING)
________________________________________________________________________________________________________
*** CID 404727: Insecure data handling (TAINTED_STRING)
/tests/chxml2xmltest.c: 77 in main()
71 virObjectUnref(driver->caps);
72 g_free(driver);
73
74 return ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE;
75 }
76
>>> CID 404727: Insecure data handling (TAINTED_STRING)
>>> Passing tainted string "**argv" to "virTestMain", which cannot accept tainted data.
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…
Hi,
Please find the latest report on new defect(s) introduced to libvirt found with Coverity Scan.
1 new defect(s) introduced to libvirt found with Coverity Scan.
13 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 404496: Code maintainability issues (UNUSED_VALUE)
/src/vbox/vbox_common.c: 1264 in vboxAttachDrives()
________________________________________________________________________________________________________
*** CID 404496: Code maintainability issues (UNUSED_VALUE)
/src/vbox/vbox_common.c: 1264 in vboxAttachDrives()
1258 /* The following is not needed for vbox 4.2+ but older versions have
1259 * distinct find and open operations where the former looks in vbox
1260 * media registry while the latter at storage location. In 4.2+, the
1261 * OpenMedium call takes care of both cases internally
1262 */
1263 if (!medium) {
>>> CID 404496: Code maintainability issues (UNUSED_VALUE)
>>> Assigning value from "gVBoxAPI.UIVirtualBox.OpenMedium(data->vboxObj, mediumFileUtf16, deviceType, accessMode, &medium)" to "rc" here, but that stored value is overwritten before it can be used.
1264 rc = gVBoxAPI.UIVirtualBox.OpenMedium(data->vboxObj,
1265 mediumFileUtf16,
1266 deviceType, accessMode,
1267 &medium);
1268 }
1269
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…
Hi,
Please find the latest report on new defect(s) introduced to libvirt found with Coverity Scan.
1 new defect(s) introduced to libvirt found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 404482: Control flow issues (DEADCODE)
/src/rpc/virnetsshsession.c: 716 in virNetSSHAuthenticatePassword()
________________________________________________________________________________________________________
*** CID 404482: Control flow issues (DEADCODE)
/src/rpc/virnetsshsession.c: 716 in virNetSSHAuthenticatePassword()
710 libssh2_session_last_error(sess->session, &errmsg, NULL, 0);
711 virReportError(VIR_ERR_AUTH_FAILED,
712 _("authentication failed: %s"), errmsg);
713
714 /* determine exist status */
715 if (rc == LIBSSH2_ERROR_AUTHENTICATION_FAILED)
>>> CID 404482: Control flow issues (DEADCODE)
>>> Execution cannot reach this statement: "ret = 1;".
716 ret = 1;
717 else
718 ret = -1;
719
720 cleanup:
721 VIR_FREE(password);
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…
