New Defects reported by Coverity Scan for libvirt
Hi, Please find the latest report on new defect(s) introduced to libvirt found with Coverity Scan. 3 new defect(s) introduced to libvirt found with Coverity Scan. 2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 3 of 3 defect(s) ** CID 467161: (CHECKED_RETURN) /src/ch/ch_monitor.c: 958 in virCHMonitorSaveVM() /src/ch/ch_monitor.c: 961 in virCHMonitorSaveVM() /src/ch/ch_monitor.c: 962 in virCHMonitorSaveVM() /src/ch/ch_monitor.c: 957 in virCHMonitorSaveVM() /src/ch/ch_monitor.c: 959 in virCHMonitorSaveVM() /src/ch/ch_monitor.c: 960 in virCHMonitorSaveVM() /src/ch/ch_monitor.c: 956 in virCHMonitorSaveVM() ________________________________________________________________________________________________________ *** CID 467161: (CHECKED_RETURN) /src/ch/ch_monitor.c: 958 in virCHMonitorSaveVM() 952 VIR_WITH_OBJECT_LOCK_GUARD(mon) { 953 /* reset all options of a libcurl session handle at first */ 954 curl_easy_reset(mon->handle); 955 956 curl_easy_setopt(mon->handle, CURLOPT_UNIX_SOCKET_PATH, mon->socketpath); 957 curl_easy_setopt(mon->handle, CURLOPT_URL, url);
CID 467161: (CHECKED_RETURN) Calling "curl_easy_setopt(mon->handle, _curl_opt, "PUT")" without checking return value. This library function may fail and return an error code.
958 curl_easy_setopt(mon->handle, CURLOPT_CUSTOMREQUEST, "PUT"); 959 curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, headers); 960 curl_easy_setopt(mon->handle, CURLOPT_POSTFIELDS, payload); 961 curl_easy_setopt(mon->handle, CURLOPT_WRITEFUNCTION, curl_callback); 962 curl_easy_setopt(mon->handle, CURLOPT_WRITEDATA, (void *)&data); 963 /src/ch/ch_monitor.c: 961 in virCHMonitorSaveVM() 955 956 curl_easy_setopt(mon->handle, CURLOPT_UNIX_SOCKET_PATH, mon->socketpath); 957 curl_easy_setopt(mon->handle, CURLOPT_URL, url); 958 curl_easy_setopt(mon->handle, CURLOPT_CUSTOMREQUEST, "PUT"); 959 curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, headers); 960 curl_easy_setopt(mon->handle, CURLOPT_POSTFIELDS, payload);
CID 467161: (CHECKED_RETURN) Calling "curl_easy_setopt(mon->handle, _curl_opt, curl_callback)" without checking return value. This library function may fail and return an error code.
961 curl_easy_setopt(mon->handle, CURLOPT_WRITEFUNCTION, curl_callback); 962 curl_easy_setopt(mon->handle, CURLOPT_WRITEDATA, (void *)&data); 963 964 responseCode = virCHMonitorCurlPerform(mon->handle); 965 } 966 /src/ch/ch_monitor.c: 962 in virCHMonitorSaveVM() 956 curl_easy_setopt(mon->handle, CURLOPT_UNIX_SOCKET_PATH, mon->socketpath); 957 curl_easy_setopt(mon->handle, CURLOPT_URL, url); 958 curl_easy_setopt(mon->handle, CURLOPT_CUSTOMREQUEST, "PUT"); 959 curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, headers); 960 curl_easy_setopt(mon->handle, CURLOPT_POSTFIELDS, payload); 961 curl_easy_setopt(mon->handle, CURLOPT_WRITEFUNCTION, curl_callback);
CID 467161: (CHECKED_RETURN) Calling "curl_easy_setopt(mon->handle, _curl_opt, (void *)&data)" without checking return value. This library function may fail and return an error code.
962 curl_easy_setopt(mon->handle, CURLOPT_WRITEDATA, (void *)&data); 963 964 responseCode = virCHMonitorCurlPerform(mon->handle); 965 } 966 967 if (responseCode == 200 || responseCode == 204) { /src/ch/ch_monitor.c: 957 in virCHMonitorSaveVM() 951 952 VIR_WITH_OBJECT_LOCK_GUARD(mon) { 953 /* reset all options of a libcurl session handle at first */ 954 curl_easy_reset(mon->handle); 955 956 curl_easy_setopt(mon->handle, CURLOPT_UNIX_SOCKET_PATH, mon->socketpath);
CID 467161: (CHECKED_RETURN) Calling "curl_easy_setopt(mon->handle, _curl_opt, url)" without checking return value. This library function may fail and return an error code.
957 curl_easy_setopt(mon->handle, CURLOPT_URL, url); 958 curl_easy_setopt(mon->handle, CURLOPT_CUSTOMREQUEST, "PUT"); 959 curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, headers); 960 curl_easy_setopt(mon->handle, CURLOPT_POSTFIELDS, payload); 961 curl_easy_setopt(mon->handle, CURLOPT_WRITEFUNCTION, curl_callback); 962 curl_easy_setopt(mon->handle, CURLOPT_WRITEDATA, (void *)&data); /src/ch/ch_monitor.c: 959 in virCHMonitorSaveVM() 953 /* reset all options of a libcurl session handle at first */ 954 curl_easy_reset(mon->handle); 955 956 curl_easy_setopt(mon->handle, CURLOPT_UNIX_SOCKET_PATH, mon->socketpath); 957 curl_easy_setopt(mon->handle, CURLOPT_URL, url); 958 curl_easy_setopt(mon->handle, CURLOPT_CUSTOMREQUEST, "PUT");
CID 467161: (CHECKED_RETURN) Calling "curl_easy_setopt(mon->handle, _curl_opt, headers)" without checking return value. This library function may fail and return an error code.
959 curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, headers); 960 curl_easy_setopt(mon->handle, CURLOPT_POSTFIELDS, payload); 961 curl_easy_setopt(mon->handle, CURLOPT_WRITEFUNCTION, curl_callback); 962 curl_easy_setopt(mon->handle, CURLOPT_WRITEDATA, (void *)&data); 963 964 responseCode = virCHMonitorCurlPerform(mon->handle); /src/ch/ch_monitor.c: 960 in virCHMonitorSaveVM() 954 curl_easy_reset(mon->handle); 955 956 curl_easy_setopt(mon->handle, CURLOPT_UNIX_SOCKET_PATH, mon->socketpath); 957 curl_easy_setopt(mon->handle, CURLOPT_URL, url); 958 curl_easy_setopt(mon->handle, CURLOPT_CUSTOMREQUEST, "PUT"); 959 curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, headers);
CID 467161: (CHECKED_RETURN) Calling "curl_easy_setopt(mon->handle, _curl_opt, payload)" without checking return value. This library function may fail and return an error code.
960 curl_easy_setopt(mon->handle, CURLOPT_POSTFIELDS, payload); 961 curl_easy_setopt(mon->handle, CURLOPT_WRITEFUNCTION, curl_callback); 962 curl_easy_setopt(mon->handle, CURLOPT_WRITEDATA, (void *)&data); 963 964 responseCode = virCHMonitorCurlPerform(mon->handle); 965 } /src/ch/ch_monitor.c: 956 in virCHMonitorSaveVM() 950 951 952 VIR_WITH_OBJECT_LOCK_GUARD(mon) { 953 /* reset all options of a libcurl session handle at first */ 954 curl_easy_reset(mon->handle); 955
CID 467161: (CHECKED_RETURN) Calling "curl_easy_setopt(mon->handle, _curl_opt, mon->socketpath)" without checking return value. This library function may fail and return an error code.
956 curl_easy_setopt(mon->handle, CURLOPT_UNIX_SOCKET_PATH, mon->socketpath); 957 curl_easy_setopt(mon->handle, CURLOPT_URL, url); 958 curl_easy_setopt(mon->handle, CURLOPT_CUSTOMREQUEST, "PUT"); 959 curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, headers); 960 curl_easy_setopt(mon->handle, CURLOPT_POSTFIELDS, payload); 961 curl_easy_setopt(mon->handle, CURLOPT_WRITEFUNCTION, curl_callback);
** CID 467160: Incorrect expression (BAD_SIZEOF) /src/ch/ch_monitor.c: 962 in virCHMonitorSaveVM() ________________________________________________________________________________________________________ *** CID 467160: Incorrect expression (BAD_SIZEOF) /src/ch/ch_monitor.c: 962 in virCHMonitorSaveVM() 956 curl_easy_setopt(mon->handle, CURLOPT_UNIX_SOCKET_PATH, mon->socketpath); 957 curl_easy_setopt(mon->handle, CURLOPT_URL, url); 958 curl_easy_setopt(mon->handle, CURLOPT_CUSTOMREQUEST, "PUT"); 959 curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, headers); 960 curl_easy_setopt(mon->handle, CURLOPT_POSTFIELDS, payload); 961 curl_easy_setopt(mon->handle, CURLOPT_WRITEFUNCTION, curl_callback);
CID 467160: Incorrect expression (BAD_SIZEOF) Taking the size of "&data", which is the address of an object, is suspicious.
962 curl_easy_setopt(mon->handle, CURLOPT_WRITEDATA, (void *)&data); 963 964 responseCode = virCHMonitorCurlPerform(mon->handle); 965 } 966 967 if (responseCode == 200 || responseCode == 204) {
** CID 467159: Error handling issues (CHECKED_RETURN) /src/ch/ch_monitor.c: 1005 in virCHMonitorBuildRestoreJson() ________________________________________________________________________________________________________ *** CID 467159: Error handling issues (CHECKED_RETURN) /src/ch/ch_monitor.c: 1005 in virCHMonitorBuildRestoreJson() 999 g_autoptr(virJSONValue) net_json = virJSONValueNewObject(); 1000 g_autofree char *id = g_strdup_printf("%s_%ld", CH_NET_ID_PREFIX, i); 1001 if (virJSONValueObjectAppendString(net_json, "id", id) < 0) 1002 return -1; 1003 if (virJSONValueObjectAppendNumberInt(net_json, "num_fds", vmdef->nets[i]->driver.virtio.queues)) 1004 return -1;
CID 467159: Error handling issues (CHECKED_RETURN) Calling "virJSONValueArrayAppend" without checking return value (as is done elsewhere 34 out of 35 times).
1005 virJSONValueArrayAppend(nets, &net_json); 1006 } 1007 if (virJSONValueObjectAppend(restore_json, "net_fds", &nets)) 1008 return -1; 1009 } 1010
________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2B...
participants (1)
-
scan-admin@coverity.com