12:28 a.m.
Hi,
Please find the latest report on new defect(s) introduced to libvirt found with Coverity
Scan.
3 new defect(s) introduced to libvirt found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build
analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)
** CID 467161: (CHECKED_RETURN)
/src/ch/ch_monitor.c: 958 in virCHMonitorSaveVM()
/src/ch/ch_monitor.c: 961 in virCHMonitorSaveVM()
/src/ch/ch_monitor.c: 962 in virCHMonitorSaveVM()
/src/ch/ch_monitor.c: 957 in virCHMonitorSaveVM()
/src/ch/ch_monitor.c: 959 in virCHMonitorSaveVM()
/src/ch/ch_monitor.c: 960 in virCHMonitorSaveVM()
/src/ch/ch_monitor.c: 956 in virCHMonitorSaveVM()
________________________________________________________________________________________________________
*** CID 467161: (CHECKED_RETURN)
/src/ch/ch_monitor.c: 958 in virCHMonitorSaveVM()
952 VIR_WITH_OBJECT_LOCK_GUARD(mon) {
953 /* reset all options of a libcurl session handle at first */
954 curl_easy_reset(mon->handle);
955
956 curl_easy_setopt(mon->handle, CURLOPT_UNIX_SOCKET_PATH,
mon->socketpath);
957 curl_easy_setopt(mon->handle, CURLOPT_URL, url);
>> CID 467161: (CHECKED_RETURN)
>> Calling "curl_easy_setopt(mon->handle, _curl_opt,
"PUT")" without checking return value. This library function may fail and
return an error code.
958 curl_easy_setopt(mon->handle,
CURLOPT_CUSTOMREQUEST, "PUT");
959 curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, headers);
960 curl_easy_setopt(mon->handle, CURLOPT_POSTFIELDS, payload);
961 curl_easy_setopt(mon->handle, CURLOPT_WRITEFUNCTION, curl_callback);
962 curl_easy_setopt(mon->handle, CURLOPT_WRITEDATA, (void *)&data);
963
/src/ch/ch_monitor.c: 961 in virCHMonitorSaveVM()
955
956 curl_easy_setopt(mon->handle, CURLOPT_UNIX_SOCKET_PATH,
mon->socketpath);
957 curl_easy_setopt(mon->handle, CURLOPT_URL, url);
958 curl_easy_setopt(mon->handle, CURLOPT_CUSTOMREQUEST, "PUT");
959 curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, headers);
960 curl_easy_setopt(mon->handle, CURLOPT_POSTFIELDS, payload);
>> CID 467161: (CHECKED_RETURN)
>> Calling "curl_easy_setopt(mon->handle, _curl_opt,
curl_callback)" without checking return value. This library function may fail and
return an error code.
961 curl_easy_setopt(mon->handle,
CURLOPT_WRITEFUNCTION, curl_callback);
962 curl_easy_setopt(mon->handle, CURLOPT_WRITEDATA, (void *)&data);
963
964 responseCode = virCHMonitorCurlPerform(mon->handle);
965 }
966
/src/ch/ch_monitor.c: 962 in virCHMonitorSaveVM()
956 curl_easy_setopt(mon->handle, CURLOPT_UNIX_SOCKET_PATH,
mon->socketpath);
957 curl_easy_setopt(mon->handle, CURLOPT_URL, url);
958 curl_easy_setopt(mon->handle, CURLOPT_CUSTOMREQUEST, "PUT");
959 curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, headers);
960 curl_easy_setopt(mon->handle, CURLOPT_POSTFIELDS, payload);
961 curl_easy_setopt(mon->handle, CURLOPT_WRITEFUNCTION, curl_callback);
>> CID 467161: (CHECKED_RETURN)
>> Calling "curl_easy_setopt(mon->handle, _curl_opt, (void
*)&data)" without checking return value. This library function may fail and
return an error code.
962 curl_easy_setopt(mon->handle,
CURLOPT_WRITEDATA, (void *)&data);
963
964 responseCode = virCHMonitorCurlPerform(mon->handle);
965 }
966
967 if (responseCode == 200 || responseCode == 204) {
/src/ch/ch_monitor.c: 957 in virCHMonitorSaveVM()
951
952 VIR_WITH_OBJECT_LOCK_GUARD(mon) {
953 /* reset all options of a libcurl session handle at first */
954 curl_easy_reset(mon->handle);
955
956 curl_easy_setopt(mon->handle, CURLOPT_UNIX_SOCKET_PATH,
mon->socketpath);
>> CID 467161: (CHECKED_RETURN)
>> Calling "curl_easy_setopt(mon->handle, _curl_opt, url)" without
checking return value. This library function may fail and return an error code.
957
curl_easy_setopt(mon->handle, CURLOPT_URL, url);
958 curl_easy_setopt(mon->handle, CURLOPT_CUSTOMREQUEST, "PUT");
959 curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, headers);
960 curl_easy_setopt(mon->handle, CURLOPT_POSTFIELDS, payload);
961 curl_easy_setopt(mon->handle, CURLOPT_WRITEFUNCTION, curl_callback);
962 curl_easy_setopt(mon->handle, CURLOPT_WRITEDATA, (void *)&data);
/src/ch/ch_monitor.c: 959 in virCHMonitorSaveVM()
953 /* reset all options of a libcurl session handle at first */
954 curl_easy_reset(mon->handle);
955
956 curl_easy_setopt(mon->handle, CURLOPT_UNIX_SOCKET_PATH,
mon->socketpath);
957 curl_easy_setopt(mon->handle, CURLOPT_URL, url);
958 curl_easy_setopt(mon->handle, CURLOPT_CUSTOMREQUEST, "PUT");
>> CID 467161: (CHECKED_RETURN)
>> Calling "curl_easy_setopt(mon->handle, _curl_opt, headers)"
without checking return value. This library function may fail and return an error code.
959 curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, headers);
960 curl_easy_setopt(mon->handle, CURLOPT_POSTFIELDS, payload);
961 curl_easy_setopt(mon->handle, CURLOPT_WRITEFUNCTION, curl_callback);
962 curl_easy_setopt(mon->handle, CURLOPT_WRITEDATA, (void *)&data);
963
964 responseCode = virCHMonitorCurlPerform(mon->handle);
/src/ch/ch_monitor.c: 960 in virCHMonitorSaveVM()
954 curl_easy_reset(mon->handle);
955
956 curl_easy_setopt(mon->handle, CURLOPT_UNIX_SOCKET_PATH,
mon->socketpath);
957 curl_easy_setopt(mon->handle, CURLOPT_URL, url);
958 curl_easy_setopt(mon->handle, CURLOPT_CUSTOMREQUEST, "PUT");
959 curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, headers);
>> CID 467161: (CHECKED_RETURN)
>> Calling "curl_easy_setopt(mon->handle, _curl_opt, payload)"
without checking return value. This library function may fail and return an error code.
960 curl_easy_setopt(mon->handle, CURLOPT_POSTFIELDS, payload);
961 curl_easy_setopt(mon->handle, CURLOPT_WRITEFUNCTION, curl_callback);
962 curl_easy_setopt(mon->handle, CURLOPT_WRITEDATA, (void *)&data);
963
964 responseCode = virCHMonitorCurlPerform(mon->handle);
965 }
/src/ch/ch_monitor.c: 956 in virCHMonitorSaveVM()
950
951
952 VIR_WITH_OBJECT_LOCK_GUARD(mon) {
953 /* reset all options of a libcurl session handle at first */
954 curl_easy_reset(mon->handle);
955
>> CID 467161: (CHECKED_RETURN)
>> Calling "curl_easy_setopt(mon->handle, _curl_opt,
mon->socketpath)" without checking return value. This library function may fail
and return an error code.
956 curl_easy_setopt(mon->handle,
CURLOPT_UNIX_SOCKET_PATH, mon->socketpath);
957 curl_easy_setopt(mon->handle, CURLOPT_URL, url);
958 curl_easy_setopt(mon->handle, CURLOPT_CUSTOMREQUEST, "PUT");
959 curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, headers);
960 curl_easy_setopt(mon->handle, CURLOPT_POSTFIELDS, payload);
961 curl_easy_setopt(mon->handle, CURLOPT_WRITEFUNCTION, curl_callback);
** CID 467160: Incorrect expression (BAD_SIZEOF)
/src/ch/ch_monitor.c: 962 in virCHMonitorSaveVM()
________________________________________________________________________________________________________
*** CID 467160: Incorrect expression (BAD_SIZEOF)
/src/ch/ch_monitor.c: 962 in virCHMonitorSaveVM()
956 curl_easy_setopt(mon->handle, CURLOPT_UNIX_SOCKET_PATH,
mon->socketpath);
957 curl_easy_setopt(mon->handle, CURLOPT_URL, url);
958 curl_easy_setopt(mon->handle, CURLOPT_CUSTOMREQUEST, "PUT");
959 curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, headers);
960 curl_easy_setopt(mon->handle, CURLOPT_POSTFIELDS, payload);
961 curl_easy_setopt(mon->handle, CURLOPT_WRITEFUNCTION, curl_callback);
>> CID 467160: Incorrect expression (BAD_SIZEOF)
>> Taking the size of "&data", which is the address of an object,
is suspicious.
962 curl_easy_setopt(mon->handle, CURLOPT_WRITEDATA,
(void *)&data);
963
964 responseCode = virCHMonitorCurlPerform(mon->handle);
965 }
966
967 if (responseCode == 200 || responseCode == 204) {
** CID 467159: Error handling issues (CHECKED_RETURN)
/src/ch/ch_monitor.c: 1005 in virCHMonitorBuildRestoreJson()
________________________________________________________________________________________________________
*** CID 467159: Error handling issues (CHECKED_RETURN)
/src/ch/ch_monitor.c: 1005 in virCHMonitorBuildRestoreJson()
999 g_autoptr(virJSONValue) net_json = virJSONValueNewObject();
1000 g_autofree char *id = g_strdup_printf("%s_%ld",
CH_NET_ID_PREFIX, i);
1001 if (virJSONValueObjectAppendString(net_json, "id", id) <
0)
1002 return -1;
1003 if (virJSONValueObjectAppendNumberInt(net_json, "num_fds",
vmdef->nets[i]->driver.virtio.queues))
1004 return -1;
>> CID 467159: Error handling issues (CHECKED_RETURN)
>> Calling "virJSONValueArrayAppend" without checking return value (as
is done elsewhere 34 out of 35 times).
1005
virJSONValueArrayAppend(nets, &net_json);
1006 }
1007 if (virJSONValueObjectAppend(restore_json, "net_fds",
&nets))
1008 return -1;
1009 }
1010
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit,
https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy...
96
days inactive
96
days old
0 comments
1 participants
participants (1)
-
scan-admin@coverity.com