New Defects reported by Coverity Scan for libvirt

9 Sep 2025

      Hi,

Please find the latest report on new defect(s) introduced to libvirt found with Coverity Scan.

3 new defect(s) introduced to libvirt found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)

** CID 895678:       Memory - corruptions  (USE_AFTER_FREE)
/src/conf/domain_conf.c: 5926           in virDomainDeviceInfoParseXML()

_____________________________________________________________________________________________
*** CID 895678:         Memory - corruptions  (USE_AFTER_FREE)
/src/conf/domain_conf.c: 5926             in virDomainDeviceInfoParseXML()
5920             goto cleanup;
5921     
5922     
5923         ret = 0;
5924      cleanup:
5925         if (ret < 0)
...
...
...
CID 895678:         Memory - corruptions  (USE_AFTER_FREE)
    Calling "virDomainDeviceInfoClear" frees pointer "info->acpiNodeset" which has already been freed.
5926             virDomainDeviceInfoClear(info);
5927         return ret;
5928     }
5929     
5930     static int
5931     virDomainHostdevSubsysUSBDefParseXML(xmlNodePtr node,
** CID 895677:       Incorrect expression  (BAD_SIZEOF)
/src/ch/ch_monitor.c: 946           in virCHMonitorPut()

_____________________________________________________________________________________________
*** CID 895677:         Incorrect expression  (BAD_SIZEOF)
/src/ch/ch_monitor.c: 946             in virCHMonitorPut()
940         curl_easy_setopt(mon->handle, CURLOPT_INFILESIZE, 0L);
941     
942         headers = curl_slist_append(headers, "Accept: application/json");
943     
944         curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, headers);
945         curl_easy_setopt(mon->handle, CURLOPT_WRITEFUNCTION, curl_callback);
...
...
...
CID 895677:         Incorrect expression  (BAD_SIZEOF)
    Taking the size of "&data", which is the address of an object, is suspicious.
946         curl_easy_setopt(mon->handle, CURLOPT_WRITEDATA, (void *)&data);
947     
948         if (payload) {
949             payload_str = virJSONValueToString(payload, false);
950             curl_easy_setopt(mon->handle, CURLOPT_POSTFIELDS, payload_str);
951             curl_easy_setopt(mon->handle, CURLOPT_CUSTOMREQUEST, "PUT");
** CID 895676:         (CHECKED_RETURN)
/src/ch/ch_monitor.c: 944           in virCHMonitorPut()
/src/ch/ch_monitor.c: 938           in virCHMonitorPut()
/src/ch/ch_monitor.c: 936           in virCHMonitorPut()
/src/ch/ch_monitor.c: 937           in virCHMonitorPut()
/src/ch/ch_monitor.c: 951           in virCHMonitorPut()
/src/ch/ch_monitor.c: 939           in virCHMonitorPut()
/src/ch/ch_monitor.c: 940           in virCHMonitorPut()
/src/ch/ch_monitor.c: 945           in virCHMonitorPut()
/src/ch/ch_monitor.c: 946           in virCHMonitorPut()
/src/ch/ch_monitor.c: 950           in virCHMonitorPut()

_____________________________________________________________________________________________
*** CID 895676:           (CHECKED_RETURN)
/src/ch/ch_monitor.c: 944             in virCHMonitorPut()
938         curl_easy_setopt(mon->handle, CURLOPT_UPLOAD, 1L);
939         curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, NULL);
940         curl_easy_setopt(mon->handle, CURLOPT_INFILESIZE, 0L);
941     
942         headers = curl_slist_append(headers, "Accept: application/json");
943
...
...
...
CID 895676:           (CHECKED_RETURN)
    Calling "curl_easy_setopt(mon->handle, _curl_opt, headers)" without checking return value. This library function may fail and return an error code.
944         curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, headers);
945         curl_easy_setopt(mon->handle, CURLOPT_WRITEFUNCTION, curl_callback);
946         curl_easy_setopt(mon->handle, CURLOPT_WRITEDATA, (void *)&data);
947     
948         if (payload) {
949             payload_str = virJSONValueToString(payload, false);
/src/ch/ch_monitor.c: 938             in virCHMonitorPut()
932     
933         /* reset all options of a libcurl session handle at first */
934         curl_easy_reset(mon->handle);
935     
936         curl_easy_setopt(mon->handle, CURLOPT_UNIX_SOCKET_PATH, mon->socketpath);
937         curl_easy_setopt(mon->handle, CURLOPT_URL, url);
...
CID 895676:           (CHECKED_RETURN)
    Calling "curl_easy_setopt(mon->handle, _curl_opt, 1L)" without checking return value. This library function may fail and return an error code.
938         curl_easy_setopt(mon->handle, CURLOPT_UPLOAD, 1L);
939         curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, NULL);
940         curl_easy_setopt(mon->handle, CURLOPT_INFILESIZE, 0L);
941     
942         headers = curl_slist_append(headers, "Accept: application/json");
943     
/src/ch/ch_monitor.c: 936             in virCHMonitorPut()
930     
931         url = g_strdup_printf("%s/%s", URL_ROOT, endpoint);
932     
933         /* reset all options of a libcurl session handle at first */
934         curl_easy_reset(mon->handle);
935
...
CID 895676:           (CHECKED_RETURN)
    Calling "curl_easy_setopt(mon->handle, _curl_opt, mon->socketpath)" without checking return value. This library function may fail and return an error code.
936         curl_easy_setopt(mon->handle, CURLOPT_UNIX_SOCKET_PATH, mon->socketpath);
937         curl_easy_setopt(mon->handle, CURLOPT_URL, url);
938         curl_easy_setopt(mon->handle, CURLOPT_UPLOAD, 1L);
939         curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, NULL);
940         curl_easy_setopt(mon->handle, CURLOPT_INFILESIZE, 0L);
941     
/src/ch/ch_monitor.c: 937             in virCHMonitorPut()
931         url = g_strdup_printf("%s/%s", URL_ROOT, endpoint);
932     
933         /* reset all options of a libcurl session handle at first */
934         curl_easy_reset(mon->handle);
935     
936         curl_easy_setopt(mon->handle, CURLOPT_UNIX_SOCKET_PATH, mon->socketpath);
...
CID 895676:           (CHECKED_RETURN)
    Calling "curl_easy_setopt(mon->handle, _curl_opt, url)" without checking return value. This library function may fail and return an error code.
937         curl_easy_setopt(mon->handle, CURLOPT_URL, url);
938         curl_easy_setopt(mon->handle, CURLOPT_UPLOAD, 1L);
939         curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, NULL);
940         curl_easy_setopt(mon->handle, CURLOPT_INFILESIZE, 0L);
941     
942         headers = curl_slist_append(headers, "Accept: application/json");
/src/ch/ch_monitor.c: 951             in virCHMonitorPut()
945         curl_easy_setopt(mon->handle, CURLOPT_WRITEFUNCTION, curl_callback);
946         curl_easy_setopt(mon->handle, CURLOPT_WRITEDATA, (void *)&data);
947     
948         if (payload) {
949             payload_str = virJSONValueToString(payload, false);
950             curl_easy_setopt(mon->handle, CURLOPT_POSTFIELDS, payload_str);
...
CID 895676:           (CHECKED_RETURN)
    Calling "curl_easy_setopt(mon->handle, _curl_opt, "PUT")" without checking return value. This library function may fail and return an error code.
951             curl_easy_setopt(mon->handle, CURLOPT_CUSTOMREQUEST, "PUT");
952             headers = curl_slist_append(headers, "Content-Type: application/json");
953         }
954     
955         responseCode = virCHMonitorCurlPerform(mon->handle);
956     
/src/ch/ch_monitor.c: 939             in virCHMonitorPut()
933         /* reset all options of a libcurl session handle at first */
934         curl_easy_reset(mon->handle);
935     
936         curl_easy_setopt(mon->handle, CURLOPT_UNIX_SOCKET_PATH, mon->socketpath);
937         curl_easy_setopt(mon->handle, CURLOPT_URL, url);
938         curl_easy_setopt(mon->handle, CURLOPT_UPLOAD, 1L);
...
CID 895676:           (CHECKED_RETURN)
    Calling "curl_easy_setopt(mon->handle, _curl_opt, NULL)" without checking return value. This library function may fail and return an error code.
939         curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, NULL);
940         curl_easy_setopt(mon->handle, CURLOPT_INFILESIZE, 0L);
941     
942         headers = curl_slist_append(headers, "Accept: application/json");
943     
944         curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, headers);
/src/ch/ch_monitor.c: 940             in virCHMonitorPut()
934         curl_easy_reset(mon->handle);
935     
936         curl_easy_setopt(mon->handle, CURLOPT_UNIX_SOCKET_PATH, mon->socketpath);
937         curl_easy_setopt(mon->handle, CURLOPT_URL, url);
938         curl_easy_setopt(mon->handle, CURLOPT_UPLOAD, 1L);
939         curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, NULL);
...
CID 895676:           (CHECKED_RETURN)
    Calling "curl_easy_setopt(mon->handle, _curl_opt, 0L)" without checking return value. This library function may fail and return an error code.
940         curl_easy_setopt(mon->handle, CURLOPT_INFILESIZE, 0L);
941     
942         headers = curl_slist_append(headers, "Accept: application/json");
943     
944         curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, headers);
945         curl_easy_setopt(mon->handle, CURLOPT_WRITEFUNCTION, curl_callback);
/src/ch/ch_monitor.c: 945             in virCHMonitorPut()
939         curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, NULL);
940         curl_easy_setopt(mon->handle, CURLOPT_INFILESIZE, 0L);
941     
942         headers = curl_slist_append(headers, "Accept: application/json");
943     
944         curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, headers);
...
CID 895676:           (CHECKED_RETURN)
    Calling "curl_easy_setopt(mon->handle, _curl_opt, curl_callback)" without checking return value. This library function may fail and return an error code.
945         curl_easy_setopt(mon->handle, CURLOPT_WRITEFUNCTION, curl_callback);
946         curl_easy_setopt(mon->handle, CURLOPT_WRITEDATA, (void *)&data);
947     
948         if (payload) {
949             payload_str = virJSONValueToString(payload, false);
950             curl_easy_setopt(mon->handle, CURLOPT_POSTFIELDS, payload_str);
/src/ch/ch_monitor.c: 946             in virCHMonitorPut()
940         curl_easy_setopt(mon->handle, CURLOPT_INFILESIZE, 0L);
941     
942         headers = curl_slist_append(headers, "Accept: application/json");
943     
944         curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, headers);
945         curl_easy_setopt(mon->handle, CURLOPT_WRITEFUNCTION, curl_callback);
...
CID 895676:           (CHECKED_RETURN)
    Calling "curl_easy_setopt(mon->handle, _curl_opt, (void *)&data)" without checking return value. This library function may fail and return an error code.
946         curl_easy_setopt(mon->handle, CURLOPT_WRITEDATA, (void *)&data);
947     
948         if (payload) {
949             payload_str = virJSONValueToString(payload, false);
950             curl_easy_setopt(mon->handle, CURLOPT_POSTFIELDS, payload_str);
951             curl_easy_setopt(mon->handle, CURLOPT_CUSTOMREQUEST, "PUT");
/src/ch/ch_monitor.c: 950             in virCHMonitorPut()
944         curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, headers);
945         curl_easy_setopt(mon->handle, CURLOPT_WRITEFUNCTION, curl_callback);
946         curl_easy_setopt(mon->handle, CURLOPT_WRITEDATA, (void *)&data);
947     
948         if (payload) {
949             payload_str = virJSONValueToString(payload, false);
...
CID 895676:           (CHECKED_RETURN)
    Calling "curl_easy_setopt(mon->handle, _curl_opt, payload_str)" without checking return value. This library function may fail and return an error code.
950             curl_easy_setopt(mon->handle, CURLOPT_POSTFIELDS, payload_str);
951             curl_easy_setopt(mon->handle, CURLOPT_CUSTOMREQUEST, "PUT");
952             headers = curl_slist_append(headers, "Content-Type: application/json");
953         }
954     
955         responseCode = virCHMonitorCurlPerform(mon->handle);
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/libvirt?tab=overview

scan-admin＠coverity.com

tags

participants (1)