Hi, Please find the latest report on new defect(s) introduced to libvirt found with Coverity Scan. 3 new defect(s) introduced to libvirt found with Coverity Scan. 3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 3 of 3 defect(s) ** CID 471138: Null pointer dereferences (REVERSE_INULL) /src/util/virxml.c: 1040 in catchXMLError() ________________________________________________________________________________________________________ *** CID 471138: Null pointer dereferences (REVERSE_INULL) /src/util/virxml.c: 1040 in catchXMLError() 1034 const char *filename = NULL; 1035 1036 if (private) 1037 filename = private->filename; 1038 1039 /* conditions for error printing */

...

...

CID 471138: Null pointer dereferences (REVERSE_INULL) Null-checking "ctxt" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.

1040 if (!ctxt || 1041 (virGetLastErrorCode()) || 1042 ctxt->input == NULL || 1043 lastError == NULL || 1044 lastError->level != XML_ERR_FATAL || 1045 lastError->message == NULL)

** CID 471137: Insecure data handling (INTEGER_OVERFLOW) /src/hypervisor/domain_logcontext.c: 234 in domainLogContextRead() ________________________________________________________________________________________________________ *** CID 471137: Insecure data handling (INTEGER_OVERFLOW) /src/hypervisor/domain_logcontext.c: 234 in domainLogContextRead() 228 _("Unable to read from log file")); 229 return -1; 230 } 231 232 buf[got] = '\0'; 233

...

...

CID 471137: Insecure data handling (INTEGER_OVERFLOW) "__n", which might have overflowed, is passed to "g_realloc(__p, __n)".

234 buf = g_renew(char, buf, got + 1); 235 buflen = got; 236 } 237 238 *msg = buf; 239

** CID 471136: Incorrect expression (BAD_SIZEOF) /src/ch/ch_monitor.c: 722 in virCHMonitorPutNoContent() ________________________________________________________________________________________________________ *** CID 471136: Incorrect expression (BAD_SIZEOF) /src/ch/ch_monitor.c: 722 in virCHMonitorPutNoContent() 716 curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, NULL); 717 curl_easy_setopt(mon->handle, CURLOPT_INFILESIZE, 0L); 718 719 headers = curl_slist_append(headers, "Accept: application/json"); 720 curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, headers); 721 curl_easy_setopt(mon->handle, CURLOPT_WRITEFUNCTION, curl_callback);

...

...

CID 471136: Incorrect expression (BAD_SIZEOF) Taking the size of "&data", which is the address of an object, is suspicious.

722 curl_easy_setopt(mon->handle, CURLOPT_WRITEDATA, (void *)&data); 723 724 responseCode = virCHMonitorCurlPerform(mon->handle); 725 726 if (logCtxt && data.size) { 727 /* Do this to append a NULL char at the end of data */

________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2B...