[libvirt] [PATCH 1/2] nwfilter: address coverity findings

This patch addresses the following coverity findings: /libvirt/src/conf/nwfilter_params.c:157: deref_parm: Directly dereferencing parameter "val". /libvirt/src/conf/nwfilter_params.c:473: negative_returns: Using variable "iterIndex" as an index to array "res->iter". /libvirt/src/nwfilter/nwfilter_ebiptables_driver.c:2891: unchecked_value: No check of the return value of "virAsprintf(&protostr, "-d 01:80:c2:00:00:00 ")". /libvirt/src/nwfilter/nwfilter_ebiptables_driver.c:2894: unchecked_value: No check of the return value of "virAsprintf(&protostr, "-p 0x%04x ", l3_protocols[protoidx].attr)". /libvirt/src/nwfilter/nwfilter_ebiptables_driver.c:3590: var_deref_op: Dereferencing null variable "inst". --- src/conf/nwfilter_params.c | 5 ++++- src/nwfilter/nwfilter_ebiptables_driver.c | 10 +++++++--- 2 files changed, 11 insertions(+), 4 deletions(-) Index: libvirt-acl/src/conf/nwfilter_params.c =================================================================== --- libvirt-acl.orig/src/conf/nwfilter_params.c +++ libvirt-acl/src/conf/nwfilter_params.c @@ -154,6 +154,9 @@ virNWFilterVarValueGetNthValue(virNWFilt { const char *res = NULL; + if (!val) + return NULL; + switch (val->valType) { case NWFILTER_VALUE_TYPE_SIMPLE: if (idx == 0) @@ -467,7 +470,7 @@ virNWFilterVarCombIterCreate(virNWFilter res->nIter++; break; case VIR_NWFILTER_VAR_ACCESS_LAST: - break; + goto err_exit; } if (virNWFilterVarCombIterAddVariable(&res->iter[iterIndex], Index: libvirt-acl/src/nwfilter/nwfilter_ebiptables_driver.c =================================================================== --- libvirt-acl.orig/src/nwfilter/nwfilter_ebiptables_driver.c +++ libvirt-acl/src/nwfilter/nwfilter_ebiptables_driver.c @@ -2878,6 +2878,7 @@ ebtablesCreateTmpSubChain(ebiptablesRule char chainPrefix = (incoming) ? CHAINPREFIX_HOST_IN_TEMP : CHAINPREFIX_HOST_OUT_TEMP; char *protostr = NULL; + int r = 0; PRINT_ROOT_CHAIN(rootchain, chainPrefix, ifname); PRINT_CHAIN(chain, chainPrefix, ifname, @@ -2888,14 +2889,14 @@ ebtablesCreateTmpSubChain(ebiptablesRule protostr = strdup(""); break; case L2_PROTO_STP_IDX: - virAsprintf(&protostr, "-d " NWFILTER_MAC_BGA " "); + r = virAsprintf(&protostr, "-d " NWFILTER_MAC_BGA " "); break; default: - virAsprintf(&protostr, "-p 0x%04x ", l3_protocols[protoidx].attr); + r = virAsprintf(&protostr, "-p 0x%04x ", l3_protocols[protoidx].attr); break; } - if (!protostr) { + if (!protostr || r < 0) { virReportOOMError(); return -1; } @@ -3589,6 +3590,9 @@ ebiptablesApplyNewRules(const char *ifna int nEbtChains = 0; char *errmsg = NULL; + if (inst == NULL) + nruleInstances = 0; + if (!chains_in_set || !chains_out_set) { virReportOOMError(); goto exit_free_sets;