[PATCH 1/1] qemuProcessEventSubmit : rename vm to event->vm
Coverity scan reports use after free issue which is a false positive. In error case, free event->vm instead of vm to avoid this warning in coverity. Coverty CID: 403592 Signed-off-by: Shaleen Bathla <shaleen.bathla@oracle.com> --- src/qemu/qemu_process.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index ee9f0784d3a3..83b553418068 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -287,7 +287,7 @@ qemuProcessEventSubmit(virDomainObj *vm, event->data = data; if (virThreadPoolSendJob(driver->workerPool, 0, event) < 0) { - virObjectUnref(vm); + virObjectUnref(event->vm); qemuProcessEventFree(event); } } -- 2.31.1
On Tue, Jan 17, 2023 at 11:51:07 +0530, Shaleen Bathla wrote:
Coverity scan reports use after free issue which is a false positive. In error case, free event->vm instead of vm to avoid this warning in coverity.
This is an insufficient justification. We normally don't modify the code _only_ to silence coverity. The reasoning is that it can be either fixed by coverity at some point, or worse coverity once again starting to report a problem with the code because of a different issue. You can try to come up with a commit message that justifies the change in a different way which would be accepted normally. (E.g. "making it obvious to the reader".)
On Tue, Jan 17, 2023 at 10:09:41AM +0100, Peter Krempa wrote:
On Tue, Jan 17, 2023 at 11:51:07 +0530, Shaleen Bathla wrote:
Coverity scan reports use after free issue which is a false positive. In error case, free event->vm instead of vm to avoid this warning in coverity.
This is an insufficient justification. We normally don't modify the code _only_ to silence coverity.
The reasoning is that it can be either fixed by coverity at some point, or worse coverity once again starting to report a problem with the code because of a different issue.
You can try to come up with a commit message that justifies the change in a different way which would be accepted normally. (E.g. "making it obvious to the reader".)
Thank you for the comment. Yes, I understand and I will send a v2 patch with the suggested commit message. Regards, Shaleen Bathla
participants (2)
-
Peter Krempa -
Shaleen Bathla