[cgmanager-devel] New Defects reported by Coverity Scan for cgmanager
scan-admin at coverity.com
scan-admin at coverity.com
Wed Jan 15 14:55:23 UTC 2014
Hi,
Please find the latest report on new defect(s) introduced to cgmanager found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 5 of 5 defect(s)
** CID 1155356: Logically dead code (DEADCODE)
/chowncgroup.c: 283 in main()
** CID 1155355: Logically dead code (DEADCODE)
/movepid.c: 277 in main()
** CID 1155354: Dereference after null check (FORWARD_NULL)
/access_checks.c: 67 in get_nih_io_creds()
** CID 1155353: String not null terminated (STRING_NULL)
/cgmanager-proxy.c: 302 in get_pid_scm_reader()
** CID 1155352: String not null terminated (STRING_NULL)
/getpidcgroup.c: 253 in main()
________________________________________________________________________________________________________
*** CID 1155356: Logically dead code (DEADCODE)
/chowncgroup.c: 283 in main()
277 exitval = 0;
278
279 out:
280 if (message)
281 dbus_message_unref(message);
282 if (reply)
>>> CID 1155356: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "dbus_message_unref(reply);".
283 dbus_message_unref(reply);
284 dbus_connection_unref (conn);
285
286 exit(exitval);
________________________________________________________________________________________________________
*** CID 1155355: Logically dead code (DEADCODE)
/movepid.c: 277 in main()
271 exitval = 0;
272
273 out:
274 if (message)
275 dbus_message_unref(message);
276 if (reply)
>>> CID 1155355: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "dbus_message_unref(reply);".
277 dbus_message_unref(reply);
278 dbus_connection_unref (conn);
279
280 exit(exitval);
________________________________________________________________________________________________________
*** CID 1155354: Dereference after null check (FORWARD_NULL)
/access_checks.c: 67 in get_nih_io_creds()
61 if (!msg) {
62 nih_error("failed reading msg for ucred");
63 return false;
64 }
65 struct cmsghdr *cmsg = msg->control[0];
66 if (!cmsg) nih_error("cmsg null");
>>> CID 1155354: Dereference after null check (FORWARD_NULL)
>>> Dereferencing null pointer "cmsg".
67 if (cmsg->cmsg_level != SOL_SOCKET) nih_error("level %d sock %d", cmsg->cmsg_level, SOL_SOCKET);
68 if (!cmsg || cmsg->cmsg_level != SOL_SOCKET ||
69 cmsg->cmsg_len != CMSG_LEN (sizeof(*ucred)) ||
70 cmsg->cmsg_type != SCM_CREDENTIALS) {
71 nih_error("non-scm control message");
72 return false;
________________________________________________________________________________________________________
*** CID 1155353: String not null terminated (STRING_NULL)
/cgmanager-proxy.c: 302 in get_pid_scm_reader()
296 }
297 nih_info (_("Client fd is: %d (pid=%d, uid=%d, gid=%d)"),
298 data->fd, data->rcred.pid, data->rcred.uid, data->rcred.gid);
299 nih_info (_("Victim is pid=%d"), vcred.pid);
300
301 if (!get_pid_cgroup_main(data, controller, data->rcred, vcred, &output))
>>> CID 1155353: String not null terminated (STRING_NULL)
>>> Passing unterminated string "output" to "strlen(char const *)", which expects a null-terminated string.
302 ret = write(data->fd, output, strlen(output));
303 else
304 ret = write(data->fd, &vcred, 0); // kick the client
305 if (ret < 0)
306 nih_error("getPidCgroupScm: Error writing final result to client");
307 out:
________________________________________________________________________________________________________
*** CID 1155352: String not null terminated (STRING_NULL)
/getpidcgroup.c: 253 in main()
247 nih_error("Error sending pid over SCM_CREDENTIAL");
248 goto out;
249 }
250 char output[MAXPATHLEN];
251 memset(output, 0, MAXPATHLEN);
252 if (read(sv[0], output, MAXPATHLEN) <= 0) {
>>> CID 1155352: String not null terminated (STRING_NULL)
>>> Passing unterminated string "output" to "printf(char const * restrict, ...)".
253 printf("%s\n", output);
254 exitval = 0;
255 } else
256 nih_error("Server returned an error");
257 close(sv[0]);
258 close(sv[1]);
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/1082?tab=Overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
More information about the cgmanager-devel
mailing list