[lxc-devel] [lxc/master] Coverity fixes for veth vlan
tomponline on Github
lxc-bot at linuxcontainers.org
Tue Jun 9 11:08:04 UTC 2020
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 301 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20200609/c8ed659c/attachment-0001.bin>
-------------- next part --------------
From 4e61b19d62ea7e9d4d2c11b863701b75e24c6ad9 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Tue, 9 Jun 2020 12:01:41 +0100
Subject: [PATCH 1/3] confile: Fix coverity issue, missing return in
get_config_net_veth_vlan_tagged_id
Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
src/lxc/confile.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/lxc/confile.c b/src/lxc/confile.c
index 3ee2e8847a..68403e65e0 100644
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -5906,7 +5906,7 @@ static int get_config_net_veth_vlan_tagged_id(const char *key, char *retv, int i
struct lxc_netdev *netdev = data;
if (!netdev)
- ret_errno(EINVAL);
+ return ret_errno(EINVAL);
if (netdev->type != LXC_NET_VETH)
return 0;
From 785e15403e7a004a285686342e6d4b973e278803 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Tue, 9 Jun 2020 12:03:06 +0100
Subject: [PATCH 2/3] network: Fix coverity issue, leaking data in
lxc_ovs_setup_bridge_vlan_exec
Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
src/lxc/network.c | 15 +++++++++------
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/src/lxc/network.c b/src/lxc/network.c
index 2ff053ecae..9691ec94a0 100644
--- a/src/lxc/network.c
+++ b/src/lxc/network.c
@@ -433,11 +433,14 @@ struct ovs_veth_vlan_args {
static int lxc_ovs_setup_bridge_vlan_exec(void *data)
{
struct ovs_veth_vlan_args *args = data;
- const char *vlan_mode = "", *tag = "", *trunks = "";
+ __do_free char *vlan_mode = NULL, *tag = NULL, *trunks = NULL;
+
+ if (!args->vlan_mode)
+ return ret_errno(EINVAL);
vlan_mode = must_concat(NULL, "vlan_mode=", args->vlan_mode, (char *)NULL);
- if (args->vlan_id >= 0) {
+ if (args->vlan_id > BRIDGE_VLAN_NONE) {
char buf[5];
int rc;
@@ -449,15 +452,15 @@ static int lxc_ovs_setup_bridge_vlan_exec(void *data)
}
- if (strcmp(args->trunks, "") != 0)
+ if (args->trunks)
trunks = must_concat(NULL, "trunks=", args->trunks, (char *)NULL);
/* Detect the combination of vlan_id and trunks specified and convert to ovs-vsctl command. */
- if (strcmp(tag, "") != 0 && strcmp(trunks, "") != 0)
+ if (tag && trunks)
execlp("ovs-vsctl", "ovs-vsctl", "set", "port", args->nic, vlan_mode, tag, trunks, (char *)NULL);
- else if (strcmp(tag, "") != 0)
+ else if (tag)
execlp("ovs-vsctl", "ovs-vsctl", "set", "port", args->nic, vlan_mode, tag, (char *)NULL);
- else if (strcmp(trunks, "") != 0)
+ else if (trunks)
execlp("ovs-vsctl", "ovs-vsctl", "set", "port", args->nic, vlan_mode, trunks, (char *)NULL);
else
return -EINVAL;
From 1ee07848e7cbfb9b0673167e8f40f20082e398b1 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Tue, 9 Jun 2020 12:03:40 +0100
Subject: [PATCH 3/3] network: Fix coverity issue, dont initialise string
pointers in setup_veth_ovs_bridge_vlan
This is needed by lxc_ovs_setup_bridge_vlan_exec.
Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
src/lxc/network.c | 13 ++++++++-----
1 file changed, 8 insertions(+), 5 deletions(-)
diff --git a/src/lxc/network.c b/src/lxc/network.c
index 9691ec94a0..84bfb6b390 100644
--- a/src/lxc/network.c
+++ b/src/lxc/network.c
@@ -473,9 +473,9 @@ static int setup_veth_ovs_bridge_vlan(char *veth1, struct lxc_netdev *netdev)
int taggedLength = lxc_list_len(&netdev->priv.veth_attr.vlan_tagged_ids);
struct ovs_veth_vlan_args args;
args.nic = veth1;
- args.vlan_mode = "";
- args.vlan_id = -1;
- args.trunks = "";
+ args.vlan_mode = NULL;
+ args.vlan_id = BRIDGE_VLAN_NONE;
+ args.trunks = NULL;
/* Skip setup if no VLAN options are specified. */
if (!netdev->priv.veth_attr.vlan_id_set && taggedLength <= 0)
@@ -515,11 +515,14 @@ static int setup_veth_ovs_bridge_vlan(char *veth1, struct lxc_netdev *netdev)
if (rc < 0 || (size_t)rc >= sizeof(buf))
return log_error_errno(-1, EINVAL, "Failed to parse tagged vlan \"%u\" for interface \"%s\"", vlan_id, veth1);
- args.trunks = must_concat(NULL, args.trunks, buf, ",", (char *)NULL);
+ if (args.trunks)
+ args.trunks = must_concat(NULL, args.trunks, buf, ",", (char *)NULL);
+ else
+ args.trunks = must_concat(NULL, buf, ",", (char *)NULL);
}
}
- if (strcmp(args.vlan_mode, "") != 0) {
+ if (args.vlan_mode) {
int ret;
char cmd_output[PATH_MAX];
More information about the lxc-devel
mailing list