From: "Daniel P. Berrange" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: qemu-trivial@nongnu.org, Paolo Bonzini <pbonzini@redhat.com>
Subject: [Qemu-devel] [PATCH] crypto: avoid two coverity false positive error reports
Date: Fri, 13 Nov 2015 17:45:27 +0000 [thread overview]
Message-ID: <1447436727-26484-1-git-send-email-berrange@redhat.com> (raw)
In qcrypto_tls_creds_get_path() coverity complains that
we are checking '*creds' for NULL, despite having
dereferenced it previously. This is harmless bug due
to fact that the trace call was too early. Moving it
after the cleanup gets the desired semantics.
In qcrypto_tls_creds_check_cert_key_purpose() coverity
complains that we're passing a pointer to a previously
free'd buffer into gnutls_x509_crt_get_key_purpose_oid()
This is harmless because we're passing a size == 0, so
gnutls won't access the buffer, but rather just report
what size it needs to be. We can avoid it though by
explicitly setting the buffer to NULL after free'ing
it.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
crypto/tlscreds.c | 4 ++--
crypto/tlscredsx509.c | 1 +
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/crypto/tlscreds.c b/crypto/tlscreds.c
index 5ec982c..e7d9c1c 100644
--- a/crypto/tlscreds.c
+++ b/crypto/tlscreds.c
@@ -123,10 +123,10 @@ qcrypto_tls_creds_get_path(QCryptoTLSCreds *creds,
goto cleanup;
}
- trace_qcrypto_tls_creds_get_path(creds, filename,
- *cred ? *cred : "<none>");
ret = 0;
cleanup:
+ trace_qcrypto_tls_creds_get_path(creds, filename,
+ *cred ? *cred : "<none>");
return ret;
}
diff --git a/crypto/tlscredsx509.c b/crypto/tlscredsx509.c
index dc46bc4..e39c10f 100644
--- a/crypto/tlscredsx509.c
+++ b/crypto/tlscredsx509.c
@@ -255,6 +255,7 @@ qcrypto_tls_creds_check_cert_key_purpose(QCryptoTLSCredsX509 *creds,
}
g_free(buffer);
+ buffer = NULL;
}
if (isServer) {
--
2.5.0
next reply other threads:[~2015-11-13 17:45 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-13 17:45 Daniel P. Berrange [this message]
2015-11-13 21:41 ` [Qemu-devel] [PATCH] crypto: avoid two coverity false positive error reports Eric Blake
2015-11-29 10:42 ` Michael Tokarev
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1447436727-26484-1-git-send-email-berrange@redhat.com \
--to=berrange@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-trivial@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).