[Qemu-devel] [PATCH] crypto: avoid two coverity false positive error reports

[Qemu-devel] [PATCH] crypto: avoid two coverity false positive error reports

[Daniel P. Berrange]

In qcrypto_tls_creds_get_path() coverity complains that
we are checking '*creds' for NULL, despite having
dereferenced it previously. This is harmless bug due
to fact that the trace call was too early. Moving it
after the cleanup gets the desired semantics.

In qcrypto_tls_creds_check_cert_key_purpose() coverity
complains that we're passing a pointer to a previously
free'd buffer into gnutls_x509_crt_get_key_purpose_oid()
This is harmless because we're passing a size == 0, so
gnutls won't access the buffer, but rather just report
what size it needs to be. We can avoid it though by
explicitly setting the buffer to NULL after free'ing
it.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
 crypto/tlscreds.c     | 4 ++--
 crypto/tlscredsx509.c | 1 +
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/crypto/tlscreds.c b/crypto/tlscreds.c
index 5ec982c..e7d9c1c 100644
--- a/crypto/tlscreds.c
+++ b/crypto/tlscreds.c
@@ -123,10 +123,10 @@ qcrypto_tls_creds_get_path(QCryptoTLSCreds *creds,
         goto cleanup;
     }
 
-    trace_qcrypto_tls_creds_get_path(creds, filename,
-                                     *cred ? *cred : "<none>");
     ret = 0;
  cleanup:
+    trace_qcrypto_tls_creds_get_path(creds, filename,
+                                     *cred ? *cred : "<none>");
     return ret;
 }
 
diff --git a/crypto/tlscredsx509.c b/crypto/tlscredsx509.c
index dc46bc4..e39c10f 100644
--- a/crypto/tlscredsx509.c
+++ b/crypto/tlscredsx509.c
@@ -255,6 +255,7 @@ qcrypto_tls_creds_check_cert_key_purpose(QCryptoTLSCredsX509 *creds,
         }
 
         g_free(buffer);
+        buffer = NULL;
     }
 
     if (isServer) {
-- 
2.5.0

Re: [Qemu-devel] [PATCH] crypto: avoid two coverity false positive error reports

[Eric Blake]

[-- Attachment #1: Type: text/plain, Size: 1086 bytes --]

On 11/13/2015 10:45 AM, Daniel P. Berrange wrote:
> In qcrypto_tls_creds_get_path() coverity complains that
> we are checking '*creds' for NULL, despite having
> dereferenced it previously. This is harmless bug due
> to fact that the trace call was too early. Moving it
> after the cleanup gets the desired semantics.
> 
> In qcrypto_tls_creds_check_cert_key_purpose() coverity
> complains that we're passing a pointer to a previously
> free'd buffer into gnutls_x509_crt_get_key_purpose_oid()
> This is harmless because we're passing a size == 0, so
> gnutls won't access the buffer, but rather just report
> what size it needs to be. We can avoid it though by
> explicitly setting the buffer to NULL after free'ing
> it.
> 
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> ---
>  crypto/tlscreds.c     | 4 ++--
>  crypto/tlscredsx509.c | 1 +
>  2 files changed, 3 insertions(+), 2 deletions(-)

Reviewed-by: Eric Blake <eblake@redhat.com>

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 604 bytes --]

Re: [Qemu-devel] [PATCH] crypto: avoid two coverity false positive error reports

[Michael Tokarev]

13.11.2015 20:45, Daniel P. Berrange wrote:
> In qcrypto_tls_creds_get_path() coverity complains that
> we are checking '*creds' for NULL, despite having
> dereferenced it previously. This is harmless bug due
> to fact that the trace call was too early. Moving it
> after the cleanup gets the desired semantics.
...

Applied to -trivial, thank you!

/mjt