#161 Review and address latest Coverity issues
Closed: Fixed None Opened 7 years ago by shaines.


batch move to 1.2.10.rc1

0001-Ticket-161-Review-and-address-latest-Coverity-issues.patch
0001-Ticket-161-Review-and-address-latest-Coverity-issues.patch

All 3 patches look good.

commit changeset:2eb198fae8532bad8c5dffbbf2fbf9bae78798e7/adminutil
Author: Rich Megginson rmeggins@redhat.com
Date: Fri Jan 27 08:17:30 2012 -0700
Reviewed by: nhosoi (Thanks!)
Branch: master
Fix Description:
11120 Dereference after null check
don't access info if it is NULL
Platforms tested: RHEL6 x86_64
Flag Day: no
Doc impact: no
commit changeset:cae399a681a6808fea9853c63431cf8bfaab3cbb/adminutil
Author: Rich Megginson rmeggins@redhat.com
Date: Thu Jan 26 14:50:59 2012 -0700
Branch: master
Fix Description:
11120 Dereference after null check
don't access info if it is NULL
Platforms tested: RHEL6 x86_64
Flag Day: no
Doc impact: no

commit changeset:fc8a615d66d526e25356cc0fbeed149ddd64f4a8/389-admin
Author: Rich Megginson rmeggins@redhat.com
Date: Thu Jan 26 14:24:55 2012 -0700
Branch: master
Fix Description:
12456-12455 Time of check time of use
get rid of unused code

12454 Time of check time of use In change_uid()
open file first using open() and perform other operations using the fd

12452 Format string vulnerability
get rid of unused code

12448 Time of check time of use
get rid of unused code

11147-11146 Missing varargs init or cleanup
be sure to call va_end() to cleanup

11145 Resource leak In cgid_server()
close(sd) before leaving function

11144-11142 Resource leak
get rid of unused code

11141 Resource leak In list_directory():
free ar

11140 Resource leak
get rid of unused code

11121 Missing break in switch
get rid of unused code
Platforms tested: RHEL6 x86_64
Flag Day: no
Doc impact: no

commit changeset:24731b3/389-ds-base
Author: Rich Megginson rmeggins@redhat.com
Date: Thu Jan 26 12:13:54 2012 -0700

Ticket #161 - Review and address latest Coverity issues

https://fedorahosted.org/389/ticket/161
Resolves: Ticket #161
Bug Description: Review and address latest Coverity issues
Reviewed by: nhosoi (Thanks!)
Branch: master
Fix Description:
12486 12485 12484 Resource leak In
linked_attrs_add_backlinks_callback(): Leak of memory or pointers to
system resources
the return -1 left targetsdn, targets, and pb dangling
allocate targetsdn after shutdown check - instead of return -1, goto done an

12481 Resource leak In config_set_default_naming_context(): Leak of
memory or pointers to system resources
free suffix before return

12477 Uninitialized pointer read In index_addordel_entry(): Reads an
uninitialized pointer or its target
use LDBM_PARENTID_STR instead of type

12476 Dereference after null check In string_assertion2keys_ava():
Pointer is checked against null but then dereferenced anyway
check for NULL val

12475 Logically dead code In _entryrdn_insert_key(): Code can never be
reached because of a logical contradiction
get rid of dead code

12448 Time of check time of use In INTdir_create_all(): A check occurs
on a file's attributes before the file is used in a privileged
operation, but things may have changed
get rid of unused code

12447-12444 Time of check time of use
use open() to open the file, then use the functions that take an fd to
further test or access the file - this prevents someone changing the file
between functions that only use the filename

12434-12425 Copy into fixed size buffer
use strncpy or snprintf and make sure the string is null terminated

Platforms tested: RHEL6 x86_64, Fedora 16
Flag Day: no
Doc impact: no

Added initial screened field value.

Metadata Update from @rmeggins:
- Issue assigned to rmeggins
- Issue set to the milestone: 1.2.10.rc1

2 years ago

Login to comment on this ticket.

Metadata