389-ds-base

Clone
Source Code
GIT

#49385 Fix coverity issues
Closed: wontfix 6 years ago Opened 6 years ago by mreynolds.

Closed: wontfix
Reopen Issue

Issue Description

covscan on 1.3.7 reported many issues

389-ds-base-1.3.7.5/ldap/servers/slapd/conntable.c:375: overrun-buffer-arg: Overrunning array "buf2" of 20 bytes by passing it to a function which accesses it at byte offset 31 using argument "32UL". 

389-ds-base-1.3.7.5/ldap/servers/snmp/main.c:59: tainted_data: Passing tainted variable "secs" to a tainted sink. 


389-ds-base-1.3.7.5/ldap/servers/slapd/referral.c:223: uninit_use: Using uninitialized value "scope".

389-ds-base-1.3.7.5/ldap/servers/plugins/replication/urp.c:2173: uninit_use_in_call: Using uninitialized element of array "csnstr" when calling "strlen". 


1. Defect type: RESOURCE_LEAK
16. 389-ds-base-1.3.7.5/ldap/servers/slapd/plugin.c:4251: leaked_storage: Variable "pb" going out of scope leaks the storage it points to.
Expand
2. Defect type: RESOURCE_LEAK
85. 389-ds-base-1.3.7.5/ldap/servers/slapd/passwd_extop.c:865: leaked_storage: Variable "pwpolicy" going out of scope leaks the storage it points to.
Expand
3. Defect type: RESOURCE_LEAK
83. 389-ds-base-1.3.7.5/ldap/servers/slapd/modify.c:926: leaked_storage: Variable "va" going out of scope leaks the storage it points to.
Expand
4. Defect type: RESOURCE_LEAK
98. 389-ds-base-1.3.7.5/ldap/servers/slapd/back-ldbm/index.c:1066: overwrite_var: Overwriting "idl" in "idl = idl_alloc(0U)" leaks the storage that "idl" points to.
Expand
5. Defect type: RESOURCE_LEAK
45. 389-ds-base-1.3.7.5/ldap/servers/slapd/add.c:734: leaked_storage: Variable "pwpolicy" going out of scope leaks the storage it points to.
Expand
6. Defect type: RESOURCE_LEAK
113. 389-ds-base-1.3.7.5/ldap/servers/plugins/syntaxes/string.c:398: leaked_storage: Variable "alt" going out of scope leaks the storage it points to.
Expand
7. Defect type: RESOURCE_LEAK
21. 389-ds-base-1.3.7.5/ldap/servers/plugins/replication/urp.c:1666: leaked_storage: Variable "parentrdn" going out of scope leaks the storage it points to.
Expand
8. Defect type: RESOURCE_LEAK
16. 389-ds-base-1.3.7.5/ldap/servers/plugins/replication/urp.c:876: leaked_storage: Variable "rdn" going out of scope leaks the storage it points to.
Expand
9. Defect type: RESOURCE_LEAK
16. 389-ds-base-1.3.7.5/ldap/servers/plugins/replication/urp.c:876: leaked_storage: Variable "add_pb" going out of scope leaks the storage it points to. 

 4. 389-ds-base-1.3.7.5/ldap/servers/slapd/task.c:1092: var_deref_op: Dereferencing null pointer "inp".
Expand
2. Defect type: FORWARD_NULL
4. 389-ds-base-1.3.7.5/ldap/servers/slapd/task.c:285:5: deref_parm: Directly dereferencing parameter "task".
Expand
3. Defect type: FORWARD_NULL
11. 389-ds-base-1.3.7.5/ldap/servers/slapd/search.c:144: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
4. Defect type: FORWARD_NULL
3. 389-ds-base-1.3.7.5/ldap/servers/slapd/saslbind.c:918: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
5. Defect type: FORWARD_NULL
3. 389-ds-base-1.3.7.5/ldap/servers/slapd/saslbind.c:847: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
6. Defect type: FORWARD_NULL
14. 389-ds-base-1.3.7.5/ldap/servers/slapd/result.c:2190: var_deref_op: Dereferencing null pointer "conn".
Expand
7. Defect type: FORWARD_NULL
12. 389-ds-base-1.3.7.5/ldap/servers/slapd/result.c:2181: var_deref_op: Dereferencing null pointer "conn".
Expand
8. Defect type: FORWARD_NULL
11. 389-ds-base-1.3.7.5/ldap/servers/slapd/result.c:2177: var_deref_op: Dereferencing null pointer "op".
Expand
9. Defect type: FORWARD_NULL
6. 389-ds-base-1.3.7.5/ldap/servers/slapd/result.c:664: var_deref_op: Dereferencing null pointer "op".
Expand
10. Defect type: FORWARD_NULL
5. 389-ds-base-1.3.7.5/ldap/servers/slapd/result.c:651: var_deref_op: Dereferencing null pointer "op".
Expand
11. Defect type: FORWARD_NULL
16. 389-ds-base-1.3.7.5/ldap/servers/slapd/result.c:399: var_deref_op: Dereferencing null pointer "conn".
Expand
12. Defect type: FORWARD_NULL
21. 389-ds-base-1.3.7.5/ldap/servers/slapd/pw_mgmt.c:253: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
13. Defect type: FORWARD_NULL
22. 389-ds-base-1.3.7.5/ldap/servers/slapd/pw_mgmt.c:237: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
14. Defect type: FORWARD_NULL
21. 389-ds-base-1.3.7.5/ldap/servers/slapd/pw_mgmt.c:230: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
15. Defect type: FORWARD_NULL
19. 389-ds-base-1.3.7.5/ldap/servers/slapd/pw_mgmt.c:210: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
16. Defect type: FORWARD_NULL
21. 389-ds-base-1.3.7.5/ldap/servers/slapd/pw_mgmt.c:186: var_deref_op: Dereferencing null pointer "pb_op".
Expand
17. Defect type: FORWARD_NULL
18. 389-ds-base-1.3.7.5/ldap/servers/slapd/pw_mgmt.c:153: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
18. Defect type: FORWARD_NULL
12. 389-ds-base-1.3.7.5/ldap/servers/slapd/pw_mgmt.c:124: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
19. Defect type: FORWARD_NULL
11. 389-ds-base-1.3.7.5/ldap/servers/slapd/pw_mgmt.c:102: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
20. Defect type: FORWARD_NULL
17. 389-ds-base-1.3.7.5/ldap/servers/slapd/psearch.c:533: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
21. Defect type: FORWARD_NULL
7. 389-ds-base-1.3.7.5/ldap/servers/slapd/psearch.c:291: var_deref_op: Dereferencing null pointer "pb_op".
Expand
22. Defect type: FORWARD_NULL
4. 389-ds-base-1.3.7.5/ldap/servers/slapd/psearch.c:281: var_deref_op: Dereferencing null pointer "pb_op".
Expand
23. Defect type: FORWARD_NULL
3. 389-ds-base-1.3.7.5/ldap/servers/slapd/psearch.c:276: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
24. Defect type: FORWARD_NULL
11. 389-ds-base-1.3.7.5/ldap/servers/slapd/passwd_extop.c:505: var_deref_op: Dereferencing null pointer "conn".
Expand
25. Defect type: FORWARD_NULL
43. 389-ds-base-1.3.7.5/ldap/servers/slapd/operation.c:369:5: deref_parm: Directly dereferencing parameter "op".
Expand
26. Defect type: FORWARD_NULL
13. 389-ds-base-1.3.7.5/ldap/servers/slapd/operation.c:360:5: deref_parm: Directly dereferencing parameter "op".
Expand
27. Defect type: FORWARD_NULL
7. 389-ds-base-1.3.7.5/ldap/servers/slapd/operation.c:354:5: deref_parm: Directly dereferencing parameter "op".
Expand
28. Defect type: FORWARD_NULL
14. 389-ds-base-1.3.7.5/ldap/servers/slapd/modify.c:1211: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
29. Defect type: FORWARD_NULL
7. 389-ds-base-1.3.7.5/ldap/servers/slapd/modify.c:1172: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
30. Defect type: FORWARD_NULL
25. 389-ds-base-1.3.7.5/ldap/servers/slapd/modify.c:261: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
31. Defect type: FORWARD_NULL
9. 389-ds-base-1.3.7.5/ldap/servers/slapd/modify.c:187: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
32. Defect type: FORWARD_NULL
3. 389-ds-base-1.3.7.5/ldap/servers/slapd/modify.c:125: var_deref_op: Dereferencing null pointer "operation".
Expand
33. Defect type: FORWARD_NULL
30. 389-ds-base-1.3.7.5/ldap/servers/slapd/filter.c:295:9: deref_parm: Directly dereferencing parameter "conn".
Expand
34. Defect type: FORWARD_NULL
12. 389-ds-base-1.3.7.5/ldap/servers/slapd/extendop.c:265: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
35. Defect type: FORWARD_NULL
11. 389-ds-base-1.3.7.5/ldap/servers/slapd/extendop.c:259: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
36. Defect type: FORWARD_NULL
3. 389-ds-base-1.3.7.5/ldap/servers/slapd/extendop.c:231: var_deref_op: Dereferencing null pointer "pb_op".
Expand
37. Defect type: FORWARD_NULL
21. 389-ds-base-1.3.7.5/ldap/servers/slapd/extendop.c:138: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
38. Defect type: FORWARD_NULL
49. 389-ds-base-1.3.7.5/ldap/servers/slapd/entry.c:2013:5: deref_parm: Directly dereferencing parameter "e".
Expand
39. Defect type: FORWARD_NULL
17. 389-ds-base-1.3.7.5/ldap/servers/slapd/dn.c:2481:5: deref_parm: Directly dereferencing parameter "from".
Expand
40. Defect type: FORWARD_NULL
8. 389-ds-base-1.3.7.5/ldap/servers/slapd/delete.c:264: var_deref_op: Dereferencing null pointer "pb_op".
Expand
41. Defect type: FORWARD_NULL
8. 389-ds-base-1.3.7.5/ldap/servers/slapd/delete.c:264: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
42. Defect type: FORWARD_NULL
33. 389-ds-base-1.3.7.5/ldap/servers/slapd/connection.c:1789: var_deref_op: Dereferencing null pointer "pb_op".
Expand
43. Defect type: FORWARD_NULL
10. 389-ds-base-1.3.7.5/ldap/servers/slapd/connection.c:1551: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
44. Defect type: FORWARD_NULL
19. 389-ds-base-1.3.7.5/ldap/servers/slapd/connection.c:1138:18: deref_parm: Directly dereferencing parameter "conn".
Expand
45. Defect type: FORWARD_NULL
3. 389-ds-base-1.3.7.5/ldap/servers/slapd/compare.c:41: var_deref_op: Dereferencing null pointer "pb_op".
Expand
46. Defect type: FORWARD_NULL
11. 389-ds-base-1.3.7.5/ldap/servers/slapd/bind.c:878: var_deref_op: Dereferencing null pointer "pb_op".
Expand
47. Defect type: FORWARD_NULL
11. 389-ds-base-1.3.7.5/ldap/servers/slapd/bind.c:878: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
48. Defect type: FORWARD_NULL
10. 389-ds-base-1.3.7.5/ldap/servers/slapd/bind.c:872: var_deref_op: Dereferencing null pointer "pb_op".
Expand
49. Defect type: FORWARD_NULL
10. 389-ds-base-1.3.7.5/ldap/servers/slapd/bind.c:872: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
50. Defect type: FORWARD_NULL
9. 389-ds-base-1.3.7.5/ldap/servers/slapd/bind.c:866: var_deref_op: Dereferencing null pointer "pb_op".
Expand
51. Defect type: FORWARD_NULL
9. 389-ds-base-1.3.7.5/ldap/servers/slapd/bind.c:866: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
52. Defect type: FORWARD_NULL
6. 389-ds-base-1.3.7.5/ldap/servers/slapd/bind.c:860: var_deref_op: Dereferencing null pointer "pb_op".
Expand
53. Defect type: FORWARD_NULL
6. 389-ds-base-1.3.7.5/ldap/servers/slapd/bind.c:860: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
54. Defect type: FORWARD_NULL
29. 389-ds-base-1.3.7.5/ldap/servers/slapd/bind.c:229: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
55. Defect type: FORWARD_NULL
3. 389-ds-base-1.3.7.5/ldap/servers/slapd/bind.c:61: var_deref_op: Dereferencing null pointer "pb_op".
Expand
56. Defect type: FORWARD_NULL
37. 389-ds-base-1.3.7.5/ldap/servers/slapd/back-ldbm/ldbm_search.c:1178:13: deref_parm: Directly dereferencing parameter "e".
Expand
57. Defect type: FORWARD_NULL
10. 389-ds-base-1.3.7.5/ldap/servers/slapd/back-ldbm/ldbm_add.c:134: var_deref_model: Passing null pointer "e" to "slapi_entry_delete_values", which dereferences it.
Expand
58. Defect type: FORWARD_NULL
16. 389-ds-base-1.3.7.5/ldap/servers/slapd/back-ldbm/dbversion.c:162: var_deref_op: Dereferencing null pointer "dataversion".
Expand
59. Defect type: FORWARD_NULL
3. 389-ds-base-1.3.7.5/ldap/servers/slapd/add.c:869: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
60. Defect type: FORWARD_NULL
8. 389-ds-base-1.3.7.5/ldap/servers/slapd/add.c:452: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
61. Defect type: FORWARD_NULL
21. 389-ds-base-1.3.7.5/ldap/servers/slapd/add.c:169: var_deref_op: Dereferencing null pointer "pb_conn".
Expand
62. Defect type: FORWARD_NULL
3. 389-ds-base-1.3.7.5/ldap/servers/slapd/abandon.c:45: var_deref_op: Dereferencing null pointer "pb_op".
Expand
63. Defect type: FORWARD_NULL
16. 389-ds-base-1.3.7.5/ldap/servers/plugins/http/http_impl.c:628: var_deref_model: Passing null pointer "path" to "strcat", which dereferences it. [Note: The source code implementation of the function has been overridden by a builtin model.]

Metadata Update from @mreynolds:
- Issue assigned to mreynolds
6 years ago

Metadata Update from @mreynolds:
- Custom field component adjusted to None
- Custom field origin adjusted to None
- Custom field reviewstatus adjusted to None
- Custom field type adjusted to None
- Custom field version adjusted to None
- Issue set to the milestone: 1.3.7.0
6 years ago

Metadata Update from @mreynolds:
- Custom field reviewstatus adjusted to review (was: None)
6 years ago

I was running the conflict tests and get slightly different results with this coverity patch, which is surprising. I need a bit more time.
and the fix in mod_objectclass_attr might make coverity happy, but we need another change (it works correcly by chance)

Metadata Update from @lkrispen:
- Custom field reviewstatus adjusted to ack (was: review)
6 years ago

93a2958..805e8f4 master -> master

e22e008..6d88a7b 389-ds-base-1.3.7 -> 389-ds-base-1.3.7

Metadata Update from @mreynolds:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)
6 years ago

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/389ds/389-ds-base/issues/2444

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata Update from @spichugi:
- Issue close_status updated to: wontfix (was: fixed)
3 years ago

Login to comment on this ticket.

Metadata
None
None
None
None
ack
None
None
Attachments 2
0001-Ticket-49385-Fix-coverity-warnings.patch
Attached 6 years ago View Comment
0001-Ticket-49385-Fix-coverity-warnings.patch
Attached 6 years ago View Comment
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.