Coverity-updates archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

New Defects reported by Coverity Scan for NetBSD-amd64-user



Hi,


Please find the latest report on new defect(s) introduced to NetBSD-amd64-user 
found with Coverity Scan.

Defect(s) Reported-by: Coverity Scan
Showing 12 of 12 defect(s)


** CID 745290:  Unchecked return value from library  (CHECKED_RETURN)
/crypto/external/bsd/heimdal/dist/lib/krb5/send_to_kdc.c: 65 in timed_connect()
/crypto/external/bsd/heimdal/dist/lib/krb5/send_to_kdc.c: 81 in timed_connect()

** CID 745319:  Logically dead code  (DEADCODE)
/crypto/external/bsd/heimdal/dist/lib/krb5/pac.c: 760 in build_logon_name()

** CID 745333:  Explicit null dereferenced  (FORWARD_NULL)
/compat/amd64/i386/obj/crypto/external/bsd/heimdal/lib/libgssapi/mech__gss_acquire_cred_ext.c:
 155 in _gss_acquire_cred_ext()
/crypto/external/bsd/heimdal/lib/libgssapi/obj/mech__gss_acquire_cred_ext.c: 
155 in _gss_acquire_cred_ext()

** CID 745334:  Explicit null dereferenced  (FORWARD_NULL)
/compat/amd64/i386/obj/crypto/external/bsd/heimdal/lib/libgssapi/mech__gss_add_cred_with_password.c:
 52 in gss_add_cred_with_password()
/crypto/external/bsd/heimdal/lib/libgssapi/obj/mech__gss_add_cred_with_password.c:
 52 in gss_add_cred_with_password()

** CID 745336:  Dereference after null check  (FORWARD_NULL)
/compat/amd64/i386/obj/crypto/external/bsd/heimdal/lib/libgssapi/mech__gss_mo.c:
 289 in gss_inquire_saslname_for_mech()
/crypto/external/bsd/heimdal/lib/libgssapi/obj/mech__gss_mo.c: 289 in 
gss_inquire_saslname_for_mech()

** CID 745439:  Resource leak  (RESOURCE_LEAK)
/compat/amd64/i386/obj/crypto/external/bsd/heimdal/lib/libgssapi/krb5__verify_mic.c:
 261 in verify_mic_des3()
/crypto/external/bsd/heimdal/lib/libgssapi/obj/krb5__verify_mic.c: 261 in 
verify_mic_des3()

** CID 745441:  Resource leak  (RESOURCE_LEAK)
/compat/amd64/i386/obj/crypto/external/bsd/heimdal/lib/libgssapi/ntlm__creds.c: 
68 in _gss_ntlm_inquire_cred()
/crypto/external/bsd/heimdal/lib/libgssapi/obj/ntlm__creds.c: 68 in 
_gss_ntlm_inquire_cred()

** CID 975238:  Unchecked return value  (CHECKED_RETURN)
/tests/fs/nfs/nfsservice/rumpnfsd.c: 98 in main()
/tests/fs/nfs/nfsservice/rumpnfsd.c: 99 in main()
/tests/fs/nfs/nfsservice/rumpnfsd.c: 100 in main()

** CID 978337:  Resource leak  (RESOURCE_LEAK)
/tests/rump/rumpvfs/t_etfs.c: 106 in atfu_reregister_reg_body()

** CID 978338:  Resource leak  (RESOURCE_LEAK)
/tests/rump/rumpvfs/t_etfs.c: 106 in atfu_reregister_reg_body()

** CID 1011266:  Unchecked return value  (CHECKED_RETURN)
/crypto/external/bsd/heimdal/dist/kadmin/rpc.c: 468 in ret_principal_ent()

** CID 1213746:  Resource leak  (RESOURCE_LEAK)
/usr.bin/xlint/lint1/func.c: 1033 in doreturn()


________________________________________________________________________________________________________
*** CID 745290:  Unchecked return value from library  (CHECKED_RETURN)
/crypto/external/bsd/heimdal/dist/lib/krb5/send_to_kdc.c: 65 in timed_connect()
59      return connect(s, addr->ai_addr, addr->ai_addrlen);
60     
61         flags = fcntl(s, F_GETFL);
62         if (flags == -1)
63      return -1;
64     
>>>     CID 745290:  Unchecked return value from library  (CHECKED_RETURN)
>>>     No check of the return value of "fcntl(s, 4, flags | 4)".
65         fcntl(s, F_SETFL, flags | O_NONBLOCK);
66         ret = connect(s, addr->ai_addr, addr->ai_addrlen);
67         if (ret == -1 && errno != EINPROGRESS)
68      return -1;
69     
70         for (;;) {
/crypto/external/bsd/heimdal/dist/lib/krb5/send_to_kdc.c: 81 in timed_connect()
75      fds.revents = 0;
76     
77      ret = poll(&fds, 1, tmout * 1000);
78      if (ret != -1 || errno != EINTR)
79          break;
80         }
>>>     CID 745290:  Unchecked return value from library  (CHECKED_RETURN)
>>>     No check of the return value of "fcntl(s, 4, flags)".
81         fcntl(s, F_SETFL, flags);
82     
83         if (ret != 1)
84      return -1;
85     
86         sl = sizeof(err);

________________________________________________________________________________________________________
*** CID 745319:  Logically dead code  (DEADCODE)
/crypto/external/bsd/heimdal/dist/lib/krb5/pac.c: 760 in build_logon_name()
754                 return ret;
755             }
756     
757             s2_len = (ucs2_len + 1) * 2;
758             s2 = malloc(s2_len);
759             if (ucs2 == NULL) {
>>>     CID 745319:  Logically dead code  (DEADCODE)
>>>     Execution cannot reach this statement "free(ucs2);".
760                 free(ucs2);
761                 return krb5_enomem(context);
762             }
763     
764             flags = WIND_RW_LE;
765             ret = wind_ucs2write(ucs2, ucs2_len,

________________________________________________________________________________________________________
*** CID 745333:  Explicit null dereferenced  (FORWARD_NULL)
/compat/amd64/i386/obj/crypto/external/bsd/heimdal/lib/libgssapi/mech__gss_acquire_cred_ext.c:
 155 in _gss_acquire_cred_ext()
149             return GSS_S_FAILURE;
150         }
151     
152         HEIM_SLIST_INIT(&cred->gc_mc);
153     
154         for (i = 0; i < mechs->count; i++) {
>>>     CID 745333:  Explicit null dereferenced  (FORWARD_NULL)
>>>     Assigning: "mn" = "NULL".
155             struct _gss_mechanism_name *mn = NULL;
156             struct _gss_mechanism_cred *mc = NULL;
157             gss_name_t desired_mech_name = GSS_C_NO_NAME;
158     
159             m = __gss_get_mechanism(&mechs->elements[i]);
160             if (!m)
/crypto/external/bsd/heimdal/lib/libgssapi/obj/mech__gss_acquire_cred_ext.c: 
155 in _gss_acquire_cred_ext()
149             return GSS_S_FAILURE;
150         }
151     
152         HEIM_SLIST_INIT(&cred->gc_mc);
153     
154         for (i = 0; i < mechs->count; i++) {
>>>     CID 745333:  Explicit null dereferenced  (FORWARD_NULL)
>>>     Assigning: "mn" = "NULL".
155             struct _gss_mechanism_name *mn = NULL;
156             struct _gss_mechanism_cred *mc = NULL;
157             gss_name_t desired_mech_name = GSS_C_NO_NAME;
158     
159             m = __gss_get_mechanism(&mechs->elements[i]);
160             if (!m)

________________________________________________________________________________________________________
*** CID 745334:  Explicit null dereferenced  (FORWARD_NULL)
/compat/amd64/i386/obj/crypto/external/bsd/heimdal/lib/libgssapi/mech__gss_add_cred_with_password.c:
 52 in gss_add_cred_with_password()
46     {
47      OM_uint32 major_status;
48      gssapi_mech_interface m;
49      struct _gss_cred *cred = (struct _gss_cred *) input_cred_handle;
50      struct _gss_cred *new_cred;
51      struct _gss_mechanism_cred *mc;
>>>     CID 745334:  Explicit null dereferenced  (FORWARD_NULL)
>>>     Assigning: "mn" = "NULL".
52      struct _gss_mechanism_name *mn = NULL;
53      OM_uint32 junk, time_req;
54     
55      *minor_status = 0;
56      *output_cred_handle = GSS_C_NO_CREDENTIAL;
57      if (initiator_time_rec)
/crypto/external/bsd/heimdal/lib/libgssapi/obj/mech__gss_add_cred_with_password.c:
 52 in gss_add_cred_with_password()
46     {
47      OM_uint32 major_status;
48      gssapi_mech_interface m;
49      struct _gss_cred *cred = (struct _gss_cred *) input_cred_handle;
50      struct _gss_cred *new_cred;
51      struct _gss_mechanism_cred *mc;
>>>     CID 745334:  Explicit null dereferenced  (FORWARD_NULL)
>>>     Assigning: "mn" = "NULL".
52      struct _gss_mechanism_name *mn = NULL;
53      OM_uint32 junk, time_req;
54     
55      *minor_status = 0;
56      *output_cred_handle = GSS_C_NO_CREDENTIAL;
57      if (initiator_time_rec)

________________________________________________________________________________________________________
*** CID 745336:  Dereference after null check  (FORWARD_NULL)
/compat/amd64/i386/obj/crypto/external/bsd/heimdal/lib/libgssapi/mech__gss_mo.c:
 289 in gss_inquire_saslname_for_mech()
283         OM_uint32 major;
284     
285         _mg_buffer_zero(sasl_mech_name);
286         _mg_buffer_zero(mech_name);
287         _mg_buffer_zero(mech_description);
288     
>>>     CID 745336:  Dereference after null check  (FORWARD_NULL)
>>>     Comparing "minor_status" to null implies that "minor_status" might be 
>>> null.
289         if (minor_status)
290             *minor_status = 0;
291     
292         if (desired_mech == NULL)
293             return GSS_S_BAD_MECH;
294     
/crypto/external/bsd/heimdal/lib/libgssapi/obj/mech__gss_mo.c: 289 in 
gss_inquire_saslname_for_mech()
283         OM_uint32 major;
284     
285         _mg_buffer_zero(sasl_mech_name);
286         _mg_buffer_zero(mech_name);
287         _mg_buffer_zero(mech_description);
288     
>>>     CID 745336:  Dereference after null check  (FORWARD_NULL)
>>>     Comparing "minor_status" to null implies that "minor_status" might be 
>>> null.
289         if (minor_status)
290             *minor_status = 0;
291     
292         if (desired_mech == NULL)
293             return GSS_S_BAD_MECH;
294     

________________________________________________________________________________________________________
*** CID 745439:  Resource leak  (RESOURCE_LEAK)
/compat/amd64/i386/obj/crypto/external/bsd/heimdal/lib/libgssapi/krb5__verify_mic.c:
 261 in verify_mic_des3()
255     
256       krb5_crypto_destroy (context, crypto);
257       ret = krb5_crypto_init(context, key,
258                              ETYPE_DES3_CBC_SHA1, &crypto);
259       if (ret){
260           *minor_status = ret;
>>>     CID 745439:  Resource leak  (RESOURCE_LEAK)
>>>     Variable "tmp" going out of scope leaks the storage it points to.
261           return GSS_S_FAILURE;
262       }
263     
264       ret = krb5_verify_checksum (context, crypto,
265                                   KRB5_KU_USAGE_SIGN,
266                                   tmp, message_buffer->length + 8,
/crypto/external/bsd/heimdal/lib/libgssapi/obj/krb5__verify_mic.c: 261 in 
verify_mic_des3()
255     
256       krb5_crypto_destroy (context, crypto);
257       ret = krb5_crypto_init(context, key,
258                              ETYPE_DES3_CBC_SHA1, &crypto);
259       if (ret){
260           *minor_status = ret;
>>>     CID 745439:  Resource leak  (RESOURCE_LEAK)
>>>     Variable "tmp" going out of scope leaks the storage it points to.
261           return GSS_S_FAILURE;
262       }
263     
264       ret = krb5_verify_checksum (context, crypto,
265                                   KRB5_KU_USAGE_SIGN,
266                                   tmp, message_buffer->length + 8,

________________________________________________________________________________________________________
*** CID 745441:  Resource leak  (RESOURCE_LEAK)
/compat/amd64/i386/obj/crypto/external/bsd/heimdal/lib/libgssapi/ntlm__creds.c: 
68 in _gss_ntlm_inquire_cred()
62          n->domain = strdup(c->domain);
63      }
64      if (n == NULL || n->user == NULL || n->domain == NULL) {
65          if (n)
66              free(n->user);
67          *minor_status = ENOMEM;
>>>     CID 745441:  Resource leak  (RESOURCE_LEAK)
>>>     Variable "n" going out of scope leaks the storage it points to.
68          return GSS_S_FAILURE;
69      }
70      *name = (gss_name_t)n;
71         }
72         if (lifetime)
73      *lifetime = GSS_C_INDEFINITE;
/crypto/external/bsd/heimdal/lib/libgssapi/obj/ntlm__creds.c: 68 in 
_gss_ntlm_inquire_cred()
62          n->domain = strdup(c->domain);
63      }
64      if (n == NULL || n->user == NULL || n->domain == NULL) {
65          if (n)
66              free(n->user);
67          *minor_status = ENOMEM;
>>>     CID 745441:  Resource leak  (RESOURCE_LEAK)
>>>     Variable "n" going out of scope leaks the storage it points to.
68          return GSS_S_FAILURE;
69      }
70      *name = (gss_name_t)n;
71         }
72         if (lifetime)
73      *lifetime = GSS_C_INDEFINITE;

________________________________________________________________________________________________________
*** CID 975238:  Unchecked return value  (CHECKED_RETURN)
/tests/fs/nfs/nfsservice/rumpnfsd.c: 98 in main()
92      rv = rump_pub_etfs_register("/etc/exports", "./exports", RUMP_ETFS_REG);
93      if (rv) {
94              errx(1, "register /etc/exports: %s", strerror(rv));
95      }
96     
97      /* mini-mtree for mountd */
>>>     CID 975238:  Unchecked return value  (CHECKED_RETURN)
>>>     No check of the return value of "rump_sys_mkdir("/var", 511U)".
98      rump_sys_mkdir("/var", 0777);
99      rump_sys_mkdir("/var/run", 0777);
100             rump_sys_mkdir("/var/db", 0777);
101     
102             if (ffs_fstest_newfs(NULL, &fsarg,
103                 imagename, FSTEST_IMGSIZE, NULL) != 0)
/tests/fs/nfs/nfsservice/rumpnfsd.c: 99 in main()
93      if (rv) {
94              errx(1, "register /etc/exports: %s", strerror(rv));
95      }
96     
97      /* mini-mtree for mountd */
98      rump_sys_mkdir("/var", 0777);
>>>     CID 975238:  Unchecked return value  (CHECKED_RETURN)
>>>     No check of the return value of "rump_sys_mkdir("/var/run", 511U)".
99      rump_sys_mkdir("/var/run", 0777);
100             rump_sys_mkdir("/var/db", 0777);
101     
102             if (ffs_fstest_newfs(NULL, &fsarg,
103                 imagename, FSTEST_IMGSIZE, NULL) != 0)
104                     err(1, "newfs failed");
/tests/fs/nfs/nfsservice/rumpnfsd.c: 100 in main()
94              errx(1, "register /etc/exports: %s", strerror(rv));
95      }
96     
97      /* mini-mtree for mountd */
98      rump_sys_mkdir("/var", 0777);
99      rump_sys_mkdir("/var/run", 0777);
>>>     CID 975238:  Unchecked return value  (CHECKED_RETURN)
>>>     No check of the return value of "rump_sys_mkdir("/var/db", 511U)".
100             rump_sys_mkdir("/var/db", 0777);
101     
102             if (ffs_fstest_newfs(NULL, &fsarg,
103                 imagename, FSTEST_IMGSIZE, NULL) != 0)
104                     err(1, "newfs failed");
105             if (ffs_fstest_mount(NULL, fsarg, exportpath, 0) != 0)

________________________________________________________________________________________________________
*** CID 978337:  Resource leak  (RESOURCE_LEAK)
/tests/rump/rumpvfs/t_etfs.c: 106 in atfu_reregister_reg_body()
100             ATF_REQUIRE_EQ(rump_sys_write(tfd, TESTSTR2, TESTSTR2SZ), 
TESTSTR2SZ);
101     
102             memset(buf, 0, sizeof(buf));
103             ATF_REQUIRE_EQ(lseek(localfd, 0, SEEK_SET), 0);
104             ATF_REQUIRE(read(localfd, buf, sizeof(buf)) > 0);
105             ATF_REQUIRE_STREQ(buf, TESTSTR2);
>>>     CID 978337:  Resource leak  (RESOURCE_LEAK)
>>>     Handle variable "etcfd" going out of scope leaks the handle.
106     }
107     
108     ATF_TC(reregister_blk);
109     ATF_TC_HEAD(reregister_blk, tc)
110     {
111     

________________________________________________________________________________________________________
*** CID 978338:  Resource leak  (RESOURCE_LEAK)
/tests/rump/rumpvfs/t_etfs.c: 106 in atfu_reregister_reg_body()
100             ATF_REQUIRE_EQ(rump_sys_write(tfd, TESTSTR2, TESTSTR2SZ), 
TESTSTR2SZ);
101     
102             memset(buf, 0, sizeof(buf));
103             ATF_REQUIRE_EQ(lseek(localfd, 0, SEEK_SET), 0);
104             ATF_REQUIRE(read(localfd, buf, sizeof(buf)) > 0);
105             ATF_REQUIRE_STREQ(buf, TESTSTR2);
>>>     CID 978338:  Resource leak  (RESOURCE_LEAK)
>>>     Handle variable "localfd" going out of scope leaks the handle.
106     }
107     
108     ATF_TC(reregister_blk);
109     ATF_TC_HEAD(reregister_blk, tc)
110     {
111     

________________________________________________________________________________________________________
*** CID 1011266:  Unchecked return value  (CHECKED_RETURN)
/crypto/external/bsd/heimdal/dist/kadmin/rpc.c: 468 in ret_principal_ent()
462         CHECK(krb5_ret_uint32(sp, &flag));
463         ent->last_pwd_change = flag;
464         CHECK(krb5_ret_uint32(sp, &flag));
465         ent->max_life = flag;
466         CHECK(krb5_ret_uint32(sp, &flag));
467         if (flag == 0)
>>>     CID 1011266:  Unchecked return value  (CHECKED_RETURN)
>>>     No check of the return value of "ret_principal_xdr(contextp, sp, 
>>> &ent->mod_name)".
468             ret_principal_xdr(contextp, sp, &ent->mod_name);
469         CHECK(krb5_ret_uint32(sp, &flag));
470         ent->mod_date = flag;
471         CHECK(krb5_ret_uint32(sp, &flag));
472         ent->attributes = flag;
473         CHECK(krb5_ret_uint32(sp, &flag));

________________________________________________________________________________________________________
*** CID 1213746:  Resource leak  (RESOURCE_LEAK)
/usr.bin/xlint/lint1/func.c: 1033 in doreturn()
1027     
1028                    chkreach();
1029     
1030            }
1031     
1032            reached = rchflg = 0;
>>>     CID 1213746:  Resource leak  (RESOURCE_LEAK)
>>>     Returning without freeing "tn" leaks the storage that it points to.
1033     }
1034     
1035     /*
1036      * Do some cleanup after a global declaration or definition.
1037      * Especially remove informations about unused lint comments.
1038      */


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, 
http://scan.coverity.com/projects/1449?tab=Overview

To unsubscribe from the email notification for new defects, 
http://scan5.coverity.com/cgi-bin/unsubscribe.py




Home | Main Index | Thread Index | Old Index