From 18adb6cf82e406e507a899493b188fd9cf624fa9 Mon Sep 17 00:00:00 2001 From: Stefan Berger Date: Thu, 26 Apr 2012 16:45:36 -0400 Subject: [PATCH] nwfilter: address coverity findings This patch addresses the following coverity findings: /libvirt/src/conf/nwfilter_params.c:157: deref_parm: Directly dereferencing parameter "val". /libvirt/src/conf/nwfilter_params.c:473: negative_returns: Using variable "iterIndex" as an index to array "res->iter". /libvirt/src/nwfilter/nwfilter_ebiptables_driver.c:2891: unchecked_value: No check of the return value of "virAsprintf(&protostr, "-d 01:80:c2:00:00:00 ")". /libvirt/src/nwfilter/nwfilter_ebiptables_driver.c:2894: unchecked_value: No check of the return value of "virAsprintf(&protostr, "-p 0x%04x ", l3_protocols[protoidx].attr)". /libvirt/src/nwfilter/nwfilter_ebiptables_driver.c:3590: var_deref_op: Dereferencing null variable "inst". --- src/conf/nwfilter_params.c | 5 ++++- src/nwfilter/nwfilter_ebiptables_driver.c | 8 ++++++-- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/src/conf/nwfilter_params.c b/src/conf/nwfilter_params.c index 3ad4bed995..bf3f1c10d1 100644 --- a/src/conf/nwfilter_params.c +++ b/src/conf/nwfilter_params.c @@ -154,6 +154,9 @@ virNWFilterVarValueGetNthValue(virNWFilterVarValuePtr val, unsigned int idx) { const char *res = NULL; + if (!val) + return NULL; + switch (val->valType) { case NWFILTER_VALUE_TYPE_SIMPLE: if (idx == 0) @@ -467,7 +470,7 @@ virNWFilterVarCombIterCreate(virNWFilterHashTablePtr hash, res->nIter++; break; case VIR_NWFILTER_VAR_ACCESS_LAST: - break; + goto err_exit; } if (virNWFilterVarCombIterAddVariable(&res->iter[iterIndex], diff --git a/src/nwfilter/nwfilter_ebiptables_driver.c b/src/nwfilter/nwfilter_ebiptables_driver.c index 624edbeb6c..5e8fec3935 100644 --- a/src/nwfilter/nwfilter_ebiptables_driver.c +++ b/src/nwfilter/nwfilter_ebiptables_driver.c @@ -2888,10 +2888,11 @@ ebtablesCreateTmpSubChain(ebiptablesRuleInstPtr *inst, protostr = strdup(""); break; case L2_PROTO_STP_IDX: - virAsprintf(&protostr, "-d " NWFILTER_MAC_BGA " "); + ignore_value(virAsprintf(&protostr, "-d " NWFILTER_MAC_BGA " ")); break; default: - virAsprintf(&protostr, "-p 0x%04x ", l3_protocols[protoidx].attr); + ignore_value(virAsprintf(&protostr, "-p 0x%04x ", + l3_protocols[protoidx].attr)); break; } @@ -3575,6 +3576,9 @@ ebiptablesApplyNewRules(const char *ifname, int nEbtChains = 0; char *errmsg = NULL; + if (inst == NULL) + nruleInstances = 0; + if (!chains_in_set || !chains_out_set) { virReportOOMError(); goto exit_free_sets;