From: Stefan Berger Date: Thu, 26 Apr 2012 20:45:36 +0000 (-0400) Subject: nwfilter: address coverity findings X-Git-Tag: v0.9.11.3~6 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=18adb6cf82e406e507a899493b188fd9cf624fa9;p=thirdparty%2Flibvirt.git nwfilter: address coverity findings This patch addresses the following coverity findings: /libvirt/src/conf/nwfilter_params.c:157: deref_parm: Directly dereferencing parameter "val". /libvirt/src/conf/nwfilter_params.c:473: negative_returns: Using variable "iterIndex" as an index to array "res->iter". /libvirt/src/nwfilter/nwfilter_ebiptables_driver.c:2891: unchecked_value: No check of the return value of "virAsprintf(&protostr, "-d 01:80:c2:00:00:00 ")". /libvirt/src/nwfilter/nwfilter_ebiptables_driver.c:2894: unchecked_value: No check of the return value of "virAsprintf(&protostr, "-p 0x%04x ", l3_protocols[protoidx].attr)". /libvirt/src/nwfilter/nwfilter_ebiptables_driver.c:3590: var_deref_op: Dereferencing null variable "inst". --- diff --git a/src/conf/nwfilter_params.c b/src/conf/nwfilter_params.c index 3ad4bed995..bf3f1c10d1 100644 --- a/src/conf/nwfilter_params.c +++ b/src/conf/nwfilter_params.c @@ -154,6 +154,9 @@ virNWFilterVarValueGetNthValue(virNWFilterVarValuePtr val, unsigned int idx) { const char *res = NULL; + if (!val) + return NULL; + switch (val->valType) { case NWFILTER_VALUE_TYPE_SIMPLE: if (idx == 0) @@ -467,7 +470,7 @@ virNWFilterVarCombIterCreate(virNWFilterHashTablePtr hash, res->nIter++; break; case VIR_NWFILTER_VAR_ACCESS_LAST: - break; + goto err_exit; } if (virNWFilterVarCombIterAddVariable(&res->iter[iterIndex], diff --git a/src/nwfilter/nwfilter_ebiptables_driver.c b/src/nwfilter/nwfilter_ebiptables_driver.c index 624edbeb6c..5e8fec3935 100644 --- a/src/nwfilter/nwfilter_ebiptables_driver.c +++ b/src/nwfilter/nwfilter_ebiptables_driver.c @@ -2888,10 +2888,11 @@ ebtablesCreateTmpSubChain(ebiptablesRuleInstPtr *inst, protostr = strdup(""); break; case L2_PROTO_STP_IDX: - virAsprintf(&protostr, "-d " NWFILTER_MAC_BGA " "); + ignore_value(virAsprintf(&protostr, "-d " NWFILTER_MAC_BGA " ")); break; default: - virAsprintf(&protostr, "-p 0x%04x ", l3_protocols[protoidx].attr); + ignore_value(virAsprintf(&protostr, "-p 0x%04x ", + l3_protocols[protoidx].attr)); break; } @@ -3575,6 +3576,9 @@ ebiptablesApplyNewRules(const char *ifname, int nEbtChains = 0; char *errmsg = NULL; + if (inst == NULL) + nruleInstances = 0; + if (!chains_in_set || !chains_out_set) { virReportOOMError(); goto exit_free_sets;