Pull request #5036: http_inspect: fix coverity errors

author Juan David Martin Castillo -X (jmartinc - SOFTSERVE INC at Cisco) <jmartinc@cisco.com>

Mon, 15 Dec 2025 16:30:42 +0000 (16:30 +0000)

committer Rayen Mohanty (ramohant) <ramohant@cisco.com>

Mon, 15 Dec 2025 16:30:42 +0000 (16:30 +0000)
author Juan David Martin Castillo -X (jmartinc - SOFTSERVE INC at Cisco) <jmartinc@cisco.com>
Mon, 15 Dec 2025 16:30:42 +0000 (16:30 +0000)
committer Rayen Mohanty (ramohant) <ramohant@cisco.com>
Mon, 15 Dec 2025 16:30:42 +0000 (16:30 +0000)
diff --git a/src/decompress/file_olefile.cc b/src/decompress/file_olefile.cc

index 7a802abe1062a4147f261798806520b3a2f9d7e3..3f56a3a513ae95480a4daf8766b3849a0249ff7e 100644 (file)
--- a/src/decompress/file_olefile.cc
+++ b/src/decompress/file_olefile.cc
@@ -780,7 +780,10 @@ void OleFile :: find_and_extract_vba(uint8_t*& vba_buf, uint32_t& vba_buf_len)
  
      //Delete vba_buf if decompression could not happen
      if (!vba_buf_len)
+    {
          delete[] vba_buf;
+        vba_buf = nullptr;
+    }
  }
  
  // Beginning function of ole file processing.
diff --git a/src/service_inspectors/http_inspect/http_cutter.cc b/src/service_inspectors/http_inspect/http_cutter.cc

index bc0d8769bc012d8bb5230df1de0c683439473838..0368492fc3e013614de8069f00a7498179f6a7c9 100644 (file)
--- a/src/service_inspectors/http_inspect/http_cutter.cc
+++ b/src/service_inspectors/http_inspect/http_cutter.cc
@@ -305,7 +305,7 @@ HttpBodyCutter::HttpBodyCutter(bool accelerated_blocking_, ScriptFinder* finder_
      {
          if ((compression == CMP_GZIP) || (compression == CMP_DEFLATE))
          {
-            compress_stream = new z_stream;
+            compress_stream = new z_stream();
              compress_stream->zalloc = Z_NULL;
              compress_stream->zfree = Z_NULL;
              compress_stream->next_in = Z_NULL;
diff --git a/src/service_inspectors/http_inspect/http_msg_body.cc b/src/service_inspectors/http_inspect/http_msg_body.cc

index 4d1275722069b0943f31ac09437f9a5e2a3bbd0a..cc0b72804edee6f53753ed00ee36dc8c2df145a7 100644 (file)
--- a/src/service_inspectors/http_inspect/http_msg_body.cc
+++ b/src/service_inspectors/http_inspect/http_msg_body.cc
@@ -661,7 +661,6 @@ HttpJSNorm* HttpMsgBody::acquire_js_ctx_mime()
              return js_ctx;
  
          delete js_ctx;
-        js_ctx = nullptr;
      }
  
      JSNormConfig* jsn_config = get_inspection_policy()->jsn_config;
@@ -1023,8 +1022,10 @@ const Field& HttpMsgBody::get_decomp_vba_data()
      if (buf && buf_len)
          decompressed_vba_data.set(buf_len, buf, true);
      else
+    {
          decompressed_vba_data.set(STAT_NOT_PRESENT);
-
+        delete[] buf;
+    }
      return decompressed_vba_data;
  }
  
diff --git a/src/service_inspectors/http_inspect/http_uri_norm.cc b/src/service_inspectors/http_inspect/http_uri_norm.cc

index 2f0afa1067fa454ab6df735c841f8b1e6e5b3324..15b43c0a00300b8f7065b6a5620b29a798eb2590 100644 (file)
--- a/src/service_inspectors/http_inspect/http_uri_norm.cc
+++ b/src/service_inspectors/http_inspect/http_uri_norm.cc
@@ -537,9 +537,9 @@ void UriNormalizer::load_default_unicode_map(uint8_t map[MAP_SIZE])
  // __STRDUMP_ENABLE__
  
      std::string token;
-
      while (ss >> token)
      {
+        // coverity[tainted_scalar]
          const uint16_t ucode = strtol(token.c_str(), nullptr, 16);
          map[ucode] = strtol(token.c_str()+5, nullptr, 16);
      }
author	Juan David Martin Castillo -X (jmartinc - SOFTSERVE INC at Cisco) <jmartinc@cisco.com>
	Mon, 15 Dec 2025 16:30:42 +0000 (16:30 +0000)
committer	Rayen Mohanty (ramohant) <ramohant@cisco.com>
	Mon, 15 Dec 2025 16:30:42 +0000 (16:30 +0000)
src/decompress/file_olefile.cc		patch \| blob \| blame \| history
src/service_inspectors/http_inspect/http_cutter.cc		patch \| blob \| blame \| history
src/service_inspectors/http_inspect/http_msg_body.cc		patch \| blob \| blame \| history
src/service_inspectors/http_inspect/http_uri_norm.cc		patch \| blob \| blame \| history