Address some issues reported by the Coverity scan of open-vm-tools.

Fix or annotate issues reported in the Coverity scan of open-vm-tools,
as follows:

(1) Fix NULL pointer de-reference in failure case of
CopyStringListEntry.

(2) Add NULL pointer checks before dereferences in
VixMsg_DeObfuscateNamePassword.

(3) Annotate a false positive in VixMsg_EncodeString.

(4) Annotate and add an ASSERT to a false positive in
StrUtil_GetLongestLineLength.

diff --git a/open-vm-tools/lib/dataMap/dataMap.c b/open-vm-tools/lib/dataMap/dataMap.c
index dd1fce96f9992cdc250a435adb15b8fa9d2c0a3d..72be2949f454138fd21d177b96656e0f1283aea2 100644 (file)
--- a/open-vm-tools/lib/dataMap/dataMap.c
+++ b/open-vm-tools/lib/dataMap/dataMap.c
@@ -1519,10 +1519,14 @@ CopyStringListEntry(DMKeyType fieldId,                  // IN
    }
 
    newList = (char **)calloc(listSize + 1, sizeof(char *));
+   if (newList == NULL) {
+      return DMERR_INSUFFICIENT_MEM;
+   }
+
    newLens = (int32 *)malloc(sizeof(int32) * listSize);
 
-   if (newList == NULL || newLens == NULL) {
-      FreeStringList(newList, newLens);
+   if (newLens == NULL) {
+      free(newList);
       return DMERR_INSUFFICIENT_MEM;
    }
 

diff --git a/open-vm-tools/lib/foundryMsg/foundryMsg.c b/open-vm-tools/lib/foundryMsg/foundryMsg.c
index 99d811a6b80af60ae64bf1adcc1ec2e8a9d0a77c..3c9283c9e5e749dbca9bd229b7226fe515cbd196 100644 (file)
--- a/open-vm-tools/lib/foundryMsg/foundryMsg.c
+++ b/open-vm-tools/lib/foundryMsg/foundryMsg.c
@@ -1141,10 +1141,14 @@ VixMsg_DeObfuscateNamePassword(const char *packagedName,   // IN
       }
    }
 
-   *userNameResult = userName;
-   userName = NULL;
-   *passwordResult = passwd;
-   passwd = NULL;
+   if (NULL != userNameResult) {
+      *userNameResult = userName;
+      userName = NULL;
+   }
+   if (NULL != passwordResult) {
+      *passwordResult = passwd;
+      passwd = NULL;
+   }
 
 abort:
    Util_ZeroFree(packedString, packedStringLength);
@@ -1182,6 +1186,14 @@ VixMsg_EncodeString(const char *str,  // IN
       str = "";
    }
 
+   /*
+    * Coverity flags this as a buffer overrun in the case where str is
+    * assigned the empty string above, claiming that the underlying
+    * Base64_Encode function directly indexes the array str at index 2;
+    * however, that indexing is only done if the string length is greater
+    * than 2, and clearly strlen("") is 0.
+    */
+   /* coverity[overrun-buffer-val] */
    return VixMsgEncodeBuffer(str, strlen(str), TRUE, result);
 } // VixMsg_EncodeString
 

diff --git a/open-vm-tools/lib/misc/strutil.c b/open-vm-tools/lib/misc/strutil.c
index 5ce64ac354d6ae8cb8db579a3c7a8eed1b4d04b7..5eb659a80bcaa0da04f776297fbcff7d421a843f 100644 (file)
--- a/open-vm-tools/lib/misc/strutil.c
+++ b/open-vm-tools/lib/misc/strutil.c
@@ -813,6 +813,8 @@ StrUtil_GetLongestLineLength(const char *buf,   //IN
        const char *next;
        size_t len;
 
+       ASSERT(buf != NULL);
+       /* coverity[var_deref_model] */
        next = memchr(buf, '\n', bufLength);
        if (next) {
           next++;