From: Kruti Date: Fri, 7 Jun 2024 16:55:03 +0000 (-0700) Subject: Fixes for issues found in Coverity scan. X-Git-Tag: stable-12.4.5~17 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0d4abd5e8b920058685199adc356836d0e4dd7f3;p=thirdparty%2Fopen-vm-tools.git Fixes for issues found in Coverity scan. vgauth/serviceImpl/saml-xmlsec1.c issue: 'string_null' for strlen(pemCert) impact: False-positive fix: suppress 'string_null' issue: leaked_storage: certChain is not cleaned up on error. impact: Memory is leaked on the error path. fix: Add line before return to free certChain. vgauth/common/i18n.c issue: 'leaked_storage' for "name" variable impact: False-positive fix: suppress 'leaked_storage' lib/file/file.c issue: use_after_free for 'src' pointer impact: False-positive fix: suppress 'use_after_free' services/plugins/serviceDiscovery/serviceDiscovery.c issue: overrun-local: gdpErrMsgs array contains one less entry then there are enum defined. impact: Valid but the function never return the GDP_ERR_MAX enum. fix: in gdp.h, add an error entry for GDP_ERR_MAX this way gdpErrMsgs will generate all entries. lib/file/fileLockPosix.c issue: string_null for 'buffer' not being null terminated. impact: False-positive fix: suppress 'string_null' --- diff --git a/open-vm-tools/lib/file/file.c b/open-vm-tools/lib/file/file.c index ffe49417b..246864ba5 100644 --- a/open-vm-tools/lib/file/file.c +++ b/open-vm-tools/lib/file/file.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 1998-2023 VMware, Inc. All rights reserved. + * Copyright (c) 1998-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -2419,6 +2420,7 @@ FileRotateByRename(const char *fileName, // IN: full path to file ASSERT(dst != fileName); Posix_Free(dst); + /* coverity[use_after_free] */ dst = src; } } diff --git a/open-vm-tools/lib/file/fileLockPosix.c b/open-vm-tools/lib/file/fileLockPosix.c index 8dec054ae..2cd388e80 100644 --- a/open-vm-tools/lib/file/fileLockPosix.c +++ b/open-vm-tools/lib/file/fileLockPosix.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2006-2019 VMware, Inc. All rights reserved. + * Copyright (c) 2006-2019,2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -238,6 +239,7 @@ FileLockProcessDescriptor(pid_t pid) // IN: * properly handled. */ + /* coverity[string_null] */ p = strchr(buffer, '('); if ((p == NULL) || (p == buffer) || (*(p - 1) != ' ')) { diff --git a/open-vm-tools/lib/include/vmware/tools/gdp.h b/open-vm-tools/lib/include/vmware/tools/gdp.h index ec59e06b5..a3077b476 100644 --- a/open-vm-tools/lib/include/vmware/tools/gdp.h +++ b/open-vm-tools/lib/include/vmware/tools/gdp.h @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2020-2021,2023 VMware, Inc. All rights reserved. + * Copyright (c) 2020-2021,2023-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -92,6 +93,8 @@ extern "C++" { * - GdpEnum name * - error-id string id * - Default error message string + * + * GDP_ERR_MAX item MUST BE LAST */ #define GDP_ERR_LIST \ GDP_ERR_ITEM(GDP_ERROR_SUCCESS = 0, \ @@ -117,7 +120,10 @@ extern "C++" { "Operation timed out") \ GDP_ERR_ITEM(GDP_ERROR_NO_SUBSCRIBERS, \ "no-subscribers", \ - "No subscribers for data") + "No subscribers for data") \ + GDP_ERR_ITEM(GDP_ERR_MAX, \ + "last-error", \ + "last-error") /* * GdpError codes enum. @@ -125,7 +131,6 @@ extern "C++" { #define GDP_ERR_ITEM(a, b, c) a, typedef enum GdpError { GDP_ERR_LIST - GDP_ERR_MAX } GdpError; #undef GDP_ERR_ITEM diff --git a/open-vm-tools/vgauth/common/i18n.c b/open-vm-tools/vgauth/common/i18n.c index 6377f335f..a8d1310bf 100644 --- a/open-vm-tools/vgauth/common/i18n.c +++ b/open-vm-tools/vgauth/common/i18n.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (C) 2011-2019 VMware, Inc. All rights reserved. + * Copyright (c) 2011-2019,2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -622,6 +623,7 @@ MsgLoadCatalog(const char *path) * If the local DictLL_UnmarshalLine() returns NULL, name and value * will remain NULL pointers. No malloc'ed memory to free here. */ + /* coverity[leaked_storage] */ break; } diff --git a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c index f0b83f73d..917e49f4b 100644 --- a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c +++ b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c @@ -1,5 +1,6 @@ /********************************************************* - * Copyright (c) 2016-2023 VMware, Inc. All rights reserved. + * Copyright (c) 2016-2024 Broadcom. All rights reserved. + * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -1222,6 +1223,7 @@ BuildCertChain(xmlNodePtr x509Node, /* * Add cert to the keymanager. */ + /* coverity[string_null] */ ret = xmlSecCryptoAppKeysMngrCertLoadMemory(mgr, pemCert, (xmlSecSize) strlen(pemCert), @@ -1734,6 +1736,7 @@ SAML_VerifyBearerTokenAndChain(const char *xmlText, if (err != VGAUTH_E_OK) { VMXLog_Log(VMXLOG_LEVEL_WARNING, "Unrelated certs found in SAML token, failing\n"); + FreeCertArray(num, certChain); return VGAUTH_E_AUTHENTICATION_DENIED; } }