From: Juan David Martin Castillo -X (jmartinc - SOFTSERVE INC at Cisco) <jmartinc@cisco.com>
Date: Mon, 15 Dec 2025 16:30:42 +0000 (+0000)
Subject: Pull request #5036: http_inspect: fix coverity errors
X-Git-Tag: 3.10.1.0~20
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1880f7a4aedaa2dbed94acd1ddca565493508d60;p=thirdparty%2Fsnort3.git

Pull request #5036: http_inspect: fix coverity errors

Merge in SNORT/snort3 from ~JMARTINC/snort3:cov_fix to master

Squashed commit of the following:

commit cc8ae063c7b71257df2f61550fbfb2d8819ee392
Author: Juan David Martin Castillo <jmartinc@cisco.com>
Date:   Wed Nov 26 12:54:25 2025 -0500

    http_inspect: fix coverity error
---

diff --git a/src/decompress/file_olefile.cc b/src/decompress/file_olefile.cc
index 7a802abe1..3f56a3a51 100644
--- a/src/decompress/file_olefile.cc
+++ b/src/decompress/file_olefile.cc
@@ -780,7 +780,10 @@ void OleFile :: find_and_extract_vba(uint8_t*& vba_buf, uint32_t& vba_buf_len)
 
     //Delete vba_buf if decompression could not happen
     if (!vba_buf_len)
+    {
         delete[] vba_buf;
+        vba_buf = nullptr;
+    }
 }
 
 // Beginning function of ole file processing.
diff --git a/src/service_inspectors/http_inspect/http_cutter.cc b/src/service_inspectors/http_inspect/http_cutter.cc
index bc0d8769b..0368492fc 100644
--- a/src/service_inspectors/http_inspect/http_cutter.cc
+++ b/src/service_inspectors/http_inspect/http_cutter.cc
@@ -305,7 +305,7 @@ HttpBodyCutter::HttpBodyCutter(bool accelerated_blocking_, ScriptFinder* finder_
     {
         if ((compression == CMP_GZIP) || (compression == CMP_DEFLATE))
         {
-            compress_stream = new z_stream;
+            compress_stream = new z_stream();
             compress_stream->zalloc = Z_NULL;
             compress_stream->zfree = Z_NULL;
             compress_stream->next_in = Z_NULL;
diff --git a/src/service_inspectors/http_inspect/http_msg_body.cc b/src/service_inspectors/http_inspect/http_msg_body.cc
index 4d1275722..cc0b72804 100644
--- a/src/service_inspectors/http_inspect/http_msg_body.cc
+++ b/src/service_inspectors/http_inspect/http_msg_body.cc
@@ -661,7 +661,6 @@ HttpJSNorm* HttpMsgBody::acquire_js_ctx_mime()
             return js_ctx;
 
         delete js_ctx;
-        js_ctx = nullptr;
     }
 
     JSNormConfig* jsn_config = get_inspection_policy()->jsn_config;
@@ -1023,8 +1022,10 @@ const Field& HttpMsgBody::get_decomp_vba_data()
     if (buf && buf_len)
         decompressed_vba_data.set(buf_len, buf, true);
     else
+    {
         decompressed_vba_data.set(STAT_NOT_PRESENT);
-
+        delete[] buf;
+    }
     return decompressed_vba_data;
 }
 
diff --git a/src/service_inspectors/http_inspect/http_uri_norm.cc b/src/service_inspectors/http_inspect/http_uri_norm.cc
index 2f0afa106..15b43c0a0 100644
--- a/src/service_inspectors/http_inspect/http_uri_norm.cc
+++ b/src/service_inspectors/http_inspect/http_uri_norm.cc
@@ -537,9 +537,9 @@ void UriNormalizer::load_default_unicode_map(uint8_t map[MAP_SIZE])
 // __STRDUMP_ENABLE__
 
     std::string token;
-
     while (ss >> token)
     {
+        // coverity[tainted_scalar]
         const uint16_t ucode = strtol(token.c_str(), nullptr, 16);
         map[ucode] = strtol(token.c_str()+5, nullptr, 16);
     }