From: John Ferlan <jferlan@redhat.com>
Date: Thu, 11 Sep 2014 21:01:12 +0000 (-0400)
Subject: virutil: Resolve Coverity RESOURCE_LEAK
X-Git-Tag: CVE-2014-3633~72
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=52e90b22ccc81538b61fe52b9a8bd37eb83b42eb;p=thirdparty%2Flibvirt.git

virutil: Resolve Coverity RESOURCE_LEAK

This ends up being a very bizarre false positive. With an assist from
eblake, the claim is that mgetgroups() could return a -1 value, but yet
still have a groups buffer allocated, yet the example shown doesn't
seem to prove that.

Rather than fret about it, by adding a well placed sa_assert() on the
returned *list value we can "assure" ourselves that the mgetgroups()
failure path won't signal this condition.

Signed-off-by: John Ferlan <jferlan@redhat.com>
---

diff --git a/src/util/virutil.c b/src/util/virutil.c
index 8d2f62a20c..519796928c 100644
--- a/src/util/virutil.c
+++ b/src/util/virutil.c
@@ -1063,6 +1063,7 @@ virGetGroupList(uid_t uid, gid_t gid, gid_t **list)
 
     ret = mgetgroups(user, primary, list);
     if (ret < 0) {
+        sa_assert(!*list);
         virReportSystemError(errno,
                              _("cannot get group list for '%s'"), user);
         goto cleanup;