From: Oliver Kurth Date: Wed, 1 Apr 2020 18:31:36 +0000 (-0700) Subject: Annotate a Coverity false positive. X-Git-Tag: stable-11.2.0~275 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ef20d06e9b2e3fbe8e7f6f709c4707ebf7c57d72;p=thirdparty%2Fopen-vm-tools.git Annotate a Coverity false positive. The open-vm-tools Coverity scan reports a NULL pointer dereference for the variable untrustedCerts. However, untrustedCerts is NULL only if no untrusted certs are found, in which case the code that dereferences untrustedCerts isn't executed. --- diff --git a/open-vm-tools/vgauth/serviceImpl/verify.c b/open-vm-tools/vgauth/serviceImpl/verify.c index 1a47c6c1b..7e5b31d70 100644 --- a/open-vm-tools/vgauth/serviceImpl/verify.c +++ b/open-vm-tools/vgauth/serviceImpl/verify.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2011-2019 VMware, Inc. All rights reserved. + * Copyright (C) 2011-2020 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -305,6 +305,7 @@ ServiceVerifyAndCheckTrustCertChainForSubject(int numCerts, numTrusted--; leafCert = trustedCerts[0]; memmove(trustedCerts, &(trustedCerts[1]), sizeof(*trustedCerts) * numTrusted); + /* coverity[var_deref_op] */ } else if (g_strcmp0(pemCertChain[0], untrustedCerts[0]) == 0) { numUntrusted--; leafCert = untrustedCerts[0];