From: Oliver Kurth <okurth@vmware.com>
Date: Tue, 12 Nov 2019 02:12:21 +0000 (-0800)
Subject: Address some issues reported by the Coverity scan of open-vm-tools.
X-Git-Tag: stable-11.1.0~168
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f3ecb1047c92f2d076029d066286e416790b9af3;p=thirdparty%2Fopen-vm-tools.git

Address some issues reported by the Coverity scan of open-vm-tools.

Fix or annotate issues reported in the Coverity scan of open-vm-tools,
as follows:

(1) Fix NULL pointer de-reference in failure case of
CopyStringListEntry.

(2) Add NULL pointer checks before dereferences in
VixMsg_DeObfuscateNamePassword.

(3) Annotate a false positive in VixMsg_EncodeString.

(4) Annotate and add an ASSERT to a false positive in
StrUtil_GetLongestLineLength.
---

diff --git a/open-vm-tools/lib/dataMap/dataMap.c b/open-vm-tools/lib/dataMap/dataMap.c
index dd1fce96f..72be2949f 100644
--- a/open-vm-tools/lib/dataMap/dataMap.c
+++ b/open-vm-tools/lib/dataMap/dataMap.c
@@ -1519,10 +1519,14 @@ CopyStringListEntry(DMKeyType fieldId,                  // IN
    }
 
    newList = (char **)calloc(listSize + 1, sizeof(char *));
+   if (newList == NULL) {
+      return DMERR_INSUFFICIENT_MEM;
+   }
+
    newLens = (int32 *)malloc(sizeof(int32) * listSize);
 
-   if (newList == NULL || newLens == NULL) {
-      FreeStringList(newList, newLens);
+   if (newLens == NULL) {
+      free(newList);
       return DMERR_INSUFFICIENT_MEM;
    }
 
diff --git a/open-vm-tools/lib/foundryMsg/foundryMsg.c b/open-vm-tools/lib/foundryMsg/foundryMsg.c
index 99d811a6b..3c9283c9e 100644
--- a/open-vm-tools/lib/foundryMsg/foundryMsg.c
+++ b/open-vm-tools/lib/foundryMsg/foundryMsg.c
@@ -1141,10 +1141,14 @@ VixMsg_DeObfuscateNamePassword(const char *packagedName,   // IN
       }
    }
 
-   *userNameResult = userName;
-   userName = NULL;
-   *passwordResult = passwd;
-   passwd = NULL;
+   if (NULL != userNameResult) {
+      *userNameResult = userName;
+      userName = NULL;
+   }
+   if (NULL != passwordResult) {
+      *passwordResult = passwd;
+      passwd = NULL;
+   }
 
 abort:
    Util_ZeroFree(packedString, packedStringLength);
@@ -1182,6 +1186,14 @@ VixMsg_EncodeString(const char *str,  // IN
       str = "";
    }
 
+   /*
+    * Coverity flags this as a buffer overrun in the case where str is
+    * assigned the empty string above, claiming that the underlying
+    * Base64_Encode function directly indexes the array str at index 2;
+    * however, that indexing is only done if the string length is greater
+    * than 2, and clearly strlen("") is 0.
+    */
+   /* coverity[overrun-buffer-val] */
    return VixMsgEncodeBuffer(str, strlen(str), TRUE, result);
 } // VixMsg_EncodeString
 
diff --git a/open-vm-tools/lib/misc/strutil.c b/open-vm-tools/lib/misc/strutil.c
index 5ce64ac35..5eb659a80 100644
--- a/open-vm-tools/lib/misc/strutil.c
+++ b/open-vm-tools/lib/misc/strutil.c
@@ -813,6 +813,8 @@ StrUtil_GetLongestLineLength(const char *buf,   //IN
        const char *next;
        size_t len;
 
+       ASSERT(buf != NULL);
+       /* coverity[var_deref_model] */
        next = memchr(buf, '\n', bufLength);
        if (next) {
           next++;