From 52e90b22ccc81538b61fe52b9a8bd37eb83b42eb Mon Sep 17 00:00:00 2001
From: John Ferlan <jferlan@redhat.com>
Date: Thu, 11 Sep 2014 17:01:12 -0400
Subject: [PATCH] virutil: Resolve Coverity RESOURCE_LEAK

This ends up being a very bizarre false positive. With an assist from
eblake, the claim is that mgetgroups() could return a -1 value, but yet
still have a groups buffer allocated, yet the example shown doesn't
seem to prove that.

Rather than fret about it, by adding a well placed sa_assert() on the
returned *list value we can "assure" ourselves that the mgetgroups()
failure path won't signal this condition.

Signed-off-by: John Ferlan <jferlan@redhat.com>
---
 src/util/virutil.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/util/virutil.c b/src/util/virutil.c
index 8d2f62a20c..519796928c 100644
--- a/src/util/virutil.c
+++ b/src/util/virutil.c
@@ -1063,6 +1063,7 @@ virGetGroupList(uid_t uid, gid_t gid, gid_t **list)
 
     ret = mgetgroups(user, primary, list);
     if (ret < 0) {
+        sa_assert(!*list);
         virReportSystemError(errno,
                              _("cannot get group list for '%s'"), user);
         goto cleanup;
-- 
2.47.2