[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-trivial] [Qemu-devel] [PATCH] crypto: avoid two coverity false

From: Eric Blake
Subject: Re: [Qemu-trivial] [Qemu-devel] [PATCH] crypto: avoid two coverity false positive error reports
Date: Fri, 13 Nov 2015 14:41:26 -0700
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0

On 11/13/2015 10:45 AM, Daniel P. Berrange wrote:
> In qcrypto_tls_creds_get_path() coverity complains that
> we are checking '*creds' for NULL, despite having
> dereferenced it previously. This is harmless bug due
> to fact that the trace call was too early. Moving it
> after the cleanup gets the desired semantics.
> In qcrypto_tls_creds_check_cert_key_purpose() coverity
> complains that we're passing a pointer to a previously
> free'd buffer into gnutls_x509_crt_get_key_purpose_oid()
> This is harmless because we're passing a size == 0, so
> gnutls won't access the buffer, but rather just report
> what size it needs to be. We can avoid it though by
> explicitly setting the buffer to NULL after free'ing
> it.
> Signed-off-by: Daniel P. Berrange <address@hidden>
> ---
>  crypto/tlscreds.c     | 4 ++--
>  crypto/tlscredsx509.c | 1 +
>  2 files changed, 3 insertions(+), 2 deletions(-)

Reviewed-by: Eric Blake <address@hidden>

Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]