Open gluster-ant opened 4 years ago
Time: 20120423T21:53:05 aavati at redhat commented: CHANGE: http://review.gluster.com/3145 (core: coverity issues fixed) merged in master by Anand Avati (avati@redhat.com)
Shows that most of the HIGH issues compared to earlier codebase are fixed now. Other than 'RESOURCE LEAK', we have most of the HIGH issues as false positive.
Time: 20120504T07:06:38 amarts at redhat commented: http://review.gluster.com/3265 && http://review.gluster.com/3266 sent, but looking at it, its better to take this bug as a ERRATA fix, and not a release blocker, because the changes involved to fix all of these are significant code change (and touches most part of the code), so QA will become very serious problem.
Taking it off the 'beta' blocker list.
Time: 20120509T07:41:30 aavati at redhat commented: CHANGE: http://review.gluster.com/3266 (geo-replication: coverity resource leak fixes) merged in master by Anand Avati (avati@redhat.com)
Time: 20120518T07:45:23 aavati at redhat commented: CHANGE: http://review.gluster.com/3345 (geo-rep / gsyncd.c: fix coverity fix) merged in master by Vijay Bellur (vijay@gluster.com)
Time: 20120606T12:40:30 amarts at redhat commented: Keep this open till we fix all the valid coverity warnings.
Time: 20120711T10:18:57 amarts at redhat commented: releng-test1.englab.brq.redhat.com/covscan/task/757/
Time: 20120712T02:11:29 vbellur at redhat commented: CHANGE: http://review.gluster.com/3589 (xlator options: remove overwritten data-self-heal initializer) merged in master by Anand Avati (avati@redhat.com)
Time: 20120712T02:13:17 vbellur at redhat commented: CHANGE: http://review.gluster.com/3594 (nfs-common: don't let 0-length path cause buf[-1] access) merged in master by Anand Avati (avati@redhat.com)
Time: 20120712T02:13:40 vbellur at redhat commented: CHANGE: http://review.gluster.com/3591 (glusterd: avoid buffer overrun for over-long volname) merged in master by Anand Avati (avati@redhat.com)
Time: 20120712T02:14:30 vbellur at redhat commented: CHANGE: http://review.gluster.com/3596 (gsyncd: don't let a bogus config file make us read/write buf[-1]) merged in master by Anand Avati (avati@redhat.com)
Time: 20120712T02:15:00 vbellur at redhat commented: CHANGE: http://review.gluster.com/3603 (read_conf: don't let a corrupt config file cause invalid line[-1] reference) merged in master by Anand Avati (avati@redhat.com)
Time: 20120712T02:17:27 vbellur at redhat commented: CHANGE: http://review.gluster.com/3646 (cli: print_brick_status: don't smash stack) merged in master by Anand Avati (avati@redhat.com)
Time: 20120712T02:18:09 vbellur at redhat commented: CHANGE: http://review.gluster.com/3606 (cli: cli_cmd_get_confirmation: don't reference answer[-1] for NUL input) merged in master by Anand Avati (avati@redhat.com)
Time: 20120712T02:35:00 vbellur at redhat commented: CHANGE: http://review.gluster.com/3648 (glusterfsd: don't ignore tmpfile write failure (2x)) merged in master by Anand Avati (avati@redhat.com)
Time: 20120712T07:27:30 vbellur at redhat commented: CHANGE: http://review.gluster.com/3647 (geo-rep: don't let unexpected status provoke undefined behavior) merged in master by Anand Avati (avati@redhat.com)
Time: 20120713T21:05:36 vbellur at redhat commented: CHANGE: http://review.gluster.com/3669 (gsyncd: don't dereference NULL upon failed realloc) merged in master by Anand Avati (avati@redhat.com)
Time: 20120713T21:06:42 vbellur at redhat commented: CHANGE: http://review.gluster.com/3670 (cli-xml-output.c: avoid NULL-deref upon OOM) merged in master by Anand Avati (avati@redhat.com)
Time: 20121221T11:16:39 amarts at redhat commented: considering this bug will be open forever (ie, coverity issues may be present in any versions, and will be valid for all versions), reducing the priority, and marking it as ON_DEV (to separate out from ASSIGNED state).
Time: 20140113T12:02:44 lmohanty at redhat commented: I was not aware of this bug, so have sent some patches as RFC to fix Coverity issues. Just to keep a track, I am putting the links of the patches here.
http://review.gluster.org/#/c/6626/ http://review.gluster.org/#/c/6667/ http://review.gluster.org/#/c/6313/ http://review.gluster.org/#/c/6645/
Time: 20140114T14:03:12 aavati at redhat commented: REVIEW: http://review.gluster.org/6697 (libgfapi: Fixing possible dereferencing of null pointer "glfd" Fix: Putting a check so that pointer derefrence does not happen when "gfld" is null) posted (#1) for review on master by Lalatendu Mohanty (lmohanty@redhat.com)
Time: 20140114T18:01:07 aavati at redhat commented: REVIEW: http://review.gluster.org/6700 (geo-rep: Fixing null pointer dereference of "op_value") posted (#1) for review on master by Lalatendu Mohanty (lmohanty@redhat.com)
Time: 20140114T18:57:17 aavati at redhat commented: REVIEW: http://review.gluster.org/6701 (core: Fixing Coverity issue "Use of uninitialized scalar variable") posted (#1) for review on master by Lalatendu Mohanty (lmohanty@redhat.com)
commit f3e227d525ee04a3ea0196f7a15aa9b1a8f8cae1 Author: Lalatendu Mohanty lmohanty@redhat.com Date: Tue Jan 14 23:24:50 2014 +0530
geo-rep: Fixing null pointer dereference of "op_value"
Change-Id: Id39743eaa5a52cc7fd4e2a1378a23384f5ef1fed
BUG: 789278
Signed-off-by: Lalatendu Mohanty <lmohanty@redhat.com>
Reviewed-on: http://review.gluster.org/6700
Reviewed-by: Avra Sengupta <asengupt@redhat.com>
Tested-by: Avra Sengupta <asengupt@redhat.com>
Time: 20140115T21:50:52 aavati at redhat commented: REVIEW: http://review.gluster.org/6697 (libgfapi: Fixing possible dereferencing of null pointer "glfd") posted (#2) for review on master by Anand Avati (avati@redhat.com)
commit c9008fe6a1a4d9c25c4b11804bcc9e5b6edf9bec Author: Lalatendu Mohanty lmohanty@redhat.com Date: Tue Jan 14 12:35:54 2014 +0530
libgfapi: Fixing possible dereferencing of null pointer "glfd"
Fix: Putting a check so that pointer derefrence does not happen
when "gfld" is null
Change-Id: I281b10be445bbeec3a2728fc139d5ac94372e5b6
BUG: 789278
Signed-off-by: Lalatendu Mohanty <lmohanty@redhat.com>
Reviewed-on: http://review.gluster.org/6697
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Shyamsundar Ranganathan <srangana@redhat.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
Time: 20140116T14:15:00 aavati at redhat commented: REVIEW: http://review.gluster.org/6701 (core: Fixing Coverity issue "Use of uninitialized scalar variable") posted (#2) for review on master by Lalatendu Mohanty (lmohanty@redhat.com)
Time: 20140116T15:10:49 aavati at redhat commented: REVIEW: http://review.gluster.org/6701 (core: Fixing Coverity issue "Use of uninitialized scalar variable") posted (#3) for review on master by Lalatendu Mohanty (lmohanty@redhat.com)
Time: 20140116T15:19:43 aavati at redhat commented: REVIEW: http://review.gluster.org/6701 (core: Coverity issue "Use of uninitialized scalar variable") posted (#4) for review on master by Lalatendu Mohanty (lmohanty@redhat.com)
commit 1ffc3ac9639e25c91ac26488b648d5523becb08e Author: Lalatendu Mohanty lmohanty@redhat.com Date: Tue Jan 14 23:50:51 2014 +0530
core: Coverity issue "Use of uninitialized scalar variable"
Issue:
1. In "unlink (export_path)" "export_path" might contain an arbitrary value left from earlier
computations.
2. In "(msg[0] != '\0')" msg might contain an arbitrary value
Change-Id: Icca8f557fd6b5e046dff1d5a84a72061975868d0
BUG: 789278
Signed-off-by: Lalatendu Mohanty <lmohanty@redhat.com>
Reviewed-on: http://review.gluster.org/6701
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
Time: 20140120T20:16:26 aavati at redhat commented: REVIEW: http://review.gluster.org/6738 (posix: Fix an incorrect alloca found by Coverity) posted (#1) for review on master by Ira Cooper (ira@redhat.com)
Time: 20140120T20:30:20 aavati at redhat commented: REVIEW: http://review.gluster.org/6739 (posix: Fix an incorrect alloca found by Coverity) posted (#1) for review on master by Ira Cooper (ira@redhat.com)
Time: 20140120T20:49:36 aavati at redhat commented: REVIEW: http://review.gluster.org/6740 (geo-rep: Fixing a memory leak issue reported by Coverity) posted (#1) for review on master by Lalatendu Mohanty (lmohanty@redhat.com)
Time: 20140120T21:00:47 aavati at redhat commented: REVIEW: http://review.gluster.org/6741 (quota: Fixing an incorrect GF_FREE on an array type value) posted (#1) for review on master by Lalatendu Mohanty (lmohanty@redhat.com)
Time: 20140120T21:19:23 aavati at redhat commented: REVIEW: http://review.gluster.org/6743 (mgmt: Fix resource leak found by Coverity.) posted (#1) for review on master by Ira Cooper (ira@redhat.com)
Time: 20140121T09:33:07 aavati at redhat commented: REVIEW: http://review.gluster.org/6749 (Fix for dereference null pointer Checking of frame before calling STACK_DESTROY (frame->root) Signed-off-by: surabhi sbhaloth@redhat.com) posted (#1) for review on master by Surabhi Bhalothia (surabhi.bhalothia@gmail.com)
Time: 20140121T09:36:03 aavati at redhat commented: REVIEW: http://review.gluster.org/6749 (core: Fix for dereference null pointer Checking of frame before calling STACK_DESTROY (frame->root) Signed-off-by: surabhi sbhaloth@redhat.com) posted (#2) for review on master by Surabhi Bhalothia (surabhi.bhalothia@gmail.com)
Time: 20140121T09:39:09 aavati at redhat commented: REVIEW: http://review.gluster.org/6749 (core:Fixing NULL dereference issue Checking of frame before calling STACK_DESTROY (frame->root) Signed-off-by: surabhi sbhaloth@redhat.com) posted (#3) for review on master by Surabhi Bhalothia (surabhi.bhalothia@gmail.com)
Time: 20140121T09:40:29 aavati at redhat commented: REVIEW: http://review.gluster.org/6749 (core:Fixing NULL dereference issue.) posted (#4) for review on master by Surabhi Bhalothia (surabhi.bhalothia@gmail.com)
Time: 20140122T01:52:02 aavati at redhat commented: REVIEW: http://review.gluster.org/6754 (glusterd: Fix memory leak of hostname.) posted (#1) for review on master by Ira Cooper (ira@redhat.com)
Time: 20140122T03:50:01 aavati at redhat commented: REVIEW: http://review.gluster.org/6755 (mgmt: Fix memory leak of brickid from gf_asprintf.) posted (#1) for review on master by Ira Cooper (ira@redhat.com)
commit 2fe405c808fdbc9109bced9ec52be9d79ca321e7 Author: Ira Cooper ira@samba.org Date: Tue Jan 21 20:42:22 2014 -0500
glusterd: Fix memory leak of hostname.
The if causes a goto that allows the GF_FREE to be missed.
BUG: 789278
Change-Id: Ic2c20b7623ea880b8ab2d11ebe510a62633a036d
CID: 1124785
Signed-off-by: Ira Cooper <ira@samba.org>
Reviewed-on: http://review.gluster.org/6754
Reviewed-by: Krishnan Parthasarathi <kparthas@redhat.com>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
commit 57edad947b4c43d7c8f05bac45c8e63c788f43ca Author: surabhi sbhaloth@redhat.com Date: Tue Jan 21 14:55:29 2014 +0530
core:Fixing NULL dereference issue.
1.Checking of frame before calling STACK_DESTROY (frame->root)
Signed-off-by: surabhi <sbhaloth@redhat.com>
Change-Id: I21d27a8b4e556c00cd123afe8512e010a1a1f80d
BUG: 789278
Signed-off-by: surabhi <sbhaloth@redhat.com>
Reviewed-on: http://review.gluster.org/6749
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
Time: 20140123T04:10:30 aavati at redhat commented: REVIEW: http://review.gluster.org/6763 (libgfapi: Fix pointer dereference before NULL check) posted (#1) for review on master by Jose A. Rivera (jarrpa@redhat.com)
Time: 20140123T19:54:22 aavati at redhat commented: REVIEW: http://review.gluster.org/6769 (cluster/stripe: Remove redundant code blocks) posted (#1) for review on master by Christopher R. Hertel (crh@redhat.com)
Time: 20140123T20:00:00 aavati at redhat commented: REVIEW: http://review.gluster.org/6769 (cluster/stripe: Remove redundant code blocks) posted (#2) for review on master by Christopher R. Hertel (crh@redhat.com)
Time: 20140123T21:53:54 aavati at redhat commented: REVIEW: http://review.gluster.org/6771 (cluster/dht: goto statements may cause loop exit before memory is freed.) posted (#1) for review on master by Christopher R. Hertel (crh@redhat.com)
commit 3340a896a15fdfbfff2777f3f53a472eb62ae2e9 Author: Christopher R. Hertel crh@redhat.com Date: Thu Jan 23 13:43:14 2014 -0600
cluster/stripe: Remove redundant code blocks
This appears to have been a cut&paste error. The same set of 12 lines
was repeated three times, causing a pointer to allocated memory to be
overwritten twice resulting in a memory leak.
This patch removes the redundant code.
BUG: 789278
CID: 1128915
Change-Id: I3e4a3703b389c00e2a4e99e0a7368c5a3dda74d0
Signed-off-by: Christopher R. Hertel <crh@redhat.com>
Reviewed-on: http://review.gluster.org/6769
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
commit 4ac61e7354d0c79e235e1b3be269a989ee0a83e6 Author: Christopher R. Hertel crh@redhat.com Date: Thu Jan 23 15:37:09 2014 -0600
cluster/dht: goto statements may cause loop exit before memory is freed.
Memory is allocated at the top of the while loop via a call to
gf_strdup(), but there are several goto calls that exit the loop, and
the memory is not freed before each of those calls to goto. This fix
moves the final call to GF_FREE() higher in the loop so that the memory
is correctly freed.
Two variables, dup_str and str_tmp1, point to portions of the allocated
memory. Neither are used past the final call to GF_FREE( dup_str ).
BUG: 789278
CID: 1124780
Change-Id: Id24b80cdbfd8b8855c80fffec63d7fce98cbed4a
Signed-off-by: Christopher R. Hertel <crh@redhat.com>
Reviewed-on: http://review.gluster.org/6771
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
commit bb63256b7ea1f186bbe3fae9040a6c191c9d6544 Author: Jose A. Rivera jarrpa@redhat.com Date: Wed Jan 22 21:51:42 2014 -0600
libgfapi: Fix pointer dereference before NULL check
Call to dict_keys_join dereferences xattr before it is checked
for NULL. Restructured the function to check for NULL earlier and
call dict_unref only when needed.
BUG: 789278
CID: 1124826
Change-Id: I732fa304ad6f3b921c589832d13f73bbd36f589c
Signed-off-by: Jose A. Rivera <jarrpa@redhat.com>
Reviewed-on: http://review.gluster.org/6763
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
URL: https://bugzilla.redhat.com/789278 Creator: ujjwala at redhat Time: 20120210T09:32:26
Description of problem: Ran coverity static analysis on Glusterfs-3.3.0qa21. Below is the summary report:
Analysis summary report:
Files analyzed : 215 Total LoC input to cov-analyze : 219946 Functions analyzed : 6428 Paths analyzed : 1189156 Defect occurrences found : 395 Total 6 ARRAY_VS_SINGLETON 4 BAD_FREE 1 CHAR_IO 38 CHECKED_RETURN 31 DEADCODE 122 FORWARD_NULL 6 MISSING_BREAK 16 NEGATIVE_RETURNS 26 NO_EFFECT 20 NULL_RETURNS 5 OVERRUN_STATIC 86 RESOURCE_LEAK 13 REVERSE_INULL 1 SIZECHECK 1 SIZEOF_MISMATCH 1 STRAY_SEMICOLON 2 UNINIT 5 UNREACHABLE 5 UNUSED_VALUE 2 USE_AFTER_FREE 4 VARARGS
Exceeded path limit of 5000 paths in 0.22% of functions (normally up to 5% of functions encounter this limitation)
Please contact me for the machine details.
Version-Release number of selected component (if applicable): Glusterfs-3.3.0qa21
How reproducible: Always
Steps to Reproduce:
Actual results:
Expected results:
Additional info: