aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDaniel P. Berrange <berrange@redhat.com>2015-11-13 17:45:27 +0000
committerMichael Tokarev <mjt@tls.msk.ru>2015-12-04 09:39:55 +0300
commit0e1d02452bf2c3486406dd48524a5b1de3c0eba8 (patch)
tree351554876a7e6e6b2f3a8dd651758266fbe65d1c
parent0ef74c7496fd3c526b2259f86326eca4b3a03b78 (diff)
downloadqemu-0e1d02452bf2c3486406dd48524a5b1de3c0eba8.tar.gz
qemu-0e1d02452bf2c3486406dd48524a5b1de3c0eba8.tar.xz
qemu-0e1d02452bf2c3486406dd48524a5b1de3c0eba8.zip
crypto: avoid two coverity false positive error reports
In qcrypto_tls_creds_get_path() coverity complains that we are checking '*creds' for NULL, despite having dereferenced it previously. This is harmless bug due to fact that the trace call was too early. Moving it after the cleanup gets the desired semantics. In qcrypto_tls_creds_check_cert_key_purpose() coverity complains that we're passing a pointer to a previously free'd buffer into gnutls_x509_crt_get_key_purpose_oid() This is harmless because we're passing a size == 0, so gnutls won't access the buffer, but rather just report what size it needs to be. We can avoid it though by explicitly setting the buffer to NULL after free'ing it. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
-rw-r--r--crypto/tlscreds.c4
-rw-r--r--crypto/tlscredsx509.c1
2 files changed, 3 insertions, 2 deletions
diff --git a/crypto/tlscreds.c b/crypto/tlscreds.c
index 5ec982c6e..e7d9c1cfa 100644
--- a/crypto/tlscreds.c
+++ b/crypto/tlscreds.c
@@ -123,10 +123,10 @@ qcrypto_tls_creds_get_path(QCryptoTLSCreds *creds,
goto cleanup;
}
- trace_qcrypto_tls_creds_get_path(creds, filename,
- *cred ? *cred : "<none>");
ret = 0;
cleanup:
+ trace_qcrypto_tls_creds_get_path(creds, filename,
+ *cred ? *cred : "<none>");
return ret;
}
diff --git a/crypto/tlscredsx509.c b/crypto/tlscredsx509.c
index d080deb83..26f18cbb4 100644
--- a/crypto/tlscredsx509.c
+++ b/crypto/tlscredsx509.c
@@ -255,6 +255,7 @@ qcrypto_tls_creds_check_cert_key_purpose(QCryptoTLSCredsX509 *creds,
}
g_free(buffer);
+ buffer = NULL;
}
if (isServer) {