[Gluster-devel] New Defects reported by Coverity Scan for gluster/glusterfs

scan-admin at coverity.com scan-admin at coverity.com
Sat Oct 3 15:37:24 UTC 2015


Hi,

Please find the latest report on new defect(s) introduced to gluster/glusterfs found with Coverity Scan.

137 new defect(s) introduced to gluster/glusterfs found with Coverity Scan.
171 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 20 of 137 defect(s)


** CID 1325650:  Memory - illegal accesses  (BUFFER_SIZE_WARNING)
/home/vijay/workspace/glusterfs/glusterfs/xlators/features/changelog/src/changelog-helpers.c: 1975 in resolve_pargfid_to_path()


________________________________________________________________________________________________________
*** CID 1325650:  Memory - illegal accesses  (BUFFER_SIZE_WARNING)
/home/vijay/workspace/glusterfs/glusterfs/xlators/features/changelog/src/changelog-helpers.c: 1975 in resolve_pargfid_to_path()
1969     
1970                     pgfidstr = strtok_r (linkname + strlen("../../00/00/"), "/",
1971                                          &saveptr);
1972                     dir_name = strtok_r (NULL, "/", &saveptr);
1973     
1974                     snprintf (result, PATH_MAX, "%s/%s", dir_name, pre_dir_name);
>>>     CID 1325650:  Memory - illegal accesses  (BUFFER_SIZE_WARNING)
>>>     Calling strncpy with a maximum size argument of 4096 bytes on destination array "pre_dir_name" of size 4096 bytes might leave the destination string unterminated.
1975                     strncpy (pre_dir_name, result, sizeof(pre_dir_name));
1976     
1977                     gf_uuid_parse (pgfidstr, tmp_gfid);
1978                     gf_uuid_copy (pargfid, tmp_gfid);
1979             }
1980     

** CID 1325649:  Error handling issues  (CHECKED_RETURN)
/home/vijay/workspace/glusterfs/glusterfs/xlators/storage/posix/src/posix.c: 4505 in posix_fsetxattr()


________________________________________________________________________________________________________
*** CID 1325649:  Error handling issues  (CHECKED_RETURN)
/home/vijay/workspace/glusterfs/glusterfs/xlators/storage/posix/src/posix.c: 4505 in posix_fsetxattr()
4499                     gf_msg (this->name, GF_LOG_WARNING, op_errno, P_MSG_PFD_NULL,
4500                             "pfd is NULL from fd=%p", fd);
4501                     goto out;
4502             }
4503             _fd = pfd->fd;
4504     
>>>     CID 1325649:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "posix_fdstat" without checking return value (as is done elsewhere 20 out of 21 times).
4505             posix_fdstat (this, pfd->fd, &stbuf);
4506     
4507             dict_del (dict, GFID_XATTR_KEY);
4508             dict_del (dict, GF_XATTR_VOL_ID_KEY);
4509     
4510             filler.fdnum = _fd;

** CID 1325648:  Error handling issues  (CHECKED_RETURN)
/home/vijay/workspace/glusterfs/glusterfs/xlators/cluster/afr/src/afr-self-heal-common.c: 1319 in afr_selfheal_do()


________________________________________________________________________________________________________
*** CID 1325648:  Error handling issues  (CHECKED_RETURN)
/home/vijay/workspace/glusterfs/glusterfs/xlators/cluster/afr/src/afr-self-heal-common.c: 1319 in afr_selfheal_do()
1313     	gf_boolean_t  metadata_selfheal = _gf_false;
1314     	gf_boolean_t  entry_selfheal    = _gf_false;
1315             afr_private_t *priv            = NULL;
1316             gf_boolean_t dataheal_enabled   = _gf_false;
1317     
1318             priv = this->private;
>>>     CID 1325648:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "gf_string2boolean" without checking return value (as is done elsewhere 81 out of 84 times).
1319             gf_string2boolean (priv->data_self_heal, &dataheal_enabled);
1320     
1321     	ret = afr_selfheal_unlocked_inspect (frame, this, gfid, &inode,
1322     					     &data_selfheal,
1323     					     &metadata_selfheal,
1324     					     &entry_selfheal);

** CID 1325647:  Error handling issues  (CHECKED_RETURN)
/home/vijay/workspace/glusterfs/glusterfs/xlators/features/marker/src/marker.c: 1156 in marker_rename_unwind()


________________________________________________________________________________________________________
*** CID 1325647:  Error handling issues  (CHECKED_RETURN)
/home/vijay/workspace/glusterfs/glusterfs/xlators/features/marker/src/marker.c: 1156 in marker_rename_unwind()
1150     
1151             if (local->stub != NULL) {
1152                     /* Remove contribution node from in-memory even if
1153                      * remove-xattr has failed as the rename is already performed
1154                      * if local->stub is set, which means rename was sucessful
1155                      */
>>>     CID 1325647:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "mq_inode_ctx_get" without checking return value (as is done elsewhere 11 out of 13 times).
1156                     mq_inode_ctx_get (oplocal->loc.inode, this, &ctx);
1157                     if (ctx) {
1158                             contri = mq_get_contribution_node (oplocal->loc.parent,
1159                                                                ctx);
1160                             if (contri) {
1161                                     QUOTA_FREE_CONTRIBUTION_NODE (ctx, contri);

** CID 1325646:  Error handling issues  (CHECKED_RETURN)
/home/vijay/workspace/glusterfs/glusterfs/xlators/features/marker/src/marker.c: 1329 in marker_do_rename()


________________________________________________________________________________________________________
*** CID 1325646:  Error handling issues  (CHECKED_RETURN)
/home/vijay/workspace/glusterfs/glusterfs/xlators/features/marker/src/marker.c: 1329 in marker_do_rename()
1323     
1324             GET_CONTRI_KEY (contri_key, oplocal->loc.parent->gfid, ret);
1325             if (ret < 0) {
1326                     local->err = errno ? errno : ENOMEM;
1327                     goto err;
1328             }
>>>     CID 1325646:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "quota_dict_get_meta" without checking return value (as is done elsewhere 6 out of 7 times).
1329             quota_dict_get_meta (dict, contri_key, &contribution);
1330             oplocal->contribution = contribution;
1331     
1332             STACK_WIND (frame, marker_rename_cbk, FIRST_CHILD(this),
1333                         FIRST_CHILD(this)->fops->rename, &oplocal->loc,
1334                         &local->loc, local->xdata);

** CID 1325645:  Error handling issues  (CHECKED_RETURN)
/home/vijay/workspace/glusterfs/glusterfs/xlators/cluster/afr/src/afr-common.c: 475 in afr_spb_choice_timeout_cancel()


________________________________________________________________________________________________________
*** CID 1325645:  Error handling issues  (CHECKED_RETURN)
/home/vijay/workspace/glusterfs/glusterfs/xlators/cluster/afr/src/afr-common.c: 475 in afr_spb_choice_timeout_cancel()
469     
470             if (!inode)
471                     return ret;
472     
473             LOCK(&inode->lock);
474             {
>>>     CID 1325645:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "__afr_inode_ctx_get" without checking return value (as is done elsewhere 6 out of 7 times).
475                     __afr_inode_ctx_get (this, inode, &ctx);
476                     if (!ctx) {
477                             gf_log (this->name, GF_LOG_WARNING, "Failed to cancel"
478                                     " split-brain choice timer.");
479                             goto out;
480                     }

** CID 1325644:  Error handling issues  (CHECKED_RETURN)
/home/vijay/workspace/glusterfs/glusterfs/heal/src/glfs-heal.c: 86 in glfsh_get_index_dir_loc()


________________________________________________________________________________________________________
*** CID 1325644:  Error handling issues  (CHECKED_RETURN)
/home/vijay/workspace/glusterfs/glusterfs/heal/src/glfs-heal.c: 86 in glfsh_get_index_dir_loc()
80                     *op_errno = -ret;
81                     goto out;
82             }
83             ret = glfsh_link_inode_update_loc (dirloc, &iattr);
84             if (ret)
85                     goto out;
>>>     CID 1325644:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "glfs_loc_touchup" without checking return value (as is done elsewhere 17 out of 19 times).
86             glfs_loc_touchup (dirloc);
87     
88             ret = 0;
89     out:
90             if (xattr)
91                     dict_unref (xattr);

** CID 1325643:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
/home/vijay/workspace/glusterfs/glusterfs/libglusterfs/src/dict.c: 2275 in dict_set_bin_common()


________________________________________________________________________________________________________
*** CID 1325643:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
/home/vijay/workspace/glusterfs/glusterfs/libglusterfs/src/dict.c: 2275 in dict_set_bin_common()
2269     dict_set_bin_common (dict_t *this, char *key, void *ptr, size_t size,
2270                          gf_boolean_t is_static)
2271     {
2272             data_t * data = NULL;
2273             int      ret  = 0;
2274     
>>>     CID 1325643:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
>>>     "size > 18446744073709551615UL /* 9223372036854775807L * 2UL + 1UL */" is always false regardless of the values of its operands. This occurs as the logical second operand of '||'.
2275             if (!ptr || (size > ULONG_MAX)) {
2276                     ret = -EINVAL;
2277                     goto err;
2278             }
2279     
2280             data = bin_to_data (ptr, size);

** CID 1325642:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
/home/vijay/workspace/glusterfs/glusterfs/xlators/cluster/stripe/src/stripe.c: 189 in stripe_lookup_cbk()


________________________________________________________________________________________________________
*** CID 1325642:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
/home/vijay/workspace/glusterfs/glusterfs/xlators/cluster/stripe/src/stripe.c: 189 in stripe_lookup_cbk()
183     
184             LOCK (&frame->lock);
185             {
186                     callcnt = --local->call_count;
187     
188                     if (op_ret == -1) {
>>>     CID 1325642:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
>>>     The "or" condition "op_errno != 2 || op_errno != 116" will always be true because "op_errno" cannot be equal to two different values at the same time, so it must be not equal to at least one of them.
189                             if ((op_errno != ENOENT) || (op_errno != ESTALE))
190                                     gf_log (this->name, GF_LOG_DEBUG,
191                                             "%s returned error %s",
192                                             prev->this->name,
193                                             strerror (op_errno));
194                             if (local->op_errno != ESTALE)

** CID 1325641:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
/home/vijay/workspace/glusterfs/glusterfs/xlators/cluster/dht/src/dht-rebalance.c: 1603 in gf_defrag_handle_migrate_error()


________________________________________________________________________________________________________
*** CID 1325641:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
/home/vijay/workspace/glusterfs/glusterfs/xlators/cluster/dht/src/dht-rebalance.c: 1603 in gf_defrag_handle_migrate_error()
1597                      -1 -> error, handle it */
1598     int32_t
1599     gf_defrag_handle_migrate_error (int32_t op_errno, gf_defrag_info_t *defrag)
1600     {
1601             /* if errno is not ENOSPC or ENOTCONN, we can still continue
1602                with rebalance process */
>>>     CID 1325641:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
>>>     The "or" condition "op_errno != 28 || op_errno != 107" will always be true because "op_errno" cannot be equal to two different values at the same time, so it must be not equal to at least one of them.
1603             if ((op_errno != ENOSPC) || (op_errno != ENOTCONN))
1604                     return 1;
1605     
1606             if (op_errno == ENOTCONN) {
1607                     /* Most probably mount point went missing (mostly due
1608                        to a brick down), say rebalance failure to user,

** CID 1325640:  Possible Control flow issues  (DEADCODE)
/home/vijay/workspace/glusterfs/glusterfs/libglusterfs/src/stack.h: 178 in STACK_DESTROY()


________________________________________________________________________________________________________
*** CID 1325640:  Possible Control flow issues  (DEADCODE)
/home/vijay/workspace/glusterfs/glusterfs/libglusterfs/src/stack.h: 178 in STACK_DESTROY()
172     
173     	GF_FREE (stack->groups_large);
174     
175             mem_put (stack);
176     
177             if (local)
>>>     CID 1325640:  Possible Control flow issues  (DEADCODE)
>>>     Execution cannot reach this statement: "mem_put(local);".
178                     mem_put (local);
179     }
180     
181     static inline void
182     STACK_RESET (call_stack_t *stack)
183     {

** CID 1325639:  Possible Control flow issues  (DEADCODE)
/home/vijay/workspace/glusterfs/glusterfs/libglusterfs/src/stack.h: 210 in STACK_RESET()


________________________________________________________________________________________________________
*** CID 1325639:  Possible Control flow issues  (DEADCODE)
/home/vijay/workspace/glusterfs/glusterfs/libglusterfs/src/stack.h: 210 in STACK_RESET()
204     
205             list_for_each_entry_safe (frame, tmp, &toreset, frames) {
206                     FRAME_DESTROY (frame);
207             }
208     
209             if (local)
>>>     CID 1325639:  Possible Control flow issues  (DEADCODE)
>>>     Execution cannot reach this statement: "mem_put(local);".
210                     mem_put (local);
211     }
212     
213     #define cbk(x) cbk_##x
214     
215     #define FRAME_SU_DO(frm, local_type)                                   \

** CID 1325638:  Control flow issues  (DEADCODE)
/home/vijay/workspace/glusterfs/glusterfs/xlators/features/quota/src/quota.c: 1404 in do_quota_check_limit()


________________________________________________________________________________________________________
*** CID 1325638:  Control flow issues  (DEADCODE)
/home/vijay/workspace/glusterfs/glusterfs/xlators/features/quota/src/quota.c: 1404 in do_quota_check_limit()
1398                     if (new_frame) {
1399                             new_frame->local = NULL;
1400                             STACK_DESTROY (new_frame->root);
1401                     }
1402     
1403                     if (new_local)
>>>     CID 1325638:  Control flow issues  (DEADCODE)
>>>     Execution cannot reach this statement: "quota_local_cleanup(new_loc...".
1404                             quota_local_cleanup (new_local);
1405             }
1406     
1407             return parent;
1408     }
1409     

** CID 1325637:  Control flow issues  (DEADCODE)
/home/vijay/workspace/glusterfs/glusterfs/xlators/mgmt/glusterd/src/glusterd-utils.c: 8069 in glusterd_volume_rebalance_use_rsp_dict()


________________________________________________________________________________________________________
*** CID 1325637:  Control flow issues  (DEADCODE)
/home/vijay/workspace/glusterfs/glusterfs/xlators/mgmt/glusterd/src/glusterd-utils.c: 8069 in glusterd_volume_rebalance_use_rsp_dict()
8063                              GD_MSG_OPCTX_GET_FAIL,
8064                              "Operation Context is not present");
8065                     goto out;
8066             }
8067     
8068             if (!ctx_dict)
>>>     CID 1325637:  Control flow issues  (DEADCODE)
>>>     Execution cannot reach this statement: "goto out;".
8069                     goto out;
8070     
8071             ret = dict_get_str (ctx_dict, "volname", &volname);
8072             if (ret) {
8073                     gf_msg ("glusterd", GF_LOG_ERROR, 0,
8074                             GD_MSG_DICT_GET_FAILED,

** CID 1325636:  Possible Control flow issues  (DEADCODE)
/home/vijay/workspace/glusterfs/glusterfs/xlators/cluster/dht/src/dht-rebalance.c: 2486 in gf_defrag_process_dir()


________________________________________________________________________________________________________
*** CID 1325636:  Possible Control flow issues  (DEADCODE)
/home/vijay/workspace/glusterfs/glusterfs/xlators/cluster/dht/src/dht-rebalance.c: 2486 in gf_defrag_process_dir()
2480             ret = 0;
2481     out:
2482     
2483             GF_FREE_DIR_DFMETA (dir_dfmeta);
2484     
2485             if (dict)
>>>     CID 1325636:  Possible Control flow issues  (DEADCODE)
>>>     Execution cannot reach this statement: "dict_unref(dict);".
2486                     dict_unref(dict);
2487     
2488             if (xattr_req)
2489                     dict_unref(xattr_req);
2490     
2491             if (fd)

** CID 1325635:  Control flow issues  (DEADCODE)
/home/vijay/workspace/glusterfs/glusterfs/xlators/features/marker/src/marker-quota.c: 1499 in mq_initiate_quota_task()


________________________________________________________________________________________________________
*** CID 1325635:  Control flow issues  (DEADCODE)
/home/vijay/workspace/glusterfs/glusterfs/xlators/features/marker/src/marker-quota.c: 1499 in mq_initiate_quota_task()
1493                              * txn
1494                              */
1495                             ret = mq_inode_ctx_get (parent_loc.inode, this,
1496                                                     &parent_ctx);
1497                             mq_set_ctx_dirty_status (parent_ctx, _gf_false);
1498                     } else {
>>>     CID 1325635:  Control flow issues  (DEADCODE)
>>>     Execution cannot reach this statement: "ret = mq_mark_dirty(this, &...".
1499                             ret = mq_mark_dirty (this, &parent_loc, 0);
1500                     }
1501             }
1502     
1503             if (locked)
1504                     ret = mq_lock (this, &parent_loc, F_UNLCK);

** CID 1325634:  Possible Control flow issues  (DEADCODE)
/home/vijay/workspace/glusterfs/glusterfs/cli/src/cli-cmd-volume.c: 1016 in do_cli_cmd_volume_detach_tier()


________________________________________________________________________________________________________
*** CID 1325634:  Possible Control flow issues  (DEADCODE)
/home/vijay/workspace/glusterfs/glusterfs/cli/src/cli-cmd-volume.c: 1016 in do_cli_cmd_volume_detach_tier()
1010             ret = dict_set_int32 (options, "count", 0);
1011             if (ret)
1012                     goto out;
1013     
1014             if (!(state->mode & GLUSTER_MODE_SCRIPT) && need_question) {
1015                     /* we need to ask question only in case of 'commit or force' */
>>>     CID 1325634:  Possible Control flow issues  (DEADCODE)
>>>     Execution cannot reach this statement: "answer = cli_cmd_get_confir...".
1016                     answer = cli_cmd_get_confirmation (state, question);
1017                     if (GF_ANSWER_NO == answer) {
1018                             ret = 0;
1019                             goto out;
1020                     }
1021             }

** CID 1325633:  Null pointer dereferences  (FORWARD_NULL)
/home/vijay/workspace/glusterfs/glusterfs/xlators/nfs/server/src/nfs3.c: 1675 in nfs3_access()


________________________________________________________________________________________________________
*** CID 1325633:  Null pointer dereferences  (FORWARD_NULL)
/home/vijay/workspace/glusterfs/glusterfs/xlators/nfs/server/src/nfs3.c: 1675 in nfs3_access()
1669             ret = nfs3_fh_resolve_and_resume (cs, fh, NULL, nfs3_access_resume);
1670             if (ret < 0)
1671                     stat = nfs3_errno_to_nfsstat3 (-ret);
1672     
1673     nfs3err:
1674             if (ret < 0) {
>>>     CID 1325633:  Null pointer dereferences  (FORWARD_NULL)
>>>     Dereferencing null pointer "cs".
1675                     nfs3_log_common_res (rpcsvc_request_xid (req),
1676                                          NFS3_ACCESS, stat, -ret,
1677                                          cs->resolvedloc.path);
1678                     nfs3_access_reply (req, stat, 0, 0);
1679                     nfs3_call_state_wipe (cs);
1680                     ret = 0;

** CID 1325632:  Null pointer dereferences  (FORWARD_NULL)
/home/vijay/workspace/glusterfs/glusterfs/xlators/nfs/server/src/nfs3.c: 1823 in nfs3_readlink()


________________________________________________________________________________________________________
*** CID 1325632:  Null pointer dereferences  (FORWARD_NULL)
/home/vijay/workspace/glusterfs/glusterfs/xlators/nfs/server/src/nfs3.c: 1823 in nfs3_readlink()
1817             ret = nfs3_fh_resolve_and_resume (cs, fh, NULL, nfs3_readlink_resume);
1818             if (ret < 0)
1819                     stat = nfs3_errno_to_nfsstat3 (-ret);
1820     
1821     nfs3err:
1822             if (ret < 0) {
>>>     CID 1325632:  Null pointer dereferences  (FORWARD_NULL)
>>>     Dereferencing null pointer "cs".
1823                     nfs3_log_common_res (rpcsvc_request_xid (req),
1824                                          NFS3_READLINK, stat, -ret,
1825                                          cs->resolvedloc.path);
1826                     nfs3_readlink_reply (req, stat, NULL, NULL);
1827                     nfs3_call_state_wipe (cs);
1828                     /* Ret must be 0 after this so that the caller does not

** CID 1325631:  Null pointer dereferences  (FORWARD_NULL)
/home/vijay/workspace/glusterfs/glusterfs/xlators/nfs/server/src/nfs3.c: 3544 in nfs3_remove()


________________________________________________________________________________________________________
*** CID 1325631:  Null pointer dereferences  (FORWARD_NULL)
/home/vijay/workspace/glusterfs/glusterfs/xlators/nfs/server/src/nfs3.c: 3544 in nfs3_remove()
3538             ret = nfs3_fh_resolve_and_resume (cs, fh, name, nfs3_remove_resume);
3539             if (ret < 0)
3540                     stat = nfs3_errno_to_nfsstat3 (-ret);
3541     
3542     nfs3err:
3543             if (ret < 0) {
>>>     CID 1325631:  Null pointer dereferences  (FORWARD_NULL)
>>>     Dereferencing null pointer "cs".
3544                     nfs3_log_common_res (rpcsvc_request_xid (req),
3545                                          NFS3_REMOVE, stat, -ret,
3546                                          cs->resolvedloc.path);
3547                     nfs3_remove_reply (req, stat, NULL, NULL);
3548                     nfs3_call_state_wipe (cs);
3549                     /* Ret must be 0 after this so that the caller does not


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/gluster-glusterfs?tab=overview

To manage Coverity Scan email notifications for "gluster-devel at gluster.org", click https://scan.coverity.com/subscriptions/edit?email=gluster-devel%40gluster.org&token=7dffab14bc5a7180e75b0d047539f148



More information about the Gluster-devel mailing list