nwfilter: address coverity findings

This patch addresses the following coverity findings: /libvirt/src/conf/nwfilter_params.c:157: deref_parm: Directly dereferencing parameter "val". /libvirt/src/conf/nwfilter_params.c:473: negative_returns: Using variable "iterIndex" as an index to array "res->iter". /libvirt/src/nwfilter/nwfilter_ebiptables_driver.c:2891: unchecked_value: No check of the return value of "virAsprintf(&protostr, "-d 01:80:c2:00:00:00 ")". /libvirt/src/nwfilter/nwfilter_ebiptables_driver.c:2894: unchecked_value: No check of the return value of "virAsprintf(&protostr, "-p 0x%04x ", l3_protocols[protoidx].attr)". /libvirt/src/nwfilter/nwfilter_ebiptables_driver.c:3590: var_deref_op: Dereferencing null variable "inst".

nwfilter: address coverity findings
This patch addresses the following coverity findings: /libvirt/src/conf/nwfilter_params.c:157: deref_parm: Directly dereferencing parameter "val". /libvirt/src/conf/nwfilter_params.c:473: negative_returns: Using variable "iterIndex" as an index to array "res->iter". /libvirt/src/nwfilter/nwfilter_ebiptables_driver.c:2891: unchecked_value: No check of the return value of "virAsprintf(&protostr, "-d 01:80:c2:00:00:00 ")". /libvirt/src/nwfilter/nwfilter_ebiptables_driver.c:2894: unchecked_value: No check of the return value of "virAsprintf(&protostr, "-p 0x%04x ", l3_protocols[protoidx].attr)". /libvirt/src/nwfilter/nwfilter_ebiptables_driver.c:3590: var_deref_op: Dereferencing null variable "inst".
9c1ce3dc · Stefan Berger · Stefan Berger · 9586925b · 9c1ce3dc · 9c1ce3dc
隐藏空白更改
内联并排

Showing with 10 addition and 3 deletion

src/conf/nwfilter_params.c src/conf/nwfilter_params.c +4 -1

src/nwfilter/nwfilter_ebiptables_driver.c src/nwfilter/nwfilter_ebiptables_driver.c +6 -2

未找到文件。
--- a/src/conf/nwfilter_params.c
+++ b/src/conf/nwfilter_params.c
@@ -154,6 +154,9 @@ virNWFilterVarValueGetNthValue(virNWFilterVarValuePtr val, unsigned int idx)
 {
    const char *res = NULL;
+    if (!val)
+        return NULL;
    switch (val->valType) {
    case NWFILTER_VALUE_TYPE_SIMPLE:
        if (idx == 0)
@@ -467,7 +470,7 @@ virNWFilterVarCombIterCreate(virNWFilterHashTablePtr hash,
            res->nIter++;
            break;
        case VIR_NWFILTER_VAR_ACCESS_LAST:
-            break;
+            goto err_exit;
        }
        if (virNWFilterVarCombIterAddVariable(&res->iter[iterIndex],

--- a/src/nwfilter/nwfilter_ebiptables_driver.c
+++ b/src/nwfilter/nwfilter_ebiptables_driver.c
@@ -2888,10 +2888,11 @@ ebtablesCreateTmpSubChain(ebiptablesRuleInstPtr *inst,
        protostr = strdup("");
        break;
    case L2_PROTO_STP_IDX:
-        virAsprintf(&protostr, "-d " NWFILTER_MAC_BGA " ");
+        ignore_value(virAsprintf(&protostr, "-d " NWFILTER_MAC_BGA " "));
        break;
    default:
-        virAsprintf(&protostr, "-p 0x%04x ", l3_protocols[protoidx].attr);
+        ignore_value(virAsprintf(&protostr, "-p 0x%04x ",
+                     l3_protocols[protoidx].attr));
        break;
    }
@@ -3589,6 +3590,9 @@ ebiptablesApplyNewRules(const char *ifname,
    int nEbtChains = 0;
    char *errmsg = NULL;
+    if (inst == NULL)
+        nruleInstances = 0;
    if (!chains_in_set || !chains_out_set) {
        virReportOOMError();
        goto exit_free_sets;