From c0ef415862b43a30590877c9f4dd16fced88fd83 Mon Sep 17 00:00:00 2001 From: Luca Boccassi Date: Thu, 25 Mar 2021 10:49:06 +0000 Subject: [PATCH 1/2] test-firewall-util: add more asserts on allocated variables Makes things nicer for readers, and hopefully gives static analyzers a hint on the origin/cleanup of the ctx pointer. Coverity CID #1451399 --- src/test/test-firewall-util.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/test/test-firewall-util.c b/src/test/test-firewall-util.c index abc28d500d..dfde01a678 100644 --- a/src/test/test-firewall-util.c +++ b/src/test/test-firewall-util.c @@ -14,6 +14,8 @@ static void test_v6(FirewallContext *ctx) { uint8_t prefixlen; int r; + assert_se(ctx); + log_info("/* %s(backend=%s) */", __func__, firewall_backend_to_string(ctx->backend)); if (!socket_ipv6_is_supported()) @@ -46,6 +48,7 @@ static void test_v6(FirewallContext *ctx) { static union in_addr_union *parse_addr(const char *str, union in_addr_union *u) { assert(str); + assert(u); assert_se(in_addr_from_string(AF_INET, str, u) >= 0); return u; } @@ -54,6 +57,8 @@ static bool test_v4(FirewallContext *ctx) { union in_addr_union u, v; int r; + assert_se(ctx); + log_info("/* %s(backend=%s) */", __func__, firewall_backend_to_string(ctx->backend)); assert_se(fw_add_masquerade(&ctx, true, AF_INET, NULL, 0) == -EINVAL); @@ -92,6 +97,7 @@ int main(int argc, char *argv[]) { return log_tests_skipped("not root"); assert_se(fw_ctx_new(&ctx) >= 0); + assert_se(ctx); if (ctx->backend == FW_BACKEND_NONE) return EXIT_TEST_SKIP; From 7489d0640a4864d4b47fd8fda77f8eb7cf2e3fe8 Mon Sep 17 00:00:00 2001 From: Luca Boccassi Date: Thu, 25 Mar 2021 11:47:13 +0000 Subject: [PATCH 2/2] test-dhcp6-client: add one more assert on memory mapping Static analyzers need a hint that optval is not pointing off the end of the msg_advertise array, since pos can go up to the full length of it. The array is manually constructed so we know this won't happen, but adding one more assert should be enough to avoid false positives. Coverity CID #1394277 --- src/libsystemd-network/test-dhcp6-client.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/libsystemd-network/test-dhcp6-client.c b/src/libsystemd-network/test-dhcp6-client.c index cb363b3973..42cd91e0be 100644 --- a/src/libsystemd-network/test-dhcp6-client.c +++ b/src/libsystemd-network/test-dhcp6-client.c @@ -449,6 +449,7 @@ static int test_advertise_option(sd_event *e) { case SD_DHCP6_OPTION_IA_NA: assert_se(optlen == 94); + assert_se(optval == &msg_advertise[26]); assert_se(!memcmp(optval, &msg_advertise[26], optlen)); val = htobe32(0x0ecfa37d);