diff options
| author | Daniel P. Berrange <berrange@redhat.com> | 2015-11-13 17:45:27 +0000 |
|---|---|---|
| committer | Michael Tokarev <mjt@tls.msk.ru> | 2015-12-04 09:39:55 +0300 |
| commit | 0e1d02452bf2c3486406dd48524a5b1de3c0eba8 (patch) | |
| tree | 351554876a7e6e6b2f3a8dd651758266fbe65d1c /crypto/tlscredsx509.c | |
| parent | 0ef74c7496fd3c526b2259f86326eca4b3a03b78 (diff) | |
| download | qemu-0e1d02452bf2c3486406dd48524a5b1de3c0eba8.tar.gz qemu-0e1d02452bf2c3486406dd48524a5b1de3c0eba8.tar.bz2 qemu-0e1d02452bf2c3486406dd48524a5b1de3c0eba8.zip | |
crypto: avoid two coverity false positive error reports
In qcrypto_tls_creds_get_path() coverity complains that
we are checking '*creds' for NULL, despite having
dereferenced it previously. This is harmless bug due
to fact that the trace call was too early. Moving it
after the cleanup gets the desired semantics.
In qcrypto_tls_creds_check_cert_key_purpose() coverity
complains that we're passing a pointer to a previously
free'd buffer into gnutls_x509_crt_get_key_purpose_oid()
This is harmless because we're passing a size == 0, so
gnutls won't access the buffer, but rather just report
what size it needs to be. We can avoid it though by
explicitly setting the buffer to NULL after free'ing
it.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Diffstat (limited to 'crypto/tlscredsx509.c')
| -rw-r--r-- | crypto/tlscredsx509.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/crypto/tlscredsx509.c b/crypto/tlscredsx509.c index d080deb83e..26f18cbb4a 100644 --- a/crypto/tlscredsx509.c +++ b/crypto/tlscredsx509.c @@ -255,6 +255,7 @@ qcrypto_tls_creds_check_cert_key_purpose(QCryptoTLSCredsX509 *creds, } g_free(buffer); + buffer = NULL; } if (isServer) { |