New Defects reported by Coverity Scan for sbabic/swupdate
10 views
Skip to first unread message
scan-...@coverity.com
Jul 29, 2025, 2:44:52 PM7/29/25
to swup...@googlegroups.com
Hi,
Please find the latest report on new defect(s) introduced to sbabic/swupdate found with Coverity Scan.
- New Defects Found: 7
- 1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
- Defects Shown: Showing 7 of 7 defect(s)
Defect Details
** CID 583430: (RESOURCE_LEAK)
/core/hw-compatibility.c: 90 in get_hw_revision()
/core/hw-compatibility.c: 90 in get_hw_revision()
_____________________________________________________________________________________________
*** CID 583430: (RESOURCE_LEAK)
/core/hw-compatibility.c: 90 in get_hw_revision()
84 fclose(fp);
85
86 if (ret != 2) {
87 TRACE("Cannot find Board Revision");
88 if(ret == 1)
89 free(b1);
>>> CID 583430: (RESOURCE_LEAK)
>>> Variable "b2" going out of scope leaks the storage it points to.
90 return -1;
91 }
92
93 if ((strlen(b1) > (SWUPDATE_GENERAL_STRING_SIZE) - 1) ||
94 (strlen(b2) > (SWUPDATE_GENERAL_STRING_SIZE - 1))) {
95 ERROR("Board name or revision too long");
/core/hw-compatibility.c: 90 in get_hw_revision()
84 fclose(fp);
85
86 if (ret != 2) {
87 TRACE("Cannot find Board Revision");
88 if(ret == 1)
89 free(b1);
>>> CID 583430: (RESOURCE_LEAK)
>>> Variable "b1" going out of scope leaks the storage it points to.
90 return -1;
91 }
92
93 if ((strlen(b1) > (SWUPDATE_GENERAL_STRING_SIZE) - 1) ||
94 (strlen(b2) > (SWUPDATE_GENERAL_STRING_SIZE - 1))) {
95 ERROR("Board name or revision too long");
** CID 583429: Resource leaks (RESOURCE_LEAK)
/core/util.c: 1120 in get_root_from_partitions()
_____________________________________________________________________________________________
*** CID 583429: Resource leaks (RESOURCE_LEAK)
/core/util.c: 1120 in get_root_from_partitions()
1114 return getroot_abs_path(devname);
1115 }
1116 free(devname);
1117 }
1118
1119 fclose(fp);
>>> CID 583429: Resource leaks (RESOURCE_LEAK)
>>> Variable "devname" going out of scope leaks the storage it points to.
1120 return NULL;
1121 }
1122
1123 /*
1124 * Return the rootfs's device name from /proc/self/mountinfo.
1125 * Needed for filesystems having synthetic stat(2) st_dev
** CID 583428: Resource leaks (RESOURCE_LEAK)
/core/util.c: 532 in load_decryption_key()
_____________________________________________________________________________________________
*** CID 583428: Resource leaks (RESOURCE_LEAK)
/core/util.c: 532 in load_decryption_key()
526 break;
527 default:
528 if (b1 != NULL)
529 free(b1);
530 fprintf(stderr, "File with decryption key is not in the format <key> <ivt>\n");
531 fclose(fp);
>>> CID 583428: Resource leaks (RESOURCE_LEAK)
>>> Variable "b2" going out of scope leaks the storage it points to.
532 return -EINVAL;
533 }
534 fclose(fp);
535
536 ret = set_aes_key(b1, b2);
537
** CID 583427: (RESOURCE_LEAK)
/handlers/delta_handler.c: 682 in parse_headers()
/handlers/delta_handler.c: 682 in parse_headers()
/handlers/delta_handler.c: 682 in parse_headers()
_____________________________________________________________________________________________
*** CID 583427: (RESOURCE_LEAK)
/handlers/delta_handler.c: 682 in parse_headers()
676 free(header);
677 } else if (nconv == 2) {
678 free(header);
679 free(value);
680 }
681
>>> CID 583427: (RESOURCE_LEAK)
>>> Variable "header" going out of scope leaks the storage it points to.
682 return true;
683 }
684
685 static bool search_boundary_in_body(struct hnd_priv *priv)
686 {
687 char *s;
/handlers/delta_handler.c: 682 in parse_headers()
676 free(header);
677 } else if (nconv == 2) {
678 free(header);
679 free(value);
680 }
681
>>> CID 583427: (RESOURCE_LEAK)
>>> Variable "boundary_string" going out of scope leaks the storage it points to.
682 return true;
683 }
684
685 static bool search_boundary_in_body(struct hnd_priv *priv)
686 {
687 char *s;
/handlers/delta_handler.c: 682 in parse_headers()
676 free(header);
677 } else if (nconv == 2) {
678 free(header);
679 free(value);
680 }
681
>>> CID 583427: (RESOURCE_LEAK)
>>> Variable "value" going out of scope leaks the storage it points to.
682 return true;
683 }
684
685 static bool search_boundary_in_body(struct hnd_priv *priv)
686 {
687 char *s;
** CID 583426: Control flow issues (DEADCODE)
/mongoose/mongoose.c: 8930 in mg_str_to_num()
_____________________________________________________________________________________________
*** CID 583426: Control flow issues (DEADCODE)
/mongoose/mongoose.c: 8930 in mg_str_to_num()
8924 : (c >= 'A' && c <= 'F') ? (uint64_t) (c - '7')
8925 : (c >= 'a' && c <= 'f') ? (uint64_t) (c - 'W')
8926 : (uint64_t) ~0;
8927 if (digit == (uint64_t) ~0) break;
8928 if (result > max / 16) return false; // Overflow
8929 result *= 16;
>>> CID 583426: Control flow issues (DEADCODE)
>>> Execution cannot reach this statement: "return false;".
8930 if (result > max - digit) return false; // Overflow
8931 result += digit;
8932 i++, ndigits++;
8933 }
8934 break;
8935 default:
** CID 583425: (RESOURCE_LEAK)
/core/artifacts_versions.c: 93 in read_sw_version_file()
/core/artifacts_versions.c: 93 in read_sw_version_file()
_____________________________________________________________________________________________
*** CID 583425: (RESOURCE_LEAK)
/core/artifacts_versions.c: 93 in read_sw_version_file()
87 if (ret == 1)
88 free(name);
89 }
90 }
91 fclose(fp);
92
>>> CID 583425: (RESOURCE_LEAK)
>>> Variable "name" going out of scope leaks the storage it points to.
93 return 0;
94 }
95
96 static int versions_settings(void *setting, void *data)
97 {
98 struct swupdate_cfg *sw = (struct swupdate_cfg *)data;
/core/artifacts_versions.c: 93 in read_sw_version_file()
87 if (ret == 1)
88 free(name);
89 }
90 }
91 fclose(fp);
92
>>> CID 583425: (RESOURCE_LEAK)
>>> Variable "version" going out of scope leaks the storage it points to.
93 return 0;
94 }
95
96 static int versions_settings(void *setting, void *data)
97 {
98 struct swupdate_cfg *sw = (struct swupdate_cfg *)data;
** CID 583424: (RESOURCE_LEAK)
/core/util.c: 1160 in get_root_from_mountinfo()
/core/util.c: 1163 in get_root_from_mountinfo()
_____________________________________________________________________________________________
*** CID 583424: (RESOURCE_LEAK)
/core/util.c: 1160 in get_root_from_mountinfo()
1154 }
1155 break;
1156 }
1157 free(mnt_point);
1158 free(device);
1159 }
>>> CID 583424: (RESOURCE_LEAK)
>>> Overwriting "device" in "device = NULL" leaks the storage that "device" points to.
1160 device = NULL;
1161 }
1162 (void)fclose(fp);
1163 return device;
1164 }
1165
/core/util.c: 1163 in get_root_from_mountinfo()
1157 free(mnt_point);
1158 free(device);
1159 }
1160 device = NULL;
1161 }
1162 (void)fclose(fp);
>>> CID 583424: (RESOURCE_LEAK)
>>> Variable "mnt_point" going out of scope leaks the storage it points to.
1163 return device;
1164 }
1165
1166 #define MAX_CMDLINE_LENGTH 4096
1167 char **parse_linux_cmdline(void)
1168 {
Best regards,
The Coverity Scan Admin Team
Reply all
Reply to author
Forward
0 new messages