Insecure data handling and null pointer dereferences in test-async.c
@each Coverity identified following problems in the new bin/tests/system/hooks/driver/test-async.c
:
*** CID 313488: Insecure data handling (TAINTED_SCALAR)
/bin/tests/system/hooks/driver/test-async.c: 345 in async_query_done_begin()
339 }
340
341 /* initial call */
342 state->async = true;
343 state->hookpoint = NS_QUERY_DONE_BEGIN;
344 state->origresult = *resp;
>>> CID 313488: Insecure data handling (TAINTED_SCALAR)
>>> Passing tainted variable "qctx->client" to a tainted sink.
345 ns_query_hookasync(qctx, doasync, state);
346 return (NS_HOOK_RETURN);
347 }
348
349 static ns_hookresult_t
350 async_qctx_destroy(void *arg, void *cbdata, isc_result_t *resp) {
*** CID 281450: Null pointer dereferences (REVERSE_INULL)
/bin/tests/system/hooks/driver/test-async.c: 163 in plugin_register()
157
158 *instp = inst;
159
160 return (ISC_R_SUCCESS);
161
162 cleanup:
>>> CID 281450: Null pointer dereferences (REVERSE_INULL)
>>> Null-checking "inst" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
163 if (result != ISC_R_SUCCESS && inst != NULL) {
164 plugin_destroy((void **)&inst);
165 }
166
167 return (result);
168 }
More information at https://scan8.coverity.com/reports.htm#v38342/p12579/fileInstanceId=37570751&defectInstanceId=11302475&mergedDefectId=313488.