openhpi-3.7.0/plugins/oa_soap/oa_soap_oa_event.c:611: fixed_size_dest: You might overrun the 255-character fixed-size string "temp->server" by copying "nw_info->ipAddress" without checking the length.
openhpi-3.7.0/plugins/oa_soap/oa_soap_oa_event.c:611: parameter_as_source: Note: This defect has an elevated risk because the source argument is a parameter of the current function.
o 609| wrap_g_mutex_lock(temp->mutex);
o 610| memset(temp->server, 0, MAX_URL_LEN);
o 611|-> strncpy(temp->server, nw_info->ipAddress,
o 612| strlen(nw_info->ipAddress));
o 613| wrap_g_mutex_unlock(temp->mutex);
Defect type: STRING_OVERFLOW
openhpi-3.7.0/plugins/oa_soap/oa_soap_inventory.c:4316: fixed_size_dest: You might overrun the 255-character fixed-size string "hpi_field.Field.Data" by copying "tmp" without checking the length.
o 4314| return SA_ERR_HPI_OUT_OF_MEMORY;
o 4315| }
o 4316|-> strcpy ((char *)hpi_field.Field.Data,
o 4317| tmp);
o 4318|
Defect type: STRING_OVERFLOW
openhpi-3.7.0/plugins/oa_soap/oa_soap_inventory.c:4286: fixed_size_dest: You might overrun the 255-character fixed-size string "hpi_field.Field.Data" by copying "tmp" without checking the length.
o 4284| return SA_ERR_HPI_OUT_OF_MEMORY;
o 4285| }
o 4286|-> strcpy ((char *)hpi_field.Field.Data,
o 4287| tmp);
o 4288|
Defect type: STRING_OVERFLOW
openhpi-3.7.0/plugins/oa_soap/oa_soap_inventory.c:4253: fixed_size_dest: You might overrun the 255-character fixed-size string "hpi_field.Field.Data" by copying "extra_data_info.value" without checking the length.
o 4251| idr_area_head.AreaId;
o 4252| hpi_field.Type = SAHPI_IDR_FIELDTYPE_PRODUCT_VERSION;
o 4253|-> strcpy ((char *)hpi_field.Field.Data,
o 4254| extra_data_info.value);
o 4255|
Defect type: STRING_OVERFLOW
openhpi-3.7.0/plugins/oa_soap/oa_soap_inventory.c:3767: fixed_size_dest: You might overrun the 255-character fixed-size string "hpi_field.Field.Data" by copying "blade_mp_response.fwVersion" without checking the length.
o 3765| idr_area_head.AreaId;
o 3766| hpi_field.Type = SAHPI_IDR_FIELDTYPE_PRODUCT_VERSION;
o 3767|-> strcpy ((char *)hpi_field.Field.Data,
o 3768| blade_mp_response.fwVersion);
o 3769|
Defect type: BUFFER_SIZE_WARNING
openhpi-3.7.0/plugins/ilo2_ribcl/ilo2_ribcl_xml.c:3476: buffer_size_warning: Calling strncpy with a maximum size argument of 32 bytes on destination array "current_reading.Value.SensorBuffer" of size 32 bytes might leave the destination string unterminated.
o 3474| current_reading.Type =
o 3475| SAHPI_SENSOR_READING_TYPE_BUFFER;
o 3476|-> strncpy((char *) current_reading.Value.SensorBuffer, log_desc,
o 3477| SAHPI_SENSOR_BUFFER_LENGTH);
o 3478| ev->event.EventDataUnion.SensorEvent.TriggerReading = current_reading;
Defect type: RESOURCE_LEAK
openhpi-3.7.0/plugins/oa_soap/oa_soap_inventory.c:4571: alloc_fn: Storage is returned from allocation function "g_malloc0".
openhpi-3.7.0/plugins/oa_soap/oa_soap_inventory.c:4571: var_assign: Assigning: "local_inventory" = storage returned from "g_malloc0(48UL)".
openhpi-3.7.0/plugins/oa_soap/oa_soap_inventory.c:4634: leaked_storage: Variable "local_inventory" going out of scope leaks the storage it points to.
o 4632| if (rv != SA_OK) {
o 4633| err("Add board area failed");
o 4634|-> return rv;
o 4635| }
o 4636| if (add_success_flag != SAHPI_FALSE) {
Defect type: RESOURCE_LEAK
openhpi-3.7.0/plugins/oa_soap/oa_soap_inventory.c:4571: alloc_fn: Storage is returned from allocation function "g_malloc0".
openhpi-3.7.0/plugins/oa_soap/oa_soap_inventory.c:4571: var_assign: Assigning: "local_inventory" = storage returned from "g_malloc0(48UL)".
openhpi-3.7.0/plugins/oa_soap/oa_soap_inventory.c:4610: leaked_storage: Variable "local_inventory" going out of scope leaks the storage it points to.
o 4608| if (rv != SA_OK) {
o 4609| err("Add product area failed");
o 4610|-> return rv;
o 4611| }
o 4612|
Defect type: RESOURCE_LEAK
openhpi-3.7.0/plugins/oa_soap/oa_soap_inventory.c:4438: alloc_fn: Storage is returned from allocation function "g_malloc0".
openhpi-3.7.0/plugins/oa_soap/oa_soap_inventory.c:4438: var_assign: Assigning: "local_inventory" = storage returned from "g_malloc0(48UL)".
openhpi-3.7.0/plugins/oa_soap/oa_soap_inventory.c:4486: leaked_storage: Variable "local_inventory" going out of scope leaks the storage it points to.
o 4484| if (rv != SA_OK) {
o 4485| err("Add board area failed");
o 4486|-> return rv;
o 4487| }
o 4488| if (add_success_flag != SAHPI_FALSE) {
Defect type: RESOURCE_LEAK
openhpi-3.7.0/plugins/oa_soap/oa_soap_inventory.c:4438: alloc_fn: Storage is returned from allocation function "g_malloc0".
openhpi-3.7.0/plugins/oa_soap/oa_soap_inventory.c:4438: var_assign: Assigning: "local_inventory" = storage returned from "g_malloc0(48UL)".
openhpi-3.7.0/plugins/oa_soap/oa_soap_inventory.c:4462: leaked_storage: Variable "local_inventory" going out of scope leaks the storage it points to.
o 4460| if (rv != SA_OK) {
o 4461| err("Add product area failed");
o 4462|-> return rv;
o 4463| }
o 4464|
Defect type: RESOURCE_LEAK
openhpi-3.7.0/plugins/oa_soap/oa_soap_discover.c:2950: alloc_arg: "build_interconnect_inv_rdr_arr" allocates memory that is stored into "inventory".
openhpi-3.7.0/plugins/oa_soap/oa_soap_inventory.c:4177:9: alloc_fn: Storage is returned from allocation function "g_malloc0".
openhpi-3.7.0/plugins/oa_soap/oa_soap_discover.c:2955: leaked_storage: Variable "inventory" going out of scope leaks the storage it points to.
o 2953| if (rv != SA_OK) {
o 2954| err("Failed to build interconnect inventory RDR");
o 2955|-> return SA_ERR_HPI_INTERNAL_ERROR;
o 2956| }
o 2957| rv = oh_add_rdr(oh_handler->rptcache, resource_id, &rdr, inventory, 0);
Defect type: RESOURCE_LEAK
openhpi-3.7.0/plugins/oa_soap/oa_soap_discover.c:2747: alloc_arg: "build_interconnect_inv_rdr" allocates memory that is stored into "inventory".
openhpi-3.7.0/plugins/oa_soap/oa_soap_inventory.c:3886:9: alloc_fn: Storage is returned from allocation function "g_malloc0".
openhpi-3.7.0/plugins/oa_soap/oa_soap_discover.c:2751: leaked_storage: Variable "inventory" going out of scope leaks the storage it points to.
o 2749| if (rv != SA_OK) {
o 2750| err("Failed to get interconnect inventory RDR");
o 2751|-> return SA_ERR_HPI_INTERNAL_ERROR;
o 2752| }
o 2753| rv = oh_add_rdr(oh_handler->rptcache, resource_id, &rdr, inventory, 0);
Defect type: NO_EFFECT
openhpi-3.7.0/plugins/oa_soap/oa_soap_re_discover.c:2330: array_null: Comparing an array to null is not useful: "info_result->serialNumber == NULL", since the test will always evaluate as true.
openhpi-3.7.0/plugins/oa_soap/oa_soap_re_discover.c:2330: remediation: Was "info_result->serialNumber" formerly declared as a pointer?
o 2328| state = RES_ABSENT;
o 2329| } else {
o 2330|-> if ((info_result->serialNumber == NULL ||
o 2331| info_result->serialNumber[0] == '\0')) {
o 2332| strcpy(info_result->serialNumber,"No_Report");
openhpi-3.7.0/plugins/oa_soap/oa_soap_re_discover.c:1913: between: When switching on "state", the value of "state" must be between 0 and 1.
openhpi-3.7.0/plugins/oa_soap/oa_soap_re_discover.c:1913: dead_error_condition: The switch value "state" cannot reach the default case.
openhpi-3.7.0/plugins/oa_soap/oa_soap_re_discover.c:1947: dead_error_begin: Execution cannot reach this statement: "default:".
o 1945| break;
o 1946|
o 1947|-> default:
o 1948| err("unexpected power state %d detected for "
o 1949| "interconnect in bay %d",
openhpi-3.7.0/plugins/oa_soap/oa_soap_re_discover.c:1294: between: When switching on "state", the value of "state" must be between 0 and 1.
openhpi-3.7.0/plugins/oa_soap/oa_soap_re_discover.c:1294: dead_error_condition: The switch value "state" cannot reach the default case.
openhpi-3.7.0/plugins/oa_soap/oa_soap_re_discover.c:1329: dead_error_begin: Execution cannot reach this statement: "default:".
o 1327| break;
o 1328|
o 1329|-> default:
o 1330| err("unknown Blade power state %d detected "
o 1331| "in slot %d", state, info->bayNumber);
openhpi-3.7.0/plugins/oa_soap/oa_soap_discover.c:1627: between: When switching on "state", the value of "state" must be between 0 and 1.
openhpi-3.7.0/plugins/oa_soap/oa_soap_discover.c:1627: dead_error_condition: The switch value "state" cannot reach the default case.
openhpi-3.7.0/plugins/oa_soap/oa_soap_discover.c:1645: dead_error_begin: Execution cannot reach this statement: "default:".
o 1643| break;
o 1644|
o 1645|-> default:
o 1646| err("Unknown power state %d detected for Blade"
o 1647| " at bay %d", state,
openhpi-3.7.0/plugins/oa_soap/oa_soap_oa_event.c:609: var_deref_op: Dereferencing null pointer "temp".
o 607| }
o 608| / Copy the server IP address to oa_info structure /
o 609|-> wrap_g_mutex_lock(temp->mutex);
o 610| memset(temp->server, 0, MAX_URL_LEN);
o 611| strncpy(temp->server, nw_info->ipAddress,
Defect type: FORWARD_NULL
openhpi-3.7.0/plugins/ilo2_ribcl/ilo2_ribcl_xml.c:3449: var_compare_op: Comparing "description" to null implies that "description" might be null.
openhpi-3.7.0/plugins/ilo2_ribcl/ilo2_ribcl_xml.c:3453: var_deref_model: Passing null pointer "description" to "strncpy", which dereferences it. [Note: The source code implementation of the function has been overridden by a builtin model.]
o 3451| else
o 3452| dbg("description is NULL");
o 3453|-> strncpy(log_desc,(const char )description,
o 3454| SAHPI_SENSOR_BUFFER_LENGTH-1);
o 3455| ev->resource = rpt;
Defect type: REVERSE_INULL
openhpi-3.7.0/plugins/ilo2_ribcl/ilo2_ribcl_xml.c:3335: check_after_deref: Null-checking "last_update" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
openhpi-3.7.0/plugins/ilo2_ribcl/ilo2_ribcl_xml.c:3296: deref_ptr_in_call: Dereferencing pointer "last_update".
o 3294| last_update = xmlGetProp( n, (const xmlChar )"LAST_UPDATE");
o 3295| time = (struct tm){0,0,0,0,0,0,0,0,-1};
o 3296|-> strptime((const char) last_update,"%m/%d/%Y %H:%M", &time);
o 3297| seconds = mktime( &time) * 1000000000LL;
o 3298| if( seconds > ir_handler->iml_log_time)
Defect type: FORWARD_NULL
openhpi-3.7.0/plugins/ilo2_ribcl/ilo2_ribcl_xml.c:2041: var_compare_op: Comparing "stat" to null implies that "stat" might be null.
openhpi-3.7.0/plugins/ilo2_ribcl/ilo2_ribcl_xml.c:2033: var_deref_model: Passing null pointer "stat" to "ir_xml_record_psdata", which dereferences it.
openhpi-3.7.0/plugins/ilo2_ribcl/ilo2_ribcl_xml.c:2118:2: deref_parm_in_call: Function "strcmp" dereferences "psstat".
o 2031| ((present != NULL) &&
o 2032| (xmlStrcmp( present, (xmlChar )"No"))))) {
o 2033|-> ret = ir_xml_record_psdata( ir_handler,
o 2034| (char )lbl, (char *)stat);
o 2035| }
Defect type: FORWARD_NULL
openhpi-3.7.0/plugins/ilo2_ribcl/ilo2_ribcl_xml.c:1333: var_compare_op: Comparing "stat" to null implies that "stat" might be null.
openhpi-3.7.0/plugins/ilo2_ribcl/ilo2_ribcl_xml.c:1323: var_deref_model: Passing null pointer "stat" to "ir_xml_record_fandata", which dereferences it.
openhpi-3.7.0/plugins/ilo2_ribcl/ilo2_ribcl_xml.c:1424:2: deref_parm_in_call: Function "strcmp" dereferences "fanstat".
o 1321| }
o 1322|
o 1323|-> ret = ir_xml_record_fandata( ir_handler, (char )lbl,
o 1324| (char )zone, (char )stat, (char )speed,
o 1325| (char *)unit);
Defect type: FORWARD_NULL
openhpi-3.7.0/plugins/ilo2_ribcl/ilo2_ribcl_discover.c:1184: var_compare_op: Comparing "psustatus" to null implies that "psustatus" might be null.
openhpi-3.7.0/plugins/ilo2_ribcl/ilo2_ribcl_discover.c:1191: var_deref_model: Passing null pointer "psustatus" to "strcmp", which dereferences it.
o 1189| }
o 1190|
o 1191|-> if(!strcmp(psustatus, "Not Installed") ||
o 1192| !strcmp(psustatus, "Unknown")){
o 1193| psudata->psuflags = ~IR_DISCOVERED;
Defect type: FORWARD_NULL
openhpi-3.7.0/plugins/ilo2_ribcl/ilo2_ribcl_discover.c:1069: var_compare_op: Comparing "fanstatus" to null implies that "fanstatus" might be null.
openhpi-3.7.0/plugins/ilo2_ribcl/ilo2_ribcl_discover.c:1083: var_deref_model: Passing null pointer "fanstatus" to "strcmp", which dereferences it.
o 1081| *
o 1082| **/
o 1083|-> if(!strcmp(fanstatus, "Not Installed")|| !strcmp(fanstatus, "Unknown")){
o 1084| fandata->fanflags = ~IR_DISCOVERED;
o 1085| }
Defect type: CLANG_WARNING
openhpi-3.7.0/plugins/oa_soap/oa_soap_server_event.c:957:21: warning: Function call argument is an uninitialized value
o oa_soap_parse_memory_sensor_reading(extra_data_info.value);
o ^ ~~~~~~~~~~~~~~~~~~~~~
openhpi-3.7.0/plugins/oa_soap/oa_soap_server_event.c:916:6: note: Assuming 'oh_handler' is not equal to null
o if (oh_handler == NULL || con == NULL || status == NULL) {
o ^~~~~~~~~~~~~~~~~~
openhpi-3.7.0/plugins/oa_soap/oa_soap_server_event.c:916:6: note: Left side of '||' is false
openhpi-3.7.0/plugins/oa_soap/oa_soap_server_event.c:916:28: note: Assuming 'con' is not equal to null
o if (oh_handler == NULL || con == NULL || status == NULL) {
o ^~~~~~~~~~~
openhpi-3.7.0/plugins/oa_soap/oa_soap_server_event.c:916:6: note: Left side of '||' is false
o if (oh_handler == NULL || con == NULL || status == NULL) {
o ^
openhpi-3.7.0/plugins/oa_soap/oa_soap_server_event.c:916:43: note: Assuming 'status' is not equal to null
o if (oh_handler == NULL || con == NULL || status == NULL) {
o ^~~~~~~~~~~~~~
openhpi-3.7.0/plugins/oa_soap/oa_soap_server_event.c:916:2: note: Taking false branch
o if (oh_handler == NULL || con == NULL || status == NULL) {
o ^
openhpi-3.7.0/plugins/oa_soap/oa_soap_server_event.c:927:6: note: Assuming 'rpt' is not equal to null
o if (rpt == NULL) {
o ^~~~~~~~~~~
openhpi-3.7.0/plugins/oa_soap/oa_soap_server_event.c:927:2: note: Taking false branch
o if (rpt == NULL) {
o ^
openhpi-3.7.0/plugins/oa_soap/oa_soap_server_event.c:939:2: note: Loop condition is false. Execution continues on line 951
o while (extra_data) {
o ^
openhpi-3.7.0/plugins/oa_soap/oa_soap_server_event.c:951:9: note: Taking true branch
o if(oa_handler->memErrRecFlag[bay - 1]) {
o ^
openhpi-3.7.0/plugins/oa_soap/oa_soap_server_event.c:955:17: note: Taking true branch
o if (memErrFlag[bay - 1]) {
o ^
openhpi-3.7.0/plugins/oa_soap/oa_soap_server_event.c:957:21: note: Function call argument is an uninitialized value
o oa_soap_parse_memory_sensor_reading(extra_data_info.value);
o ^ ~~~~~~~~~~~~~~~~~~~~~
o 955| if (memErrFlag[bay - 1]) {
o 956| mainMemoryError = (char *)
o 957|-> oa_soap_parse_memory_sensor_reading(extra_data_info.value);
o 958| rv = oa_soap_proc_mem_evt(oh_handler, resource_id,
o 959| OA_SOAP_SEN_MAIN_MEMORY_ERRORS,
Defect type: CLANG_WARNING
openhpi-3.7.0/plugins/oa_soap/oa_soap_oa_event.c:609:20: warning: Access to field 'mutex' results in a dereference of a null pointer (loaded from variable 'temp')
o wrap_g_mutex_lock(temp->mutex);
o ^~~~
openhpi-3.7.0/plugins/oa_soap/oa_soap_oa_event.c:570:9: note: 'temp' initialized to a null pointer value
o struct oa_info *temp = NULL;
o ^~~~~~~~~~~~~~~~~~~~
openhpi-3.7.0/plugins/oa_soap/oa_soap_oa_event.c:573:13: note: Assuming 'oh_handler' is not equal to null
o if (oh_handler == NULL || nw_info == NULL) {
o ^~~~~~~~~~~~~~~~~~
openhpi-3.7.0/plugins/oa_soap/oa_soap_oa_event.c:573:13: note: Left side of '||' is false
openhpi-3.7.0/plugins/oa_soap/oa_soap_oa_event.c:573:35: note: Assuming 'nw_info' is not equal to null
o if (oh_handler == NULL || nw_info == NULL) {
o ^~~~~~~~~~~~~~~
openhpi-3.7.0/plugins/oa_soap/oa_soap_oa_event.c:573:9: note: Taking false branch
o if (oh_handler == NULL || nw_info == NULL) {
o ^
openhpi-3.7.0/plugins/oa_soap/oa_soap_oa_event.c:581:9: note: 'Default' branch taken. Execution continues on line 590
o switch (bay_number) {
o ^
openhpi-3.7.0/plugins/oa_soap/oa_soap_oa_event.c:592:9: note: Loop condition is false. Execution continues on line 609
o while (extra_data) {
o ^
openhpi-3.7.0/plugins/oa_soap/oa_soap_oa_event.c:609:20: note: Access to field 'mutex' results in a dereference of a null pointer (loaded from variable 'temp')
o wrap_g_mutex_lock(temp->mutex);
o ^~~~
o 607| }
o 608| / Copy the server IP address to oa_info structure /
o 609|-> wrap_g_mutex_lock(temp->mutex);
o 610| memset(temp->server, 0, MAX_URL_LEN);
o 611| strncpy(temp->server, nw_info->ipAddress,
Defect type: COMPILER_WARNING ¶
openhpi-3.7.0/baselib/session.cpp:121:15: warning: extended initializer lists only available with -std=c++11 or -std=gnu++11 [enabled by default]
o m_sockets = G_PRIVATE_INIT (g_free);
o ^
o 119| {
o 120| #if GLIB_CHECK_VERSION (2, 32, 0)
o 121|-> m_sockets = G_PRIVATE_INIT (g_free);
o 122| #else
o 123| wrap_g_static_private_init( &m_sockets );
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Coverity Scan detects several issues:
openhpi-3.7.0/plugins/oa_soap/oa_soap_oa_event.c:611: parameter_as_source: Note: This defect has an elevated risk because the source argument is a parameter of the current function.
o 609| wrap_g_mutex_lock(temp->mutex);
o 610| memset(temp->server, 0, MAX_URL_LEN);
o 611|-> strncpy(temp->server, nw_info->ipAddress,
o 612| strlen(nw_info->ipAddress));
o 613| wrap_g_mutex_unlock(temp->mutex);
Defect type: STRING_OVERFLOW
openhpi-3.7.0/plugins/oa_soap/oa_soap_inventory.c:4316: fixed_size_dest: You might overrun the 255-character fixed-size string "hpi_field.Field.Data" by copying "tmp" without checking the length.
o 4314| return SA_ERR_HPI_OUT_OF_MEMORY;
o 4315| }
o 4316|-> strcpy ((char *)hpi_field.Field.Data,
o 4317| tmp);
o 4318|
Defect type: STRING_OVERFLOW
openhpi-3.7.0/plugins/oa_soap/oa_soap_inventory.c:4286: fixed_size_dest: You might overrun the 255-character fixed-size string "hpi_field.Field.Data" by copying "tmp" without checking the length.
o 4284| return SA_ERR_HPI_OUT_OF_MEMORY;
o 4285| }
o 4286|-> strcpy ((char *)hpi_field.Field.Data,
o 4287| tmp);
o 4288|
Defect type: STRING_OVERFLOW
openhpi-3.7.0/plugins/oa_soap/oa_soap_inventory.c:4253: fixed_size_dest: You might overrun the 255-character fixed-size string "hpi_field.Field.Data" by copying "extra_data_info.value" without checking the length.
o 4251| idr_area_head.AreaId;
o 4252| hpi_field.Type = SAHPI_IDR_FIELDTYPE_PRODUCT_VERSION;
o 4253|-> strcpy ((char *)hpi_field.Field.Data,
o 4254| extra_data_info.value);
o 4255|
Defect type: STRING_OVERFLOW
openhpi-3.7.0/plugins/oa_soap/oa_soap_inventory.c:3767: fixed_size_dest: You might overrun the 255-character fixed-size string "hpi_field.Field.Data" by copying "blade_mp_response.fwVersion" without checking the length.
o 3765| idr_area_head.AreaId;
o 3766| hpi_field.Type = SAHPI_IDR_FIELDTYPE_PRODUCT_VERSION;
o 3767|-> strcpy ((char *)hpi_field.Field.Data,
o 3768| blade_mp_response.fwVersion);
o 3769|
Defect type: BUFFER_SIZE_WARNING
openhpi-3.7.0/plugins/ilo2_ribcl/ilo2_ribcl_xml.c:3476: buffer_size_warning: Calling strncpy with a maximum size argument of 32 bytes on destination array "current_reading.Value.SensorBuffer" of size 32 bytes might leave the destination string unterminated.
o 3474| current_reading.Type =
o 3475| SAHPI_SENSOR_READING_TYPE_BUFFER;
o 3476|-> strncpy((char *) current_reading.Value.SensorBuffer, log_desc,
o 3477| SAHPI_SENSOR_BUFFER_LENGTH);
o 3478| ev->event.EventDataUnion.SensorEvent.TriggerReading = current_reading;
Defect type: RESOURCE_LEAK
openhpi-3.7.0/plugins/oa_soap/oa_soap_inventory.c:4634: leaked_storage: Variable "local_inventory" going out of scope leaks the storage it points to.
o 4632| if (rv != SA_OK) {
o 4633| err("Add board area failed");
o 4634|-> return rv;
o 4635| }
o 4636| if (add_success_flag != SAHPI_FALSE) {
Defect type: RESOURCE_LEAK
openhpi-3.7.0/plugins/oa_soap/oa_soap_inventory.c:4610: leaked_storage: Variable "local_inventory" going out of scope leaks the storage it points to.
o 4608| if (rv != SA_OK) {
o 4609| err("Add product area failed");
o 4610|-> return rv;
o 4611| }
o 4612|
Defect type: RESOURCE_LEAK
openhpi-3.7.0/plugins/oa_soap/oa_soap_inventory.c:4486: leaked_storage: Variable "local_inventory" going out of scope leaks the storage it points to.
o 4484| if (rv != SA_OK) {
o 4485| err("Add board area failed");
o 4486|-> return rv;
o 4487| }
o 4488| if (add_success_flag != SAHPI_FALSE) {
Defect type: RESOURCE_LEAK
openhpi-3.7.0/plugins/oa_soap/oa_soap_inventory.c:4462: leaked_storage: Variable "local_inventory" going out of scope leaks the storage it points to.
o 4460| if (rv != SA_OK) {
o 4461| err("Add product area failed");
o 4462|-> return rv;
o 4463| }
o 4464|
Defect type: RESOURCE_LEAK
openhpi-3.7.0/plugins/oa_soap/oa_soap_discover.c:2955: leaked_storage: Variable "inventory" going out of scope leaks the storage it points to.
o 2953| if (rv != SA_OK) {
o 2954| err("Failed to build interconnect inventory RDR");
o 2955|-> return SA_ERR_HPI_INTERNAL_ERROR;
o 2956| }
o 2957| rv = oh_add_rdr(oh_handler->rptcache, resource_id, &rdr, inventory, 0);
Defect type: RESOURCE_LEAK
openhpi-3.7.0/plugins/oa_soap/oa_soap_discover.c:2751: leaked_storage: Variable "inventory" going out of scope leaks the storage it points to.
o 2749| if (rv != SA_OK) {
o 2750| err("Failed to get interconnect inventory RDR");
o 2751|-> return SA_ERR_HPI_INTERNAL_ERROR;
o 2752| }
o 2753| rv = oh_add_rdr(oh_handler->rptcache, resource_id, &rdr, inventory, 0);
Defect type: NO_EFFECT
openhpi-3.7.0/plugins/oa_soap/oa_soap_re_discover.c:2330: remediation: Was "info_result->serialNumber" formerly declared as a pointer?
o 2328| state = RES_ABSENT;
o 2329| } else {
o 2330|-> if ((info_result->serialNumber == NULL ||
o 2331| info_result->serialNumber[0] == '\0')) {
o 2332| strcpy(info_result->serialNumber,"No_Report");
Defect type: DEADCODE
openhpi-3.7.0/plugins/oa_soap/oa_soap_re_discover.c:1947: dead_error_begin: Execution cannot reach this statement: "default:".
o 1945| break;
o 1946|
o 1947|-> default:
o 1948| err("unexpected power state %d detected for "
o 1949| "interconnect in bay %d",
Defect type: DEADCODE
openhpi-3.7.0/plugins/oa_soap/oa_soap_re_discover.c:1329: dead_error_begin: Execution cannot reach this statement: "default:".
o 1327| break;
o 1328|
o 1329|-> default:
o 1330| err("unknown Blade power state %d detected "
o 1331| "in slot %d", state, info->bayNumber);
Defect type: DEADCODE
openhpi-3.7.0/plugins/oa_soap/oa_soap_discover.c:1645: dead_error_begin: Execution cannot reach this statement: "default:".
o 1643| break;
o 1644|
o 1645|-> default:
o 1646| err("Unknown power state %d detected for Blade"
o 1647| " at bay %d", state,
Defect type: FORWARD_NULL
openhpi-3.7.0/plugins/oa_soap/oa_soap_oa_event.c:609: var_deref_op: Dereferencing null pointer "temp".
o 607| }
o 608| / Copy the server IP address to oa_info structure /
o 609|-> wrap_g_mutex_lock(temp->mutex);
o 610| memset(temp->server, 0, MAX_URL_LEN);
o 611| strncpy(temp->server, nw_info->ipAddress,
Defect type: FORWARD_NULL
openhpi-3.7.0/plugins/ilo2_ribcl/ilo2_ribcl_xml.c:3453: var_deref_model: Passing null pointer "description" to "strncpy", which dereferences it. [Note: The source code implementation of the function has been overridden by a builtin model.]
o 3451| else
o 3452| dbg("description is NULL");
o 3453|-> strncpy(log_desc,(const char )description,
o 3454| SAHPI_SENSOR_BUFFER_LENGTH-1);
o 3455| ev->resource = rpt;
Defect type: REVERSE_INULL
openhpi-3.7.0/plugins/ilo2_ribcl/ilo2_ribcl_xml.c:3296: deref_ptr_in_call: Dereferencing pointer "last_update".
o 3294| last_update = xmlGetProp( n, (const xmlChar )"LAST_UPDATE");
o 3295| time = (struct tm){0,0,0,0,0,0,0,0,-1};
o 3296|-> strptime((const char) last_update,"%m/%d/%Y %H:%M", &time);
o 3297| seconds = mktime( &time) * 1000000000LL;
o 3298| if( seconds > ir_handler->iml_log_time)
Defect type: FORWARD_NULL
openhpi-3.7.0/plugins/ilo2_ribcl/ilo2_ribcl_xml.c:2118:2: deref_parm_in_call: Function "strcmp" dereferences "psstat".
o 2031| ((present != NULL) &&
o 2032| (xmlStrcmp( present, (xmlChar )"No"))))) {
o 2033|-> ret = ir_xml_record_psdata( ir_handler,
o 2034| (char )lbl, (char *)stat);
o 2035| }
Defect type: FORWARD_NULL
openhpi-3.7.0/plugins/ilo2_ribcl/ilo2_ribcl_xml.c:1424:2: deref_parm_in_call: Function "strcmp" dereferences "fanstat".
o 1321| }
o 1322|
o 1323|-> ret = ir_xml_record_fandata( ir_handler, (char )lbl,
o 1324| (char )zone, (char )stat, (char )speed,
o 1325| (char *)unit);
Defect type: FORWARD_NULL
openhpi-3.7.0/plugins/ilo2_ribcl/ilo2_ribcl_discover.c:1191: var_deref_model: Passing null pointer "psustatus" to "strcmp", which dereferences it.
o 1189| }
o 1190|
o 1191|-> if(!strcmp(psustatus, "Not Installed") ||
o 1192| !strcmp(psustatus, "Unknown")){
o 1193| psudata->psuflags = ~IR_DISCOVERED;
Defect type: FORWARD_NULL
openhpi-3.7.0/plugins/ilo2_ribcl/ilo2_ribcl_discover.c:1083: var_deref_model: Passing null pointer "fanstatus" to "strcmp", which dereferences it.
o 1081| *
o 1082| **/
o 1083|-> if(!strcmp(fanstatus, "Not Installed")|| !strcmp(fanstatus, "Unknown")){
o 1084| fandata->fanflags = ~IR_DISCOVERED;
o 1085| }
Defect type: CLANG_WARNING
o oa_soap_parse_memory_sensor_reading(extra_data_info.value);
o ^ ~~~~~~~~~~~~~~~~~~~~~
o if (oh_handler == NULL || con == NULL || status == NULL) {
o ^~~~~~~~~~~~~~~~~~
o if (oh_handler == NULL || con == NULL || status == NULL) {
o ^~~~~~~~~~~
o if (oh_handler == NULL || con == NULL || status == NULL) {
o ^
o if (oh_handler == NULL || con == NULL || status == NULL) {
o ^~~~~~~~~~~~~~
o if (oh_handler == NULL || con == NULL || status == NULL) {
o ^
o if (rpt == NULL) {
o ^~~~~~~~~~~
o if (rpt == NULL) {
o ^
o while (extra_data) {
o ^
o if(oa_handler->memErrRecFlag[bay - 1]) {
o ^
o if (memErrFlag[bay - 1]) {
o ^
openhpi-3.7.0/plugins/oa_soap/oa_soap_server_event.c:957:21: note: Function call argument is an uninitialized value
o oa_soap_parse_memory_sensor_reading(extra_data_info.value);
o ^ ~~~~~~~~~~~~~~~~~~~~~
o 955| if (memErrFlag[bay - 1]) {
o 956| mainMemoryError = (char *)
o 957|-> oa_soap_parse_memory_sensor_reading(extra_data_info.value);
o 958| rv = oa_soap_proc_mem_evt(oh_handler, resource_id,
o 959| OA_SOAP_SEN_MAIN_MEMORY_ERRORS,
Defect type: CLANG_WARNING
o wrap_g_mutex_lock(temp->mutex);
o ^~~~
o struct oa_info *temp = NULL;
o ^~~~~~~~~~~~~~~~~~~~
o if (oh_handler == NULL || nw_info == NULL) {
o ^~~~~~~~~~~~~~~~~~
o if (oh_handler == NULL || nw_info == NULL) {
o ^~~~~~~~~~~~~~~
o if (oh_handler == NULL || nw_info == NULL) {
o ^
o switch (bay_number) {
o ^
o while (extra_data) {
o ^
openhpi-3.7.0/plugins/oa_soap/oa_soap_oa_event.c:609:20: note: Access to field 'mutex' results in a dereference of a null pointer (loaded from variable 'temp')
o wrap_g_mutex_lock(temp->mutex);
o ^~~~
o 607| }
o 608| / Copy the server IP address to oa_info structure /
o 609|-> wrap_g_mutex_lock(temp->mutex);
o 610| memset(temp->server, 0, MAX_URL_LEN);
o 611| strncpy(temp->server, nw_info->ipAddress,
Defect type: COMPILER_WARNING ¶
o m_sockets = G_PRIVATE_INIT (g_free);
o ^
o 119| {
o 120| #if GLIB_CHECK_VERSION (2, 32, 0)
o 121|-> m_sockets = G_PRIVATE_INIT (g_free);
o 122| #else
o 123| wrap_g_static_private_init( &m_sockets );
Fixed in revision 7734.