Assorted coverity fixes (#39355)

52aa1c6b27

TEST-75-RESOLVED.sh[116]: + keymgr . generate algorithm=ECDSAP256SHA256 ksk=yes zsk=yes
TEST-75-RESOLVED.sh[454]: /usr/lib/systemd/tests/testdata/units/TEST-75-RESOLVED.sh: line 153: keymgr: command not found

.github/workflows/codeql.yml

@@ -50,7 +50,14 @@ jobs:
         languages: ${{ matrix.language }}
         config-file: ./.github/codeql-config.yml
 
-    - run: sudo -E .github/workflows/unit-tests.sh SETUP
+    - run: |
+        sudo -E .github/workflows/unit-tests.sh SETUP
+        # TODO: drop after we switch to ubuntu 26.04
+        bpftool_binary=$(find /usr/lib/linux-tools/ /usr/lib/linux-tools-* -name 'bpftool' -perm /u=x 2>/dev/null | sort -r | head -n1)
+        if [ -n "$bpftool_binary" ]; then
+          sudo rm -f /usr/bin/bpftool
+          sudo ln -s "$bpftool_binary" /usr/bin/
+        fi
 
     - name: Autobuild
       uses: github/codeql-action/autobuild@51f77329afa6477de8c49fc9c7046c15b9a4e79d

mkosi/mkosi.conf.d/fedora/mkosi.conf.d/knot.conf

@@ -0,0 +1,12 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+
+# New package needed for TEST-75-RESOLVED
+
+[Match]
+Release=!40
+Release=!41
+Release=!42
+Release=!43
+
+[Content]
+Packages=knot-keymgr

src/basic/efivars.c

@@ -155,9 +155,8 @@ int efi_get_variable(
 }
 
 int efi_get_variable_string(const char *variable, char **ret) {
-        _cleanup_free_ void *s = NULL;
+        _cleanup_free_ void *s = NULL, *x = NULL;
         size_t ss = 0;
-        char *x;
         int r;
 
         assert(variable);
@@ -171,7 +170,7 @@ int efi_get_variable_string(const char *variable, char **ret) {
                 return -ENOMEM;
 
         if (ret)
-                *ret = x;
+                *ret = TAKE_PTR(x);
 
         return 0;
 }

src/basic/log.h

@@ -192,15 +192,21 @@ int log_dump_internal(
 
 #if BUILD_MODE_DEVELOPER && !defined(TEST_CODE)
 #  define ASSERT_NON_ZERO(x) assert((x) != 0)
+#  define ASSERT_UNDERFLOW(x) assert((x) >= INT_MIN)
 #else
 #  define ASSERT_NON_ZERO(x)
+#  define ASSERT_UNDERFLOW(x)
 #endif
 
+/* We often call log macros with ssize_t instead of int, so check for underflows,
+ * as ssize_t is not guaranteed to be the same as int, and we usually do
+ * 'return log_errno...' from functions that return 'int' */
 #define log_full_errno(level, error, ...)                               \
         ({                                                              \
-                int _error = (error);                                   \
+                int64_t _error = (error);                               \
+                ASSERT_UNDERFLOW(_error);                               \
                 ASSERT_NON_ZERO(_error);                                \
-                log_full_errno_zerook(level, _error, __VA_ARGS__);      \
+                log_full_errno_zerook(level, (int)_error, __VA_ARGS__); \
         })
 
 #define log_full(level, fmt, ...)                                      \

src/shared/blockdev-list.c

@@ -111,7 +111,8 @@ int blockdev_list(BlockDevListFlags flags, BlockDevice **ret_devices, size_t *re
                         if (r < 0)
                                 log_debug_errno(r, "Failed to acquire size of device '%s', ignoring: %m", node);
                         else
-                                size *= 512; /* the 'size' sysattr is always in multiples of 512, even on 4K sector block devices! */
+                                /* the 'size' sysattr is always in multiples of 512, even on 4K sector block devices! */
+                                assert_se(MUL_ASSIGN_SAFE(&size, 512)); /* Overflow check for coverity */
 
                         if (size == 0 && FLAGS_SET(flags, BLOCKDEV_LIST_IGNORE_EMPTY)) {
                                 log_debug("Device '%s' has a zero size, assuming drive without a medium, skipping.", node);

src/shared/bpf-dlopen.c

@@ -49,6 +49,8 @@ DLSYM_PROTOTYPE(ring_buffer__free) = NULL;
 DLSYM_PROTOTYPE(ring_buffer__new) = NULL;
 DLSYM_PROTOTYPE(ring_buffer__poll) = NULL;
 
+static void* bpf_dl = NULL;
+
 /* new symbols available from libbpf 0.7.0 */
 int (*sym_bpf_map_create)(enum bpf_map_type,  const char *, __u32, __u32, __u32, const struct bpf_map_create_opts *);
 struct bpf_map* (*sym_bpf_object__next_map)(const struct bpf_object *obj, const struct bpf_map *map);
@@ -71,8 +73,8 @@ static int bpf_print_func(enum libbpf_print_level level, const char *fmt, va_lis
 }
 
 int dlopen_bpf_full(int log_level) {
+        _cleanup_(dlclosep) void *dl = NULL;
         static int cached = 0;
-        void *dl;
         int r;
 
         if (cached != 0)
@@ -177,6 +179,8 @@ int dlopen_bpf_full(int log_level) {
 
         REENABLE_WARNING;
 
+        bpf_dl = TAKE_PTR(dl);
+
         return cached = true;
 }
 

src/shared/dissect-image.c

@@ -4555,8 +4555,6 @@ int verity_dissect_and_mount(
                 _cleanup_strv_free_ char **extension_release = NULL;
                 ImageClass class = IMAGE_SYSEXT;
 
-                assert(!isempty(extension_release_data->os_release_id));
-
                 r = load_extension_release_pairs(dest, required_class >= 0 ? required_class : IMAGE_SYSEXT, dissected_image->image_name, relax_extension_release_check, &extension_release);
                 if (r == -ENOENT) {
                         if (required_class >= 0)

src/test/test-json.c

@@ -667,6 +667,7 @@ static void test_float_match(sd_json_variant *v) {
         assert_se(fabs(1.0 - (DBL_MIN / 2 / sd_json_variant_real(sd_json_variant_by_index(v, 9)))) <= delta);
         assert_se(sd_json_variant_is_real(sd_json_variant_by_index(v, 10)) &&
                   !sd_json_variant_is_integer(sd_json_variant_by_index(v, 10)));
+        assert_se(!iszero_safe(sd_json_variant_real(sd_json_variant_by_index(v, 10))));
         assert_se(fabs(1.0 - (-DBL_MIN / 2 / sd_json_variant_real(sd_json_variant_by_index(v, 10)))) <= delta);
 }