Hi, Please find the latest report on new defect(s) introduced to cloudstack found with Coverity Scan.
6 new defect(s) introduced to cloudstack found with Coverity Scan. 5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 6 of 6 defect(s) ** CID 1256278: Dm: Dubious method used (FB.DM_DEFAULT_ENCODING) /server/src/com/cloud/user/AccountManagerImpl.java: 2061 in com.cloud.user.AccountManagerImpl.authenticateUser(java.lang.String, java.lang.String, java.lang.Long, java.net.InetAddress, java.util.Map)() /server/src/com/cloud/user/AccountManagerImpl.java: 2057 in com.cloud.user.AccountManagerImpl.authenticateUser(java.lang.String, java.lang.String, java.lang.Long, java.net.InetAddress, java.util.Map)() /server/src/com/cloud/user/AccountManagerImpl.java: 2059 in com.cloud.user.AccountManagerImpl.authenticateUser(java.lang.String, java.lang.String, java.lang.Long, java.net.InetAddress, java.util.Map)() ** CID 1256277: SBSC: String concatenation in loop using + operator (FB.SBSC_USE_STRINGBUFFER_CONCATENATION) /server/src/com/cloud/user/AccountManagerImpl.java: 2042 in com.cloud.user.AccountManagerImpl.authenticateUser(java.lang.String, java.lang.String, java.lang.Long, java.net.InetAddress, java.util.Map)() ** CID 1256276: WMI: Inefficient Map Iterator (FB.WMI_WRONG_MAP_ITERATOR) /server/src/com/cloud/user/AccountManagerImpl.java: 2013 in com.cloud.user.AccountManagerImpl.authenticateUser(java.lang.String, java.lang.String, java.lang.Long, java.net.InetAddress, java.util.Map)() ** CID 1256275: Resource leak (RESOURCE_LEAK) /engine/schema/src/com/cloud/upgrade/dao/Upgrade442to450.java: 237 in com.cloud.upgrade.dao.Upgrade442to450.updateSystemVmTemplates(java.sql.Connection)() /engine/schema/src/com/cloud/upgrade/dao/Upgrade442to450.java: 291 in com.cloud.upgrade.dao.Upgrade442to450.updateSystemVmTemplates(java.sql.Connection)() /engine/schema/src/com/cloud/upgrade/dao/Upgrade442to450.java: 266 in com.cloud.upgrade.dao.Upgrade442to450.updateSystemVmTemplates(java.sql.Connection)() ** CID 1256274: Resource leak on an exceptional path (RESOURCE_LEAK) /engine/schema/src/com/cloud/upgrade/dao/Upgrade442to450.java: 115 in com.cloud.upgrade.dao.Upgrade442to450.upgradeMemoryOfVirtualRoutervmOffering(java.sql.Connection)() ** CID 1256273: Resource leak on an exceptional path (RESOURCE_LEAK) /engine/schema/src/com/cloud/upgrade/dao/Upgrade442to450.java: 157 in com.cloud.upgrade.dao.Upgrade442to450.upgradeMemoryOfInternalLoadBalancervmOffering(java.sql.Connection)() ________________________________________________________________________________________________________ *** CID 1256278: Dm: Dubious method used (FB.DM_DEFAULT_ENCODING) /server/src/com/cloud/user/AccountManagerImpl.java: 2061 in com.cloud.user.AccountManagerImpl.authenticateUser(java.lang.String, java.lang.String, java.lang.Long, java.net.InetAddress, java.util.Map)() 2055 2056 Mac mac = Mac.getInstance("HmacSHA1"); 2057 SecretKeySpec keySpec = new SecretKeySpec(key.getBytes(), "HmacSHA1"); 2058 mac.init(keySpec); 2059 mac.update(unsignedRequest.getBytes()); 2060 byte[] encryptedBytes = mac.doFinal(); >>> CID 1256278: Dm: Dubious method used (FB.DM_DEFAULT_ENCODING) >>> Found reliance on default encoding: new String(byte[]) 2061 String computedSignature = new String(Base64.encodeBase64(encryptedBytes)); 2062 boolean equalSig = signature.equals(computedSignature); 2063 if (!equalSig) { 2064 s_logger.info("User signature: " + signature + " is not equaled to computed signature: " + computedSignature); 2065 } else { 2066 user = _userAccountDao.getUserAccount(username, domainId); /server/src/com/cloud/user/AccountManagerImpl.java: 2057 in com.cloud.user.AccountManagerImpl.authenticateUser(java.lang.String, java.lang.String, java.lang.Long, java.net.InetAddress, java.util.Map)() 2051 return null; 2052 } 2053 2054 unsignedRequest = unsignedRequest.toLowerCase(); 2055 2056 Mac mac = Mac.getInstance("HmacSHA1"); >>> CID 1256278: Dm: Dubious method used (FB.DM_DEFAULT_ENCODING) >>> Found reliance on default encoding: String.getBytes() 2057 SecretKeySpec keySpec = new SecretKeySpec(key.getBytes(), "HmacSHA1"); 2058 mac.init(keySpec); 2059 mac.update(unsignedRequest.getBytes()); 2060 byte[] encryptedBytes = mac.doFinal(); 2061 String computedSignature = new String(Base64.encodeBase64(encryptedBytes)); 2062 boolean equalSig = signature.equals(computedSignature); /server/src/com/cloud/user/AccountManagerImpl.java: 2059 in com.cloud.user.AccountManagerImpl.authenticateUser(java.lang.String, java.lang.String, java.lang.Long, java.net.InetAddress, java.util.Map)() 2053 2054 unsignedRequest = unsignedRequest.toLowerCase(); 2055 2056 Mac mac = Mac.getInstance("HmacSHA1"); 2057 SecretKeySpec keySpec = new SecretKeySpec(key.getBytes(), "HmacSHA1"); 2058 mac.init(keySpec); >>> CID 1256278: Dm: Dubious method used (FB.DM_DEFAULT_ENCODING) >>> Found reliance on default encoding: String.getBytes() 2059 mac.update(unsignedRequest.getBytes()); 2060 byte[] encryptedBytes = mac.doFinal(); 2061 String computedSignature = new String(Base64.encodeBase64(encryptedBytes)); 2062 boolean equalSig = signature.equals(computedSignature); 2063 if (!equalSig) { 2064 s_logger.info("User signature: " + signature + " is not equaled to computed signature: " + computedSignature); ________________________________________________________________________________________________________ *** CID 1256277: SBSC: String concatenation in loop using + operator (FB.SBSC_USE_STRINGBUFFER_CONCATENATION) /server/src/com/cloud/user/AccountManagerImpl.java: 2042 in com.cloud.user.AccountManagerImpl.authenticateUser(java.lang.String, java.lang.String, java.lang.Long, java.net.InetAddress, java.util.Map)() 2036 } 2037 } 2038 2039 if (unsignedRequest == null) { 2040 unsignedRequest = paramName + "=" + URLEncoder.encode(paramValue, "UTF-8").replaceAll("\\+", "%20"); 2041 } else { >>> CID 1256277: SBSC: String concatenation in loop using + operator >>> (FB.SBSC_USE_STRINGBUFFER_CONCATENATION) >>> com.cloud.user.AccountManagerImpl.authenticateUser(String, String, >>> Long, InetAddress, Map) concatenates strings using + in a loop 2042 unsignedRequest = unsignedRequest + "&" + paramName + "=" + URLEncoder.encode(paramValue, "UTF-8").replaceAll("\\+", "%20"); 2043 } 2044 } 2045 } 2046 2047 if ((signature == null) || (timestamp == 0L)) { ________________________________________________________________________________________________________ *** CID 1256276: WMI: Inefficient Map Iterator (FB.WMI_WRONG_MAP_ITERATOR) /server/src/com/cloud/user/AccountManagerImpl.java: 2013 in com.cloud.user.AccountManagerImpl.authenticateUser(java.lang.String, java.lang.String, java.lang.Long, java.net.InetAddress, java.util.Map)() 2007 2008 Collections.sort(parameterNames); 2009 2010 try { 2011 for (String paramName : parameterNames) { 2012 // parameters come as name/value pairs in the form String/String[] >>> CID 1256276: WMI: Inefficient Map Iterator (FB.WMI_WRONG_MAP_ITERATOR) >>> com.cloud.user.AccountManagerImpl.authenticateUser(String, String, >>> Long, InetAddress, Map) makes inefficient use of keySet iterator instead of >>> entrySet iterator 2013 String paramValue = ((String[])requestParameters.get(paramName))[0]; 2014 2015 if ("signature".equalsIgnoreCase(paramName)) { 2016 signature = paramValue; 2017 } else { 2018 if ("timestamp".equalsIgnoreCase(paramName)) { ________________________________________________________________________________________________________ *** CID 1256275: Resource leak (RESOURCE_LEAK) /engine/schema/src/com/cloud/upgrade/dao/Upgrade442to450.java: 237 in com.cloud.upgrade.dao.Upgrade442to450.updateSystemVmTemplates(java.sql.Connection)() 231 }; 232 233 for (Map.Entry<Hypervisor.HypervisorType, String> hypervisorAndTemplateName : NewTemplateNameList.entrySet()){ 234 s_logger.debug("Updating " + hypervisorAndTemplateName.getKey() + " System Vms"); 235 try { 236 //Get 4.5.0 system Vm template Id for corresponding hypervisor >>> CID 1256275: Resource leak (RESOURCE_LEAK) >>> Overwriting "pstmt" in "pstmt = conn.prepareStatement("select id from >>> `cloud`.`vm_template` where name = ? and removed is null order by id desc >>> limit 1")" leaks the resource that "pstmt" refers to. 237 pstmt = conn.prepareStatement("select id from `cloud`.`vm_template` where name = ? and removed is null order by id desc limit 1"); 238 pstmt.setString(1, hypervisorAndTemplateName.getValue()); 239 rs = pstmt.executeQuery(); 240 if(rs.next()){ 241 long templateId = rs.getLong(1); 242 rs.close(); /engine/schema/src/com/cloud/upgrade/dao/Upgrade442to450.java: 291 in com.cloud.upgrade.dao.Upgrade442to450.updateSystemVmTemplates(java.sql.Connection)() 285 if (pstmt != null) { 286 pstmt.close(); 287 } 288 } catch (SQLException e) { 289 } 290 } >>> CID 1256275: Resource leak (RESOURCE_LEAK) >>> Variable "pstmt" going out of scope leaks the resource it refers to. 291 } 292 293 294 private void dropInvalidKeyFromStoragePoolTable(Connection conn) { 295 HashMap<String, List<String>> uniqueKeys = new HashMap<String, List<String>>(); 296 List<String> keys = new ArrayList<String>(); /engine/schema/src/com/cloud/upgrade/dao/Upgrade442to450.java: 266 in com.cloud.upgrade.dao.Upgrade442to450.updateSystemVmTemplates(java.sql.Connection)() 260 } else { 261 if (hypervisorsListInUse.contains(hypervisorAndTemplateName.getKey())){ 262 throw new CloudRuntimeException("4.5.0 " + hypervisorAndTemplateName.getKey() + " SystemVm template not found. Cannot upgrade system Vms"); 263 } else { 264 s_logger.warn("4.5.0 " + hypervisorAndTemplateName.getKey() + " SystemVm template not found. " + hypervisorAndTemplateName.getKey() + " hypervisor is not used, so not failing upgrade"); 265 // Update the latest template URLs for corresponding hypervisor >>> CID 1256275: Resource leak (RESOURCE_LEAK) >>> Overwriting "pstmt" in "pstmt = conn.prepareStatement("UPDATE >>> `cloud`.`vm_template` SET url = ? , checksum = ? WHERE hypervisor_type = ? >>> AND type = 'SYSTEM' AND removed is null order by id desc limit 1")" leaks >>> the resource that "pstmt" refers to. 266 pstmt = conn.prepareStatement("UPDATE `cloud`.`vm_template` SET url = ? , checksum = ? WHERE hypervisor_type = ? AND type = 'SYSTEM' AND removed is null order by id desc limit 1"); 267 pstmt.setString(1, newTemplateUrl.get(hypervisorAndTemplateName.getKey())); 268 pstmt.setString(2, newTemplateChecksum.get(hypervisorAndTemplateName.getKey())); 269 pstmt.setString(3, hypervisorAndTemplateName.getKey().toString()); 270 pstmt.executeUpdate(); 271 pstmt.close(); ________________________________________________________________________________________________________ *** CID 1256274: Resource leak on an exceptional path (RESOURCE_LEAK) /engine/schema/src/com/cloud/upgrade/dao/Upgrade442to450.java: 115 in com.cloud.upgrade.dao.Upgrade442to450.upgradeMemoryOfVirtualRoutervmOffering(java.sql.Connection)() 109 updatePstmt.close(); 110 } 111 } catch (SQLException e) { 112 } 113 } 114 s_logger.debug("Done upgrading RAM for service offering of domain router to " + newRamSize); >>> CID 1256274: Resource leak on an exceptional path (RESOURCE_LEAK) >>> Variable "updatePstmt" going out of scope leaks the resource it refers >>> to. 115 } 116 117 private void upgradeMemoryOfInternalLoadBalancervmOffering(Connection conn) { 118 PreparedStatement updatePstmt = null; 119 PreparedStatement selectPstmt = null; 120 ResultSet selectResultSet = null; ________________________________________________________________________________________________________ *** CID 1256273: Resource leak on an exceptional path (RESOURCE_LEAK) /engine/schema/src/com/cloud/upgrade/dao/Upgrade442to450.java: 157 in com.cloud.upgrade.dao.Upgrade442to450.upgradeMemoryOfInternalLoadBalancervmOffering(java.sql.Connection)() 151 updatePstmt.close(); 152 } 153 } catch (SQLException e) { 154 } 155 } 156 s_logger.debug("Done upgrading RAM for service offering of internal loadbalancer vm to " + newRamSize); >>> CID 1256273: Resource leak on an exceptional path (RESOURCE_LEAK) >>> Variable "updatePstmt" going out of scope leaks the resource it refers >>> to. 157 } 158 159 @Override 160 public File[] getCleanupScripts() { 161 String script = Script.findScript("", "db/schema-442to450-cleanup.sql"); 162 if (script == null) { ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/943?tab=overview To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py