On Fri, Oct 16, 2015 at 04:36:23PM +0200, Christophe Fergeau wrote: > While parsing the isoinfo files, we check if the current line starts > with some prefix, but then we skip one byte more when we pass the string > to osinfo_entity_set_param(). This accounts for a space which comes > right after the prefix. > It can happen that the line being parsed ends right after the prefix > with no additional space, in which case we'd be accessing invalid memory > when we try to skip the space. > This commit adds the additional space to the prefix check, and uses > strlen() rather than a hardcoded len when skipping the prefix later on. > > This fixes > ==10921== Conditional jump or move depends on uninitialised value(s) > ==10921== at 0x4C2BC29: strlen (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) > ==10921== by 0x6A6B222: g_strdup (gstrfuncs.c:362) > ==10921== by 0x553F4F2: osinfo_entity_set_param (osinfo_entity.c:190) > ==10921== by 0x402716: load_iso (test-isodetect.c:141) > ==10921== by 0x4029C7: load_distro (test-isodetect.c:203) > ==10921== by 0x402B3E: load_distros (test-isodetect.c:250) > ==10921== by 0x402C67: load_isos (test-isodetect.c:281) > ==10921== by 0x40306E: test_one (test-isodetect.c:329) > ==10921== by 0x4032E1: test_rhel (test-isodetect.c:367) > ==10921== by 0x532B78A: ??? (in /usr/lib64/libcheck.so.0.0.0) > ==10921== by 0x532BB7C: srunner_run (in /usr/lib64/libcheck.so.0.0.0) > ==10921== by 0x403A4C: main (test-isodetect.c:490) > --- > test/test-isodetect.c | 24 ++++++++++++------------ > 1 file changed, 12 insertions(+), 12 deletions(-) ACK to all 3 patches Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| _______________________________________________ Libosinfo mailing list Libosinfo@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libosinfo
