On Thu, Mar 30, 2006 at 06:43:10AM -0500, Daniel Veillard wrote: > On Thu, Mar 30, 2006 at 12:26:31PM +0200, Jim Meyering wrote: > > Hello, > > > > In browsing through the code, I noticed that there are many > > places in which the code doesn't check for malloc returning NULL. > > E.g., > > > > ./virsh.c: ids = malloc(sizeof(int) * maxid); > > ./virsh.c- virConnectListDomains(ctl->conn, &ids[0], maxid); > > Actually virConnectListDomains which is in the library will check > the pointer. It won't crash in the library ! > > ./virsh.c: *res = malloc(sz + 1); > > ./virsh.c- memcpy(*res, tkstr, sz); > > > > ./virsh.c: res = malloc(strlen(name) + 3); > > ./virsh.c- sprintf(res, "--%s", name); > > virsh.c is code for the command line tool, I would say it's less critical > there than in the library if malloc fails and it leads to a crash. > But I'm sure Karel and me will enjoy a patch to fix this. Well since it was trivial to catch those and exit I just spent the 2mn needed to add this, this is fixed in CVS. For XML-RPC I expect the code to be largely revamped before being integrated so I let it as is for the moment. Thanks, Daniel -- Daniel Veillard | Red Hat http://redhat.com/ veillard@xxxxxxxxxx | libxml GNOME XML XSLT toolkit http://xmlsoft.org/ http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/