This ends up being a very bizarre false positive. With an assist from
eblake, the claim is that mgetgroups() could return a -1 value, but yet
still have a groups buffer allocated, yet the example shown doesn't
seem to prove that.
Rather than fret about it, by adding a well placed sa_assert() on the
returned *list value we can "assure" ourselves that the mgetgroups()
failure path won't signal this condition.
Signed-off-by: John Ferlan <jferlan@xxxxxxxxxx>
---
src/util/virutil.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/util/virutil.c b/src/util/virutil.c
index 8d2f62a..5197969 100644
--- a/src/util/virutil.c
+++ b/src/util/virutil.c
@@ -1063,6 +1063,7 @@ virGetGroupList(uid_t uid, gid_t gid, gid_t **list)
ret = mgetgroups(user, primary, list);
if (ret < 0) {
+ sa_assert(!*list);
virReportSystemError(errno,
_("cannot get group list for '%s'"), user);
goto cleanup;
--
1.9.3
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list