On Thu, Feb 23, 2017 at 09:41:12AM +0100, Michal Privoznik wrote:
> On 02/22/2017 06:52 PM, Daniel P. Berrange wrote:
> > GCC 7 gets upset by
> >
> > if (!tmp && (size * count))
> >
> > warning
> >
> > util/viralloc.c: In function 'virReallocN':
> > util/viralloc.c:246:23: error: '*' in boolean context, suggest '&&' instead [-Werror=int-in-bool-context]
> > if (!tmp && (size * count)) {
> > ~~~~~~^~~~~~~~
> >
> > Keep it happy by adding != 0 to the right hand expression
> > so it realizes we really are wanting to treat the result
> > of the arithmetic expression as a boolean
> >
> > Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx>
> > ---
> > src/util/viralloc.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/src/util/viralloc.c b/src/util/viralloc.c
> > index 812aa5b..81f99d9 100644
> > --- a/src/util/viralloc.c
> > +++ b/src/util/viralloc.c
> > @@ -243,7 +243,7 @@ int virReallocN(void *ptrptr,
> > return -1;
> > }
> > tmp = realloc(*(void**)ptrptr, size * count);
> > - if (!tmp && (size * count)) {
> > + if (!tmp && ((size * count) != 0)) {
> > if (report)
> > virReportOOMErrorFull(domcode, filename, funcname, linenr);
> > return -1;
> >
>
> This is just stupid. I mean the warning, not your fix.
It is a warning that is certainly going to trigger a non-negligible
number of false positives across various codebases, but I don't think
it is stupid. The pattern it is looking for here with mixed integer
and boolean operators has been a repeated source of bugs in software
and a number of them have resulted in CVEs before when they've been
mis-handling untrusted input validation or breaking crypto algorithms,
etc.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
