On Fri, 2009-08-07 at 15:35 +0200, Chris Lalancette wrote: > Matthias Bolte wrote: > > Hi, > > > > I came across this line in the phypOpen function: > > > > char string[strlen(conn->uri->path)]; > > > > Here the path part of the given URI is used without checking it for > > NULL, this can cause a segfault as strlen expects a string != NULL. > > Heh, it's worse than that; there is a check later on for !conn || !conn->uri, so > you are potentially de-referencing a NULL pointer. > > > Beside that uuid_db and connection_data leak in case of an error. > > > > In this line > > > > conn->uri->path = string; > > > > the original path of the URI leaks. The patch adds a VIR_FREE call > > before setting the new path. > > > > The attached patch is compile-tested but I don't have a Power > > Hypervisor installation at hand to test it for real. > > I also don't have a Power Hypervisor, but it looks sane enough to me. I'll say > ACK, but it's probably a good idea to get someone who has Power to test it > before you commit. > I tested with some Power machines I have over here and it is ACK for me. []'s -- Eduardo Otubo Software Engineer Linux Technology Center IBM Systems & Technology Group Mobile: +55 19 8135 0885 otubo@xxxxxxxxxxxxxxxxxx -- Libvir-list mailing list Libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list