On 5/14/19 5:24 PM, Ilias Stamatis wrote:
On Tue, May 14, 2019 at 5:04 PM Michal Privoznik <mprivozn@xxxxxxxxxx> wrote:
On 5/14/19 12:50 PM, Ilias Stamatis wrote:
On Tue, May 14, 2019 at 12:40 PM John Ferlan <jferlan@xxxxxxxxxx> wrote:
On 5/13/19 9:04 AM, Ilias Stamatis wrote:
On Mon, May 13, 2019 at 2:38 PM Michal Privoznik <mprivozn@xxxxxxxxxx> wrote:
On 5/13/19 1:26 AM, Ilias Stamatis wrote:
Return the number of disks present in the configuration of the test
domain when called with @errors as NULL and @maxerrors as 0.
Otherwise report an error for every second disk, assigning available
error codes in a cyclic order.
Signed-off-by: Ilias Stamatis <stamatis.iliass@xxxxxxxxx>
---
src/test/test_driver.c | 42 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 42 insertions(+)
diff --git a/src/test/test_driver.c b/src/test/test_driver.c
index a06d1fc402..527c2f5d3b 100644
--- a/src/test/test_driver.c
+++ b/src/test/test_driver.c
@@ -3046,6 +3046,47 @@ static int testDomainSetAutostart(virDomainPtr domain,
return 0;
}
+static int testDomainGetDiskErrors(virDomainPtr dom,
+ virDomainDiskErrorPtr errors,
+ unsigned int maxerrors,
+ unsigned int flags)
+{
[...]
+ n++;
+ }
+ ret = n;
+ }
+
+ cleanup:
+ virDomainObjEndAPI(&vm);
+ if (ret < 0) {
+ for (i = 0; i < n; i++)
+ VIR_FREE(errors[i].disk);
+ }
The above got changed to :
+ cleanup:
+ virDomainObjEndAPI(&vm);
+ if (ret < 0) {
+ for (i = 0; i < MIN(vm->def->ndisks, maxerrors); i++)
+ VIR_FREE(errors[i].disk);
+ }
I think this change is incorrect and a bug lies in here.
If VIR_STRDUP fails above, memory for less than MIN(vm->def->ndisks,
maxerrors) will have been allocated, and then in the cleanup code
we'll call VIR_FREE with pointers that haven't been previously
allocated.
That isn't a problem. User has to passed an array that we can touch. If
they store some data in it, well, their fault - how are we supposed to
return anything if we can't touch the array?
I'm not sure I understand exactly what you mean.
We can touch the array of course.
What I'm saying is that we allocate memory with VIR_STRDUP for each
errors[i].disk, but if the call fails we free this memory on our own.
However how it is implemented now we might call VIR_FREE on pointers
for which we have *not* allocated any memory.
Because in the first loop, VIR_STRDUP might fail and send us to
"cleanup". But then on cleanup we iterate over the whole errors array.
Isn't this incorrect? Do I understand something wrong?
Ah, now I get it. If user passes an array that is not zeroed out then we
might end up passing a random pointer to free(). How about this then?
if (ret < 0) {
while (i > 0)
VIR_FREE(errors[i--].disk);
}
Michal
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
