Re: [libvirt] [Resend][PATCH 1/3] Add dnsmasq module

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Satoru SATOH wrote:
> This patch adds the files implements dnsmasq (hostsfile) module.

Here is some feedback not on the overall structure or utility,
but more on a few implementation details that stood out.

...
> diff --git a/src/util/dnsmasq.c b/src/util/dnsmasq.c
...
> +static void
> +dhcphostFree(dnsmasqDhcpHost *host)
> +{
> +    VIR_FREE(host->host);
> +}
> +
> +static void
> +hostsfileFree(dnsmasqHostsfile *hostsfile)
> +{
> +    int i;

Making that
  unsigned int i;
is slightly better (if possible[*]),
since it's obvious "i" will never need to be signed.

[*] whether it is possible depends on the type of the nhosts
member and the set of gcc warnings enabled.  Build with
--enable-compile-warnings=error to check.

> +
> +    if (hostsfile->hosts) {
> +        for (i = 0; i < hostsfile->nhosts; i++)
> +            dhcphostFree(&hostsfile->hosts[i]);
> +
> +        VIR_FREE(hostsfile->hosts);
> +
> +        hostsfile->nhosts = 0;
> +    }
> +
> +    hostsfile->path[0] = '\0';
> +
> +    VIR_FREE(hostsfile);
> +}
...

> +static dnsmasqHostsfile *
> +hostsfileNew(const char *name,
> +             const char *config_dir)
> +{
> +    int err;
> +    dnsmasqHostsfile *hostsfile;
> +
> +    if (VIR_ALLOC(hostsfile) < 0)
> +        return NULL;
> +
> +    hostsfile->hosts = NULL;
> +    hostsfile->nhosts = 0;
> +
> +    if ((err = virFileMakePath(config_dir))) {
> +        virReportSystemError(err, _("cannot create config directory '%s'"),
> +            config_dir);
> +        goto error;
> +    }
> +
> +    if (virFileBuildPath(config_dir, name, ".hostsfile", hostsfile->path,
> +            sizeof(hostsfile->path)) < 0) {
> +        virReportSystemError(err,
> +            _("config filename '%s/%s.%s' is too long"),
> +            config_dir, name, ".hostsfile");
> +        goto error;
> +    }
> +
> +    return hostsfile;
> +
> + error:
> +    hostsfileFree(hostsfile);
> +    return NULL;
> +}
> +
> +static int
> +hostsfileWrite(const char *path, dnsmasqDhcpHost *hosts, int nhosts)
> +{
> +    char tmp[PATH_MAX];

It's good to avoid use of PATH_MAX.
Declare it like this instead, ...

    char *tmp;

> +    FILE *f;
> +    int istmp;
> +    int i;
> +
> +    if (nhosts == 0 && unlink(path) == 0)
> +        return 0;
> +
> +    if (snprintf(tmp, PATH_MAX, "%s.new", path) >= PATH_MAX)
> +        return EINVAL;

... and here, use virAsprintf instead of snprintf.
If the name ends up being too long, you'll catch it when fopen fails.

> +    istmp = 1;
> +
> +    if (!(f = fopen(tmp, "w"))) {
> +        istmp = 0;
> +        if (!(f = fopen(path, "w")))
> +            return errno;
> +    }
> +
> +    for (i = 0; i < nhosts; i++) {
> +        if (fputs(hosts[i].host, f) == EOF || fputc('\n', f) == EOF) {
> +            fclose(f);

fclose may well clobber the fputs-set errno.
Save it, with this, just before the fclose.

  int saved_errno = errno

> +            if (istmp)
> +                unlink(tmp);

unlink may clobber errno, too.
So here, you should use "return saved_errno;"

> +            return errno;
> +        }
> +    }
> +
> +    fclose(f);

The fputs calls can succeed, yet fclose's write or close
can still fail.  So you must check for fclose failure, too.

> +
> +    if (istmp && rename(tmp, path) < 0) {

Save errno here too, so unlink can't clobber it.

    int saved_errno = errno

> +        unlink(tmp);
> +        return errno;

and use saved_errno here.

> +    }
> +
> +    if (istmp)
> +        unlink(tmp);
> +
> +    return 0;
> +}

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list

[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]