2011/5/18 Daniel P. Berrange <berrange@xxxxxxxxxx>:
> strerror_r() is free to not set any error string, if the passed
> errno is not valid. It may, however, still return a pointer to
> the original passed in buffer. This resulting in random garbage
> from the stack being present as the error string.
>
> To reliably detect case where no error string is set, pre-init
> the buffer to all-zeros, and then check for empty string after
> calling sterror_r
>
> * src/util/virterror.c: Ensure virStrerror always sets an
> Âerror string
> ---
> Âsrc/util/virterror.c | Â Â4 ++++
> Â1 files changed, 4 insertions(+), 0 deletions(-)
>
> diff --git a/src/util/virterror.c b/src/util/virterror.c
> index 2d7309a..eff8468 100644
> --- a/src/util/virterror.c
> +++ b/src/util/virterror.c
> @@ -1267,9 +1267,13 @@ const char *virStrerror(int theerrno, char *errBuf, size_t errBufLen)
> Â Â int save_errno = errno;
> Â Â const char *ret;
>
> + Â Âmemset(errBuf, 0, errBufLen);
> Â Â strerror_r(theerrno, errBuf, errBufLen);
> Â Â ret = errBuf;
> Â Â errno = save_errno;
> +
> + Â Âif (ret[0] == '\0')
> + Â Â Â Âstrncpy(errBuf, _("Unknown errno"), errBufLen);
> Â Â return ret;
> Â}
>
> --
> 1.7.4.4
I wonder in what situation you managed to notice this problem :)
This doesn't pass make syntax-check because of strncpy. virStrncpy
should be used instead, but this might result in not setting any error
string at all when the buffer is to small. On the other hand we
commonly use 1k buffers with virStrerror.
Matthias
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list