[PATCH] sysinfo: fix parsing regression

Eric Blake <eblake@xxxxxxxxxx> · Tue, 28 Jun 2011 14:09:29 -0600

Detected by gcc -O2, introduced in commit 532ce9c2.  If dmidecode
outputs a field unrecognized by the parsers, then the code would
dereference an uninitialized eol variable.

* src/util/sysinfo.c (virSysinfoParseBIOS)
(virSysinfoParseSystem, virSysinfoParseProcessor)
(virSysinfoParseMemory): Avoid uninitialized variable.
---

I'm pushing this under the build-breaker rule.

It introduces a merge conflict with the (unapplied) patch here:
https://www.redhat.com/archives/libvir-list/2011-June/msg01356.html

but that patch needs to be rebased anyways.

 src/util/sysinfo.c |   14 ++++++++++----
 1 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/src/util/sysinfo.c b/src/util/sysinfo.c
index bff1cb8..d32f7f0 100644
--- a/src/util/sysinfo.c
+++ b/src/util/sysinfo.c
@@ -130,7 +130,7 @@ virSysinfoRead(void) {
 static char *
 virSysinfoParseBIOS(char *base, virSysinfoDefPtr ret)
 {
-    char *cur, *eol;
+    char *cur, *eol = NULL;

     if ((cur = strstr(base, "Vendor: ")) != NULL) {
         cur += 8;
@@ -157,7 +157,7 @@ virSysinfoParseBIOS(char *base, virSysinfoDefPtr ret)
             goto no_memory;
     }

-    return eol + 1;
+    return eol ? eol + 1 : NULL;

 no_memory:
     return NULL;
@@ -166,7 +166,7 @@ no_memory:
 static char *
 virSysinfoParseSystem(char *base, virSysinfoDefPtr ret)
 {
-    char *cur, *eol;
+    char *cur, *eol = NULL;

     if ((base = strstr(base, "System Information")) == NULL)
         return 0;
@@ -215,7 +215,7 @@ virSysinfoParseSystem(char *base, virSysinfoDefPtr ret)
             goto no_memory;
     }

-    return eol + 1;
+    return eol ? eol + 1 : NULL;

 no_memory:
     return NULL;
@@ -229,6 +229,7 @@ virSysinfoParseProcessor(char *base, virSysinfoDefPtr ret)

     while((tmp_base = strstr(base, "Processor Information")) != NULL) {
         base = tmp_base;
+        eol = NULL;

         if (VIR_EXPAND_N(ret->processor, ret->nprocessor, 1) < 0) {
             goto no_memory;
@@ -313,6 +314,8 @@ virSysinfoParseProcessor(char *base, virSysinfoDefPtr ret)
                 goto no_memory;
         }

+        if (!eol)
+            break;
         base = eol + 1;
     }

@@ -330,6 +333,7 @@ virSysinfoParseMemory(char *base, virSysinfoDefPtr ret)

     while ((tmp_base = strstr(base, "Memory Device")) != NULL) {
         base = tmp_base;
+        eol = NULL;

         if (VIR_EXPAND_N(ret->memory, ret->nmemory, 1) < 0) {
             goto no_memory;
@@ -411,6 +415,8 @@ virSysinfoParseMemory(char *base, virSysinfoDefPtr ret)
         }

     next:
+        if (!eol)
+            break;
         base = eol + 1;
     }

-- 
1.7.4.4

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list





