On Wed, Jun 05, 2013 at 03:43:57PM +0200, Peter Krempa wrote:
> This patch implements the VIR_DOMAIN_VCPU_AGENT flag for the
> qemuDomainGetVcpusFlags() libvirt API implementation.
> ---
> src/qemu/qemu_driver.c | 60 ++++++++++++++++++++++++++++++++++++++++++++++----
> 1 file changed, 56 insertions(+), 4 deletions(-)
>
> diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
> index 3db21d4..2922fce 100644
> --- a/src/qemu/qemu_driver.c
> +++ b/src/qemu/qemu_driver.c
> @@ -4406,17 +4406,24 @@ static int
> qemuDomainGetVcpusFlags(virDomainPtr dom, unsigned int flags)
> {
> virQEMUDriverPtr driver = dom->conn->privateData;
> + qemuDomainObjPrivatePtr priv;
> virDomainObjPtr vm;
> virDomainDefPtr def;
> int ret = -1;
> virCapsPtr caps = NULL;
> + qemuAgentCPUInfoPtr cpuinfo = NULL;
> + int ncpuinfo;
This is not initialized here
> +
> + if (!virDomainObjIsActive(vm)) {
> + virReportError(VIR_ERR_OPERATION_INVALID, "%s",
> + _("domain is not running"));
> + goto endjob;
> + }
This 'goto' jumps over the only initialization of 'ncpuinfo':
> +
> + qemuDomainObjEnterAgent(vm);
> + ncpuinfo = qemuAgentGetVCPUs(priv->agent, &cpuinfo);
> + qemuDomainObjExitAgent(vm);
> +
> +endjob:
> + if (qemuDomainObjEndJob(driver, vm) == 0)
> + vm = NULL;
> +
> + if (ncpuinfo < 0)
> + goto cleanup;
So here you're accessing uninitialized memory.
CC libvirt_driver_qemu_impl_la-qemu_driver.lo
qemu/qemu_driver.c: In function 'qemuDomainGetVcpusFlags':
qemu/qemu_driver.c:4573:9: error: 'ncpuinfo' may be used uninitialized in this function [-Werror=maybe-uninitialized]
qemu/qemu_driver.c: At top level:
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list