Recent changes uncovered a NEGATIVE_RETURNS in the return from sysconf() when processing a for loop in virtTestCaptureProgramExecChild() in testutils.c Code review uncovered 3 other code paths with the same condition that weren't found by Covirity, so fixed those as well. --- src/lxc/lxc_container.c | 5 +++++ src/util/vircommand.c | 5 +++++ tests/commandhelper.c | 6 +++++- tests/testutils.c | 3 +++ 4 files changed, 18 insertions(+), 1 deletion(-) diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index 257cf93..0e3fa0b 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -247,6 +247,11 @@ static int lxcContainerSetStdio(int control, int ttyfd, int handshakefd) /* Just in case someone forget to set FD_CLOEXEC, explicitly * close all FDs before executing the container */ open_max = sysconf(_SC_OPEN_MAX); + if (open_max < 0) { + virReportSystemError(errno, "%s", + _("sysconf(_SC_OPEN_MAX) failed")); + goto cleanup; + } for (fd = 0; fd < open_max; fd++) if (fd != ttyfd && fd != control && fd != handshakefd) { int tmpfd = fd; diff --git a/src/util/vircommand.c b/src/util/vircommand.c index 3529f1a..033b55b 100644 --- a/src/util/vircommand.c +++ b/src/util/vircommand.c @@ -511,6 +511,11 @@ virExec(virCommandPtr cmd) } openmax = sysconf(_SC_OPEN_MAX); + if (openmax < 0) { + virReportSystemError(errno, "%s", + _("sysconf(_SC_OPEN_MAX) failed")); + goto fork_error; + } for (fd = 3; fd < openmax; fd++) { if (fd == childin || fd == childout || fd == childerr) continue; diff --git a/tests/commandhelper.c b/tests/commandhelper.c index 0c5aa82..296fbbb 100644 --- a/tests/commandhelper.c +++ b/tests/commandhelper.c @@ -58,6 +58,7 @@ static int envsort(const void *a, const void *b) { int main(int argc, char **argv) { size_t i, n; + int open_max; char **origenv; char **newenv; char *cwd; @@ -96,7 +97,10 @@ int main(int argc, char **argv) { fprintf(log, "ENV:%s\n", newenv[i]); } - for (i = 0; i < sysconf(_SC_OPEN_MAX); i++) { + open_max = sysconf(_SC_OPEN_MAX); + if (open_max < 0) + return EXIT_FAILURE; + for (i = 0; i < open_max; i++) { int f; int closed; if (i == fileno(log)) diff --git a/tests/testutils.c b/tests/testutils.c index ec0fe52..2fdf7b8 100644 --- a/tests/testutils.c +++ b/tests/testutils.c @@ -281,6 +281,9 @@ void virtTestCaptureProgramExecChild(const char *const argv[], goto cleanup; open_max = sysconf(_SC_OPEN_MAX); + if (open_max < 0) + goto cleanup; + for (i = 0; i < open_max; i++) { if (i != stdinfd && i != pipefd) { -- 1.8.1.4 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list