[PATCHv2 1/6] maint: don't leave garbage on early API exit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Several APIs clear out a user input buffer before attempting to
populate it; but in a few cases we missed this memset if we
detect a reason for an early exit.  Note that these APIs
check for non-NULL arguments, and exit early with an error
message when NULL is passed in; which means that we must be
careful to avoid a NULL deref in order to get to that error
message.  Also, we were inconsistent on the use of
sizeof(virType) vs. sizeof(expression); the latter is more
robust if we ever change the type of the expression (although
such action is unlikely since these types are part of our
public API).

* src/libvirt.c (virDomainGetInfo, virDomainGetBlockInfo)
(virStoragePoolGetInfo, virStorageVolGetInfo)
(virDomainGetJobInfo, virDomainGetBlockJobInfo): Move memset
before any returns.

Signed-off-by: Eric Blake <eblake@xxxxxxxxxx>
---

v2 avoid null deref, prefer sizeof(expr)

 src/libvirt.c | 29 +++++++++++++++++------------
 1 file changed, 17 insertions(+), 12 deletions(-)

diff --git a/src/libvirt.c b/src/libvirt.c
index 87a4d46..6357c49 100644
--- a/src/libvirt.c
+++ b/src/libvirt.c
@@ -4144,11 +4144,12 @@ virDomainGetInfo(virDomainPtr domain, virDomainInfoPtr info)

     virResetLastError();

+    if (info)
+        memset(info, 0, sizeof(*info));
+
     virCheckDomainReturn(domain, -1);
     virCheckNonNullArgGoto(info, error);

-    memset(info, 0, sizeof(virDomainInfo));
-
     conn = domain->conn;

     if (conn->driver->domainGetInfo) {
@@ -8449,12 +8450,12 @@ virDomainGetBlockInfo(virDomainPtr domain, const char *disk,

     virResetLastError();

+    memset(info, 0, sizeof(*info));
+
     virCheckDomainReturn(domain, -1);
     virCheckNonNullArgGoto(disk, error);
     virCheckNonNullArgGoto(info, error);

-    memset(info, 0, sizeof(virDomainBlockInfo));
-
     conn = domain->conn;

     if (conn->driver->domainGetBlockInfo) {
@@ -13082,11 +13083,12 @@ virStoragePoolGetInfo(virStoragePoolPtr pool,

     virResetLastError();

+    if (info)
+        memset(info, 0, sizeof(*info));
+
     virCheckStoragePoolReturn(pool, -1);
     virCheckNonNullArgGoto(info, error);

-    memset(info, 0, sizeof(virStoragePoolInfo));
-
     conn = pool->conn;

     if (conn->storageDriver->storagePoolGetInfo) {
@@ -13951,11 +13953,12 @@ virStorageVolGetInfo(virStorageVolPtr vol,

     virResetLastError();

+    if (info)
+        memset(info, 0, sizeof(*info));
+
     virCheckStorageVolReturn(vol, -1);
     virCheckNonNullArgGoto(info, error);

-    memset(info, 0, sizeof(virStorageVolInfo));
-
     conn = vol->conn;

     if (conn->storageDriver->storageVolGetInfo){
@@ -17240,11 +17243,12 @@ virDomainGetJobInfo(virDomainPtr domain, virDomainJobInfoPtr info)

     virResetLastError();

+    if (info)
+        memset(info, 0, sizeof(*info));
+
     virCheckDomainReturn(domain, -1);
     virCheckNonNullArgGoto(info, error);

-    memset(info, 0, sizeof(virDomainJobInfo));
-
     conn = domain->conn;

     if (conn->driver->domainGetJobInfo) {
@@ -19379,14 +19383,15 @@ virDomainGetBlockJobInfo(virDomainPtr dom, const char *disk,

     virResetLastError();

+    if (info)
+        memset(info, 0, sizeof(*info));
+
     virCheckDomainReturn(dom, -1);
     conn = dom->conn;

     virCheckNonNullArgGoto(disk, error);
     virCheckNonNullArgGoto(info, error);

-    memset(info, 0, sizeof(*info));
-
     if (conn->driver->domainGetBlockJobInfo) {
         int ret;
         ret = conn->driver->domainGetBlockJobInfo(dom, disk, info, flags);
-- 
1.8.4.2

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]