On 04/02/2014 06:44 AM, Ján Tomko wrote: > Every security driver has domainGenSecurityLabel defined. As currently written. But Dan wrote the manager to be flexible to future drivers that omit obvious functions. This patch makes sense for silencing Coverity, but I think it is incomplete unless you also fix the registration with the manager to forcefully require that all drivers supply callback functions that we are going to blindly assume exist, rather than the current status quo of allowing a driver to omit callbacks even if none of them do. That is, virSecurityManagerNewDriver() should be taught to require drv->domainGenSecurityLabel is non-NULL. > > Coverity complains about a possible leak of seclabel if > !sec_managers[i]->drv->domainGenSecurityLabel is true > and the seclabel might be overwritten by the next iteration > of the loop. > --- > src/security/security_manager.c | 28 ++++++++++++---------------- > 1 file changed, 12 insertions(+), 16 deletions(-) > -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list