Re: [linux-agent v3 2/4] x11-randr: Improve argument check

Frediano Ziglio <fziglio@xxxxxxxxxx> · Wed, 19 Dec 2018 09:47:14 -0500 (EST)

> 
> From: Victor Toso <me@xxxxxxxxxxxxxx>
> 
> In the current code, output should never be negative but the check
> exists after we use the variable as index. Make the check earlier.
> 
> This patch also breaks the check in two in order to provide more
> accurate error log.
> 
> Found by coverity:
>   | check_after_sink: You might be using variable "output" before
>   | verifying that it is >= 0.
> 
> Changes in v2:
> - Move overflow check before accessing the arrays (Frediano)
> 
> Changes in v3:
> - Move the whole check before accessing the arrays.
> - Improve commit log.
> 
> Signed-off-by: Victor Toso <victortoso@xxxxxxxxxx>
> ---
>  src/vdagent/x11-randr.c | 16 +++++++++++-----
>  1 file changed, 11 insertions(+), 5 deletions(-)
> 
> diff --git a/src/vdagent/x11-randr.c b/src/vdagent/x11-randr.c
> index c8e42c9..3a1eaac 100644
> --- a/src/vdagent/x11-randr.c
> +++ b/src/vdagent/x11-randr.c
> @@ -347,14 +347,20 @@ static int xrandr_add_and_set(struct vdagent_x11 *x11,
> int output, int x, int y,
>      int xid;
>      Status s;
>      RROutput outputs[1];
> -    int old_width  = x11->randr.monitor_sizes[output].width;
> -    int old_height = x11->randr.monitor_sizes[output].height;
> +    int old_width;
> +    int old_height;
>  
> -    if (!x11->randr.res || output >= x11->randr.res->noutput || output < 0)
> {
> -        syslog(LOG_ERR, "%s: program error: missing RANDR or bad output",
> -               __FUNCTION__);
> +    if (!x11->randr.res) {
> +        syslog(LOG_ERR, "%s: program error: missing RANDR", __FUNCTION__);
> +        return 0;
> +    } else if (output < 0 || output >= x11->randr.res->noutput) {

Why "else"? I remember some code callisthenics were suggesting to avoid the
"else". In this case if the previous "if" is true this code won't be executed
anyway.

> +        syslog(LOG_ERR, "%s: program error: bad output", __FUNCTION__);
>          return 0;
>      }
> +
> +    old_width  = x11->randr.monitor_sizes[output].width;
> +    old_height = x11->randr.monitor_sizes[output].height;
> +
>      if (x11->set_crtc_config_not_functional) {
>          /* fail, set_best_mode will find something close. */
>          return 0;

Otherwise,
  Acked-by: Frediano Ziglio <fziglio@xxxxxxxxxx>

Frediano
_______________________________________________
Spice-devel mailing list
Spice-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/spice-devel