On 01/14/2014 10:43 PM, Eric Blake wrote: > Several APIs clear out a user input buffer before attempting to > populate it; but in a few cases we missed this memset if we > detect a reason for an early exit. Note that these APIs > check for non-NULL arguments, and exit early with an error > message when NULL is passed in; which means that we must be > careful to avoid a NULL deref in order to get to that error > message. Also, we were inconsistent on the use of > sizeof(virType) vs. sizeof(expression); the latter is more > robust if we ever change the type of the expression (although > such action is unlikely since these types are part of our > public API). > > * src/libvirt.c (virDomainGetInfo, virDomainGetBlockInfo) > (virStoragePoolGetInfo, virStorageVolGetInfo) > (virDomainGetJobInfo, virDomainGetBlockJobInfo): Move memset > before any returns. > > Signed-off-by: Eric Blake <[email protected]> > --- > > v2 avoid null deref, prefer sizeof(expr) > > src/libvirt.c | 29 +++++++++++++++++------------ > 1 file changed, 17 insertions(+), 12 deletions(-) >
> @@ -8449,12 +8450,12 @@ virDomainGetBlockInfo(virDomainPtr domain, const char
> *disk,
>
> virResetLastError();
>
if (info)
> + memset(info, 0, sizeof(*info));
> +
> virCheckDomainReturn(domain, -1);
> virCheckNonNullArgGoto(disk, error);
> virCheckNonNullArgGoto(info, error);
>
> - memset(info, 0, sizeof(virDomainBlockInfo));
> -
> conn = domain->conn;
>
> if (conn->driver->domainGetBlockInfo) {
Jan
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/libvir-list
