On 25.02.21 18:41, Julien Grall wrote:
From: Julien Grall <jgr...@amazon.com>The function lu_close_dump_state() will use talloc_asprintf() without checking whether the allocation succeeded. In the unlikely case we are out of memory, we would dereference a NULL pointer. As we already computed the filename in lu_get_dump_state(), we can store the name in the lu_dump_state. This is avoiding to deal with memory file in the close path and also reduce the risk to use the different filename. This bug was discovered and resolved using Coverity Static Analysis Security Testing (SAST) by Synopsys, Inc. Fixes: c0dc6a3e7c41 ("tools/xenstore: read internal state when doing live upgrade") Signed-off-by: Julien Grall <jgr...@amazon.com>
Reviewed-by: Juergen Gross <jgr...@suse.com> Juergen
OpenPGP_0xB0DE9DD628BF132F.asc
Description: application/pgp-keys
OpenPGP_signature
Description: OpenPGP digital signature
