[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Libguestfs] [PATCH 12/13] Coverity: Don't return freed pointers from command* along error path.



If the external command failed to run, we could free up the allocated
*stdoutput and *stderror pointers, but then return those freed
pointers to the caller.  The caller usually tries to print and free
*stderror, so this is a serious error.

Instead, return *stdoutput as NULL, and *stderror pointing to a
generic error message.
---
 daemon/guestfsd.c |   16 ++++++++++++++--
 1 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/daemon/guestfsd.c b/daemon/guestfsd.c
index ceadfdb..116a6b9 100644
--- a/daemon/guestfsd.c
+++ b/daemon/guestfsd.c
@@ -779,8 +779,20 @@ commandrvf (char **stdoutput, char **stderror, int flags,
 
       perror ("select");
     quit:
-      if (stdoutput) free (*stdoutput);
-      if (stderror) free (*stderror);
+      if (stdoutput) {
+        free (*stdoutput);
+        *stdoutput = NULL;
+      }
+      if (stderror) {
+        free (*stderror);
+        /* Need to return non-NULL *stderror here since most callers
+         * will try to print and then free the err string.
+         * Unfortunately recovery from strdup failure here is not
+         * possible.
+         */
+        *stderror = strdup ("error running external command, "
+                            "see debug output for details");
+      }
       close (so_fd[0]);
       close (se_fd[0]);
       waitpid (pid, NULL, 0);
-- 
1.7.5.1


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]