[Libguestfs] [PATCH] python: fix possible free on uninit memory with OStringList optargs

[Pino Toscano]

When using optional arguments of type OStringList, the code free'ing
the member in the optargs_s struct corresponding to that optional
argument would just check for a non-PyNone PyObject for that argument.
If before that optional argument there are other arguments which can
cause an earlier error return from that binding function, the free'ing
code will then act on garbage values.

Enhance the check by also checking whether the optargs struct has the
bitmask with the element for that argument, meaning that the
corresponding struct member was initialized.
---
 generator/python.ml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/generator/python.ml b/generator/python.ml
index 72bc8a0..a763104 100644
--- a/generator/python.ml
+++ b/generator/python.ml
@@ -511,7 +511,9 @@ put_table (char * const * const argv)
         function
         | OBool _ | OInt _ | OInt64 _ | OString _ -> ()
         | OStringList n ->
-          pr "  if (py_%s != Py_None)\n" n;
+          let uc_n = String.uppercase n in
+          pr "  if (py_%s != Py_None && (optargs_s.bitmask |= %s_%s_BITMASK) != 0)\n"
+            n c_optarg_prefix uc_n;
           pr "    free ((char **) optargs_s.%s);\n" n
       ) optargs;
 
-- 
1.9.3