[libvirt] [PATCH] storage: avoid null deref on qemu-img failure

Eric Blake eblake at redhat.com
Fri Oct 21 21:39:03 UTC 2011


Detected by Coverity.  Only possible if qemu-img gives bogus output,
but we might as well be robust.

* src/storage/storage_backend.c
(virStorageBackendQEMUImgBackingFormat): Check for strstr failure.
---
 src/storage/storage_backend.c |    5 +++--
 1 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/storage/storage_backend.c b/src/storage/storage_backend.c
index 64c35c2..7c8bfdc 100644
--- a/src/storage/storage_backend.c
+++ b/src/storage/storage_backend.c
@@ -631,8 +631,9 @@ static int virStorageBackendQEMUImgBackingFormat(const char *qemuimg)
     if (virCommandRun(cmd, &exitstatus) < 0)
         goto cleanup;

-    start = strstr(help, " create ");
-    end = strstr(start, "\n");
+    if ((start = strstr(help, " create ")) == NULL ||
+        (end = strstr(start, "\n")) == NULL)
+        goto cleanup;
     if (((tmp = strstr(start, "-F fmt")) && tmp < end) ||
         ((tmp = strstr(start, "-F backing_fmt")) && tmp < end))
         ret = QEMU_IMG_BACKING_FORMAT_FLAG;
-- 
1.7.4.4




More information about the libvir-list mailing list