[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH] storage: avoid null deref on qemu-img failure

Dňa 21.10.2011 23:39, Eric Blake  wrote / napísal(a):
Detected by Coverity.  Only possible if qemu-img gives bogus output,
but we might as well be robust.

* src/storage/storage_backend.c
(virStorageBackendQEMUImgBackingFormat): Check for strstr failure.
  src/storage/storage_backend.c |    5 +++--
  1 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/storage/storage_backend.c b/src/storage/storage_backend.c
index 64c35c2..7c8bfdc 100644
--- a/src/storage/storage_backend.c
+++ b/src/storage/storage_backend.c
@@ -631,8 +631,9 @@ static int virStorageBackendQEMUImgBackingFormat(const char *qemuimg)
      if (virCommandRun(cmd,&exitstatus)<  0)
          goto cleanup;

-    start = strstr(help, " create ");
-    end = strstr(start, "\n");
+    if ((start = strstr(help, " create ")) == NULL ||
+        (end = strstr(start, "\n")) == NULL)
+        goto cleanup;

At least one call graph to this function does not contain adding a error message of any kind. I think it would be fair to inform the user if his qemu-img is somehow broken (although unlikely to happen), if we check for this now.

      if (((tmp = strstr(start, "-F fmt"))&&  tmp<  end) ||
          ((tmp = strstr(start, "-F backing_fmt"))&&  tmp<  end))



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]