[libvirt] [PATCH] pci: initialize virtual_functions array pointer to avoid segfault

Laine Stump laine at laine.org
Mon Jul 1 04:01:28 UTC 2013 

This fixes https://bugzilla.redhat.com/show_bug.cgi?id=971325

The problem was that if virPCIGetVirtualFunctions was given the name
of a non-existent interface, it would return to its caller without
initializing the pointer to the array of virtual functions to NULL,
and the caller (virNetDevGetVirtualFunctions) would try to VIR_FREE()
the invalid pointer.

The final error message before the crash would be:

 virPCIGetVirtualFunctions:2088 :
  Failed to open dir '/sys/class/net/eth2/device':
  No such file or directory

In this patch I move the initialization in virPCIGetVirtualFunctions()
to the begining of the function, and also do an explicit
initialization in virNetDevGetVirtualFunctions, just in case someone
in the future adds code into that function prior to the call to
virPCIGetVirtualFunctions.
---
 src/util/virnetdev.c | 3 +++
 src/util/virpci.c    | 5 +++--
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/util/virnetdev.c b/src/util/virnetdev.c
index ebe20d0..5e8dffb 100644
--- a/src/util/virnetdev.c
+++ b/src/util/virnetdev.c
@@ -1100,6 +1100,9 @@ virNetDevGetVirtualFunctions(const char *pfname,
     char *pci_sysfs_device_link = NULL;
     char *pciConfigAddr = NULL;
 
+    *virt_fns = NULL;
+    *n_vfname = 0;
+
     if (virNetDevSysfsFile(&pf_sysfs_device_link, pfname, "device") < 0)
         return ret;
 
diff --git a/src/util/virpci.c b/src/util/virpci.c
index 2acab1a..15de3f9 100644
--- a/src/util/virpci.c
+++ b/src/util/virpci.c
@@ -2449,6 +2449,9 @@ virPCIGetVirtualFunctions(const char *sysfs_path,
     VIR_DEBUG("Attempting to get SR IOV virtual functions for device"
               "with sysfs path '%s'", sysfs_path);
 
+    *virtual_functions = NULL;
+    *num_virtual_functions = 0;
+
     dir = opendir(sysfs_path);
     if (dir == NULL) {
         memset(errbuf, '\0', sizeof(errbuf));
@@ -2458,8 +2461,6 @@ virPCIGetVirtualFunctions(const char *sysfs_path,
         return ret;
     }
 
-    *virtual_functions = NULL;
-    *num_virtual_functions = 0;
     while ((entry = readdir(dir))) {
         if (STRPREFIX(entry->d_name, "virtfn")) {
             virPCIDeviceAddress *config_addr = NULL;
-- 
1.7.11.7

More information about the libvir-list mailing list