[libvirt] [PATCH] Remove useless NULL check in virSecurityManagerGenLabel
Eric Blake
eblake at redhat.com
Wed Apr 2 13:00:09 UTC 2014
On 04/02/2014 06:44 AM, Ján Tomko wrote:
> Every security driver has domainGenSecurityLabel defined.
As currently written. But Dan wrote the manager to be flexible to
future drivers that omit obvious functions.
This patch makes sense for silencing Coverity, but I think it is
incomplete unless you also fix the registration with the manager to
forcefully require that all drivers supply callback functions that we
are going to blindly assume exist, rather than the current status quo of
allowing a driver to omit callbacks even if none of them do. That is,
virSecurityManagerNewDriver() should be taught to require
drv->domainGenSecurityLabel is non-NULL.
>
> Coverity complains about a possible leak of seclabel if
> !sec_managers[i]->drv->domainGenSecurityLabel is true
> and the seclabel might be overwritten by the next iteration
> of the loop.
> ---
> src/security/security_manager.c | 28 ++++++++++++----------------
> 1 file changed, 12 insertions(+), 16 deletions(-)
>
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 604 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20140402/0630783f/attachment-0001.sig>
More information about the libvir-list
mailing list