[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [xen staging] tools/xenstored: Avoid unnecessary talloc_strdup() in do_lu_start()
commit 702b44be43b431695dd9ab49ca4a89ea50e31711 Author: Julien Grall <jgrall@xxxxxxxxxx> AuthorDate: Thu Feb 25 15:43:04 2021 +0000 Commit: Julien Grall <jgrall@xxxxxxxxxx> CommitDate: Fri Feb 26 09:45:58 2021 +0000 tools/xenstored: Avoid unnecessary talloc_strdup() in do_lu_start() At the moment, the return of talloc_strdup() is not checked. This means we may dereference a NULL pointer if the allocation failed. However, it is pointless to allocate the memory as send_reply() will copy the data to a different buffer. So drop the use of talloc_strdup(). This bug was discovered and resolved using Coverity Static Analysis Security Testing (SAST) by Synopsys, Inc. Fixes: af216a99fb4a ("tools/xenstore: add the basic framework for doing the live update") Signed-off-by: Julien Grall <jgrall@xxxxxxxxxx> Reviewed-by: Juergen Gross <jgross@xxxxxxxx> Release-Acked-by: Ian Jackson <iwj@xxxxxxxxxxxxxx> --- tools/xenstore/xenstored_control.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/tools/xenstore/xenstored_control.c b/tools/xenstore/xenstored_control.c index e8a501acdb..8eb5782776 100644 --- a/tools/xenstore/xenstored_control.c +++ b/tools/xenstore/xenstored_control.c @@ -638,7 +638,6 @@ static bool do_lu_start(struct delayed_request *req) { time_t now = time(NULL); const char *ret; - char *resp; if (!lu_check_lu_allowed()) { if (now < lu_status->started_at + lu_status->timeout) @@ -660,8 +659,7 @@ static bool do_lu_start(struct delayed_request *req) out: talloc_free(lu_status); - resp = talloc_strdup(req->in, ret); - send_reply(lu_status->conn, XS_CONTROL, resp, strlen(resp) + 1); + send_reply(lu_status->conn, XS_CONTROL, ret, strlen(ret) + 1); return true; } -- generated by git-patchbot for /home/xen/git/xen.git#staging
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |