[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 08/13] libxl: don't leak ptr in libxl_list_vm error case

To: Matthew Daley <mattd@xxxxxxxxxxx>, <xen-devel@xxxxxxxxxxxxx>
From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Date: Sun, 1 Dec 2013 12:20:44 +0000
Cc: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, Ian Campbell <ian.campbell@xxxxxxxxxx>, Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>
Delivery-date: Sun, 01 Dec 2013 12:21:20 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 01/12/2013 10:15, Matthew Daley wrote:
> While at it, tidy up the function; there's no point in allocating more
> than the amount of domains actually returned by xc_domain_getinfolist.
>
> Coverity-ID: 1055888
> Signed-off-by: Matthew Daley <mattd@xxxxxxxxxxx>
> ---
>  tools/libxl/libxl.c |   14 +++++++-------
>  1 file changed, 7 insertions(+), 7 deletions(-)
>
> diff --git a/tools/libxl/libxl.c b/tools/libxl/libxl.c
> index a57d571..ca4c2cd 100644
> --- a/tools/libxl/libxl.c
> +++ b/tools/libxl/libxl.c
> @@ -674,17 +674,17 @@ libxl_vminfo * libxl_list_vm(libxl_ctx *ctx, int 
> *nb_vm_out)
>      libxl_vminfo *ptr;
>      int idx, i, ret;
>      xc_domaininfo_t info[1024];
> -    int size = 1024;
>  
> -    ptr = calloc(size, sizeof(libxl_vminfo));
> -    if (!ptr)
> +    ret = xc_domain_getinfolist(ctx->xch, 1, ARRAY_SIZE(info), info);
> +    if (ret < 0) {
> +        LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR, "getting domain info list");
>          return NULL;
> +    }
>  
> -    ret = xc_domain_getinfolist(ctx->xch, 1, 1024, info);
> -    if (ret<0) {
> -        LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR, "geting domain info list");
> +    ptr = calloc(ret, sizeof(libxl_vminfo));

We now have a possible case of calling calloc(0, sizeof(libxl_vminfo));

The implementation is free to return NULL which will cause this function
to fail in the eyes of its callers.

Doing a calloc(min(1,ret), sizeof(libxl_vminfo)); will suffice, as the
callers already have to correctly deal with 0 domains but some allocated
memory as a result of this function.

~Andrew

> +    if (!ptr)
>          return NULL;
> -    }
> +
>      for (idx = i = 0; i < ret; i++) {
>          if (libxl_is_stubdom(ctx, info[i].domain, NULL))
>              continue;


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH 08/13] libxl: don't leak ptr in libxl_list_vm error case
  - From: Matthew Daley

References:
- [Xen-devel] [PATCH 00/13] Coverity fixes for libxl
  - From: Matthew Daley
- [Xen-devel] [PATCH 08/13] libxl: don't leak ptr in libxl_list_vm error case
  - From: Matthew Daley

Prev by Date: Re: [Xen-devel] [PATCH 04/13] libxl: don't leak p in libxl__wait_for_backend
Next by Date: Re: [Xen-devel] [PATCH 00/13] Coverity fixes for libxl
Previous by thread: [Xen-devel] [PATCH 08/13] libxl: don't leak ptr in libxl_list_vm error case
Next by thread: Re: [Xen-devel] [PATCH 08/13] libxl: don't leak ptr in libxl_list_vm error case
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.