Re: [Xen-devel] xen-mfndump xch bug (was Re: New Defects reported by Coverity Scan for XenProject)

[Dario Faggioli <dario.faggioli@xxxxxxxxxx>]

On gio, 2014-03-13 at 17:05 +0000, Ian Jackson wrote:
> scan-admin@xxxxxxxxxxxx writes ("New Defects reported by Coverity Scan for 
> XenProject"):
> ___________________________
> > *** CID 1191885:  Dereference after null check  (FORWARD_NULL)
> > /tools/misc/xen-mfndump.c: 401 in main()
> > 400         xch = xc_interface_open(0, 0, 0);
> > >>>     CID 1191885:  Dereference after null check  (FORWARD_NULL)
> > >>>     Comparing "xch" to null implies that "xch" might be null.
> > 401         if ( !xch )
> > 402         {
> > 403             ERROR("Failed to open an xc handler");
> 
> This complaint is accurate.  ERROR uses xch.  (This is IMO not a
> security problem.)
> 
I think Andrew sent a patch (and its v2 also) about it already:
http://www.gossamer-threads.com/lists/xen/devel/320397

> Furthermore, I was rather startled to discover that xen-mfndump.c
> #includes <xc_private.h>.
> 
Makes sense... Sorry for that. I think I remember, when working on it,
starting from copying tools/misc/xen-hptool.c, and then modifying it for
my purposes. I probably just left the #include-s untouched without much
thinking.

Do you want me to try to remove it and send a patch to that effect?

Regards,
Dario

-- 
<<This happens because I choose it to happen!>> (Raistlin Majere)
-----------------------------------------------------------------
Dario Faggioli, Ph.D, http://about.me/dario.faggioli
Senior Software Engineer, Citrix Systems R&D Ltd., Cambridge (UK)

Attachment: signature.asc
Description: This is a digitally signed message part

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel