|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH 1/7] libxc: fix uninitialized variable in xc_cpuid_pv_policy()
On Fri, 2015-07-03 at 16:15 +0100, Ian Jackson wrote:
> Jennifer Herbert writes ("[Xen-devel] [PATCH 1/7] libxc: fix uninitialized
> variable in xc_cpuid_pv_policy()"):
> > If xc_domain_get_guest_width were to fail, guest_width is not set, and
> > hence guest_64bit becomes undefined.
> > Fix is to initialise to 0, and report error if call fails.
> ...
> > diff --git a/tools/libxc/xc_cpuid_x86.c b/tools/libxc/xc_cpuid_x86.c
> > index c97f91a..847b701 100644
> > --- a/tools/libxc/xc_cpuid_x86.c
> > +++ b/tools/libxc/xc_cpuid_x86.c
> > @@ -437,14 +437,16 @@ static void xc_cpuid_pv_policy(
> > {
> > DECLARE_DOMCTL;
> > unsigned int guest_width;
> > - int guest_64bit;
> > + int guest_64bit = 0;
>
> I'm not a huge fan of this style, which some people might describe as
> `defensive initialisations'. They turn failures to initialise a
> variable (which can be detected by tools like Coverity and some
> compilers), into uses of the wrong value.
>
> > - xc_domain_get_guest_width(xch, domid, &guest_width);
> > - guest_64bit = (guest_width == 8);
> > + if (xc_domain_get_guest_width(xch, domid, &guest_width) == 0)
> > + guest_64bit = (guest_width == 8);
> > + else
> > + ERROR("Could not read guest word width.");
>
> Surely after failure of xc_domain_get_guest_width we should not
> blunder on, making unwarranted assumptions about the guest bit width.
>
> Unfortunately xc_cpuid_pv_policy doesn't return an error code. I
> think it needs to. So that's rather a yak.
I was about to say it's not one worth shaving, but actually although
this returns void it is static and has exactly one caller which can
return errors -- so it's a very easy yakk to shave it seems.
Ian.
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |