[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH for-4.21 2/6] tools/libxl: avoid freeing stack rubble in libxl__json_object_to_json()
- To: xen-devel@xxxxxxxxxxxxxxxxxxxx
- From: Roger Pau Monne <roger.pau@xxxxxxxxxx>
- Date: Wed, 15 Oct 2025 15:40:39 +0200
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=14kYZ37eR+zBgiRMbpoPo4RJmcTjOY4j9c/vWRzOLaQ=; b=aqkW27WHo3HYYjRVLSgXwv+7Gt99gyXmV7Y6uFW0qrU/QXGdQFtcZTKpTCny0WSIDmPQmuCKM+ivHUi/EHewwSu2mGmqC2VfHfva38Ni9CbumbcQL5fL7aI411dsqtJQcRDVrv/6QGayxmXm3OwIy4MkYrIaclWz+lm2aCz8EzG5FjPW6oOKOGsFPzDpKur1AKF3S5FSCp8AofLt+X3RHR3YvmcZCTUiC/aaKQnCHM8rdtgRa3hASdjwxmca/17Kdw04FJjCJXz2CePF7Fp/tMDsFT9/sahfsUUQRp3xTLiY60AsBtKhtnYzixHj6xoeknW4qBD87LoVJaWglvTITQ==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=D0BkMybkNUXFq5Ay8rwziW+NuXZuVpYfUgNaxhHlInYZhoTzv4wM5cHBEmnhFk+USr3GkixwddErAdMVHBzOqyDTzDJwErY7PoKJMqtI5+kuBI5d5BPgh40ThotC7y3sj+kqIX3HrjwdVoL98b5x3bmDEAuOP/eONJH+UEw7Wpg0T6BYrC4PfbFiJv2bXKfGU1M1vdJFXnRQdnaWWpzxlTpp4bhdJaUGwvzWfR7oQJ2yIt585HF7Jw5hV3jSTFZkj9b3FthukXX0Y5qmyox86OoNmdjErFIuqeJYhUAIpjZieNiPM7g4irBn+f4EZKdQS88yC4Bkcy+dfPv2dMEK/A==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
- Cc: oleksii.kurochko@xxxxxxxxx, Roger Pau Monne <roger.pau@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Juergen Gross <jgross@xxxxxxxx>
- Delivery-date: Wed, 15 Oct 2025 13:48:06 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
It's possible for libxl__json_object_to_json_object() to not set the passed
jso_out parameter, hence initialize it in libxl__json_object_to_json() to
avoid freeing an uninitialized pointer in case of failure.
Reported by XenServer internal Coverity instance.
Fixes: 75fa670e582c ("libxl: Convert libxl__json_object_to_json() to
json_object")
Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx>
---
tools/libs/light/libxl_json.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/libs/light/libxl_json.c b/tools/libs/light/libxl_json.c
index a9e06b06932d..b01d86363550 100644
--- a/tools/libs/light/libxl_json.c
+++ b/tools/libs/light/libxl_json.c
@@ -1533,7 +1533,7 @@ char *libxl__json_object_to_json(libxl__gc *gc,
{
#ifdef HAVE_LIBJSONC
const char *buf;
- json_object *root;
+ json_object *root = NULL;
char *ret = NULL;
int rc;
--
2.51.0
|
