[Libguestfs] [PATCH] python: fix possible free on uninit memory with OStringList optargs
Pino Toscano
ptoscano at redhat.com
Tue Aug 12 08:18:30 UTC 2014
On Monday 11 August 2014 18:35:51 Pino Toscano wrote:
> When using optional arguments of type OStringList, the code free'ing
> the member in the optargs_s struct corresponding to that optional
> argument would just check for a non-PyNone PyObject for that argument.
> If before that optional argument there are other arguments which can
> cause an earlier error return from that binding function, the
> free'ing code will then act on garbage values.
>
> Enhance the check by also checking whether the optargs struct has the
> bitmask with the element for that argument, meaning that the
> corresponding struct member was initialized.
> ---
> generator/python.ml | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/generator/python.ml b/generator/python.ml
> index 72bc8a0..a763104 100644
> --- a/generator/python.ml
> +++ b/generator/python.ml
> @@ -511,7 +511,9 @@ put_table (char * const * const argv)
> function
>
> | OBool _ | OInt _ | OInt64 _ | OString _ -> ()
> | OStringList n ->
>
> - pr " if (py_%s != Py_None)\n" n;
> + let uc_n = String.uppercase n in
> + pr " if (py_%s != Py_None && (optargs_s.bitmask |= %s_%s_BITMASK) != 0)\n"
> + n c_optarg_prefix uc_n;
> pr " free ((char **) optargs_s.%s);\n" n
> ) optargs;
Apologies for the wrong patch, I just realized I apparently committed
and send an old/wrong version. I'll follow-up with a correct patch.
--
Pino Toscano
More information about the Libguestfs
mailing list