[Libosinfo] [PATCH 1/3] test-isodetect: Fix invalid read when parsing isoinfo files

Christophe Fergeau cfergeau at redhat.com
Mon Oct 19 07:46:33 UTC 2015 

On Fri, Oct 16, 2015 at 03:43:32PM +0100, Daniel P. Berrange wrote:
> On Fri, Oct 16, 2015 at 04:36:23PM +0200, Christophe Fergeau wrote:
> > While parsing the isoinfo files, we check if the current line starts
> > with some prefix, but then we skip one byte more when we pass the string
> > to osinfo_entity_set_param(). This accounts for a space which comes
> > right after the prefix.
> > It can happen that the line being parsed ends right after the prefix
> > with no additional space, in which case we'd be accessing invalid memory
> > when we try to skip the space.
> > This commit adds the additional space to the prefix check, and uses
> > strlen() rather than a hardcoded len when skipping the prefix later on.
> > 
> > This fixes
> > ==10921== Conditional jump or move depends on uninitialised value(s)
> > ==10921==    at 0x4C2BC29: strlen (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
> > ==10921==    by 0x6A6B222: g_strdup (gstrfuncs.c:362)
> > ==10921==    by 0x553F4F2: osinfo_entity_set_param (osinfo_entity.c:190)
> > ==10921==    by 0x402716: load_iso (test-isodetect.c:141)
> > ==10921==    by 0x4029C7: load_distro (test-isodetect.c:203)
> > ==10921==    by 0x402B3E: load_distros (test-isodetect.c:250)
> > ==10921==    by 0x402C67: load_isos (test-isodetect.c:281)
> > ==10921==    by 0x40306E: test_one (test-isodetect.c:329)
> > ==10921==    by 0x4032E1: test_rhel (test-isodetect.c:367)
> > ==10921==    by 0x532B78A: ??? (in /usr/lib64/libcheck.so.0.0.0)
> > ==10921==    by 0x532BB7C: srunner_run (in /usr/lib64/libcheck.so.0.0.0)
> > ==10921==    by 0x403A4C: main (test-isodetect.c:490)
> > ---
> >  test/test-isodetect.c | 24 ++++++++++++------------
> >  1 file changed, 12 insertions(+), 12 deletions(-)
> 
> ACK to all 3 patches

Thanks, pushed.

Christophe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libosinfo/attachments/20151019/2affe99d/attachment.sig>

More information about the Libosinfo mailing list