[Libosinfo] [PATCH 1/3] test-isodetect: Fix invalid read when parsing isoinfo files

Daniel P. Berrange berrange at redhat.com
Fri Oct 16 14:43:32 UTC 2015 

On Fri, Oct 16, 2015 at 04:36:23PM +0200, Christophe Fergeau wrote:
> While parsing the isoinfo files, we check if the current line starts
> with some prefix, but then we skip one byte more when we pass the string
> to osinfo_entity_set_param(). This accounts for a space which comes
> right after the prefix.
> It can happen that the line being parsed ends right after the prefix
> with no additional space, in which case we'd be accessing invalid memory
> when we try to skip the space.
> This commit adds the additional space to the prefix check, and uses
> strlen() rather than a hardcoded len when skipping the prefix later on.
> 
> This fixes
> ==10921== Conditional jump or move depends on uninitialised value(s)
> ==10921==    at 0x4C2BC29: strlen (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
> ==10921==    by 0x6A6B222: g_strdup (gstrfuncs.c:362)
> ==10921==    by 0x553F4F2: osinfo_entity_set_param (osinfo_entity.c:190)
> ==10921==    by 0x402716: load_iso (test-isodetect.c:141)
> ==10921==    by 0x4029C7: load_distro (test-isodetect.c:203)
> ==10921==    by 0x402B3E: load_distros (test-isodetect.c:250)
> ==10921==    by 0x402C67: load_isos (test-isodetect.c:281)
> ==10921==    by 0x40306E: test_one (test-isodetect.c:329)
> ==10921==    by 0x4032E1: test_rhel (test-isodetect.c:367)
> ==10921==    by 0x532B78A: ??? (in /usr/lib64/libcheck.so.0.0.0)
> ==10921==    by 0x532BB7C: srunner_run (in /usr/lib64/libcheck.so.0.0.0)
> ==10921==    by 0x403A4C: main (test-isodetect.c:490)
> ---
>  test/test-isodetect.c | 24 ++++++++++++------------
>  1 file changed, 12 insertions(+), 12 deletions(-)

ACK to all 3 patches


Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

More information about the Libosinfo mailing list