[Libvir] unchecked `malloc' calls
Daniel Veillard
veillard at redhat.com
Thu Mar 30 12:17:58 UTC 2006
On Thu, Mar 30, 2006 at 06:43:10AM -0500, Daniel Veillard wrote:
> On Thu, Mar 30, 2006 at 12:26:31PM +0200, Jim Meyering wrote:
> > Hello,
> >
> > In browsing through the code, I noticed that there are many
> > places in which the code doesn't check for malloc returning NULL.
> > E.g.,
> >
> > ./virsh.c: ids = malloc(sizeof(int) * maxid);
> > ./virsh.c- virConnectListDomains(ctl->conn, &ids[0], maxid);
>
> Actually virConnectListDomains which is in the library will check
> the pointer. It won't crash in the library !
> > ./virsh.c: *res = malloc(sz + 1);
> > ./virsh.c- memcpy(*res, tkstr, sz);
> >
> > ./virsh.c: res = malloc(strlen(name) + 3);
> > ./virsh.c- sprintf(res, "--%s", name);
>
> virsh.c is code for the command line tool, I would say it's less critical
> there than in the library if malloc fails and it leads to a crash.
> But I'm sure Karel and me will enjoy a patch to fix this.
Well since it was trivial to catch those and exit I just spent the 2mn
needed to add this, this is fixed in CVS. For XML-RPC I expect the code
to be largely revamped before being integrated so I let it as is for the
moment.
Thanks,
Daniel
--
Daniel Veillard | Red Hat http://redhat.com/
veillard at redhat.com | libxml GNOME XML XSLT toolkit http://xmlsoft.org/
http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/
More information about the libvir-list
mailing list