[libvirt] Power Hypervisor: Fix potential segfault and memleak in phypOpen
Chris Lalancette
clalance at redhat.com
Fri Aug 7 13:35:05 UTC 2009
Matthias Bolte wrote:
> Hi,
>
> I came across this line in the phypOpen function:
>
> char string[strlen(conn->uri->path)];
>
> Here the path part of the given URI is used without checking it for
> NULL, this can cause a segfault as strlen expects a string != NULL.
Heh, it's worse than that; there is a check later on for !conn || !conn->uri, so
you are potentially de-referencing a NULL pointer.
> Beside that uuid_db and connection_data leak in case of an error.
>
> In this line
>
> conn->uri->path = string;
>
> the original path of the URI leaks. The patch adds a VIR_FREE call
> before setting the new path.
>
> The attached patch is compile-tested but I don't have a Power
> Hypervisor installation at hand to test it for real.
I also don't have a Power Hypervisor, but it looks sane enough to me. I'll say
ACK, but it's probably a good idea to get someone who has Power to test it
before you commit.
--
Chris Lalancette
More information about the libvir-list
mailing list