[libvirt] [PATCH 3/7] nwfilter_ebiptables_driver.c: avoid NULL dereference

Eric Blake eblake at redhat.com
Wed Apr 14 16:37:38 UTC 2010


On 04/14/2010 10:02 AM, Jim Meyering wrote:
> From: Jim Meyering <meyering at redhat.com>
> 
> * src/nwfilter/nwfilter_ebiptables_driver.c (ebiptablesApplyNewRules):
> Don't dereference a NULL or uninitialized pointer when given
> an empty list of rules.  Add an sa_assert(inst) in each loop to
> tell clang that the uses of "inst[i]" are valid.
> ---
>  src/nwfilter/nwfilter_ebiptables_driver.c |    8 +++++---
>  1 files changed, 5 insertions(+), 3 deletions(-)
> 
> diff --git a/src/nwfilter/nwfilter_ebiptables_driver.c b/src/nwfilter/nwfilter_ebiptables_driver.c
> index b481b4c..f54099f 100644
> --- a/src/nwfilter/nwfilter_ebiptables_driver.c
> +++ b/src/nwfilter/nwfilter_ebiptables_driver.c
> @@ -2834,11 +2834,11 @@ ebiptablesApplyNewRules(virConnectPtr conn ATTRIBUTE_UNUSED,
>      bool haveIptables = false;
>      bool haveIp6tables = false;
> 
> -    if (inst)
> -        qsort(inst, nruleInstances, sizeof(inst[0]),
> -              ebiptablesRuleOrderSort);
> +    if (nruleInstances > 1 && inst)
> +        qsort(inst, nruleInstances, sizeof(inst[0]), ebiptablesRuleOrderSort);
> 
>      for (i = 0; i < nruleInstances; i++) {
> +        sa_assert (inst);

ACK, if 1/7 is approved.

-- 
Eric Blake   eblake at redhat.com    +1-801-349-2682
Libvirt virtualization library http://libvirt.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 323 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20100414/b4f42e67/attachment-0001.sig>


More information about the libvir-list mailing list