[libvirt] [PATCH 3/7] nwfilter_ebiptables_driver.c: avoid NULL dereference

Jim Meyering jim at meyering.net
Thu Apr 15 05:36:21 UTC 2010


Stefan Berger wrote:
> libvir-list-bounces at redhat.com wrote on 04/14/2010 01:40:17 PM:
>
>> Please respond to "Daniel P. Berrange"
>>
>> On Wed, Apr 14, 2010 at 06:02:32PM +0200, Jim Meyering wrote:
>> > From: Jim Meyering <meyering at redhat.com>
>> >
>> > * src/nwfilter/nwfilter_ebiptables_driver.c (ebiptablesApplyNewRules):
>> > Don't dereference a NULL or uninitialized pointer when given
>> > an empty list of rules.  Add an sa_assert(inst) in each loop to
>> > tell clang that the uses of "inst[i]" are valid.
>> > ---
>> >  src/nwfilter/nwfilter_ebiptables_driver.c |    8 +++++---
>> >  1 files changed, 5 insertions(+), 3 deletions(-)
>> >
>> > diff --git a/src/nwfilter/nwfilter_ebiptables_driver.c b/src/
>> nwfilter/nwfilter_ebiptables_driver.c
>> > index b481b4c..f54099f 100644
>> > --- a/src/nwfilter/nwfilter_ebiptables_driver.c
>> > +++ b/src/nwfilter/nwfilter_ebiptables_driver.c
>> > @@ -2834,11 +2834,11 @@ ebiptablesApplyNewRules(virConnectPtr conn
>> ATTRIBUTE_UNUSED,
>> >      bool haveIptables = false;
>> >      bool haveIp6tables = false;
>> >
>> > -    if (inst)
>> > -        qsort(inst, nruleInstances, sizeof(inst[0]),
>> > -              ebiptablesRuleOrderSort);
>> > +    if (nruleInstances > 1 && inst)
>> > +        qsort(inst, nruleInstances, sizeof(inst[0]),
>> ebiptablesRuleOrderSort);
>> >
>> >      for (i = 0; i < nruleInstances; i++) {
>> > +        sa_assert (inst);
>> >          if (inst[i]->ruleType == RT_EBTABLES) {
>> >              if (inst[i]->chainprefix == CHAINPREFIX_HOST_IN_TEMP)
>> >                  chains_in  |= (1 << inst[i]->neededProtocolChain);
>> > @@ -2881,6 +2881,7 @@ ebiptablesApplyNewRules(virConnectPtr conn
>> ATTRIBUTE_UNUSED,
>> >          goto tear_down_tmpebchains;
>> >
>> >      for (i = 0; i < nruleInstances; i++)
>> > +        sa_assert (inst);
>
> Due to this statement here I get segmentation faults for which there is no
> reason. I have no idea why that is but I have to deactivate this line for it to
> work again.
> The same is not true for the statement further above...  So strange.

How is STATIC_ANALYSIS defined in config.h?

    $ grep STATIC_AN config.h
    #define STATIC_ANALYSIS 0

If it's not 0, then you must have one of these two envvars set:

  test -n "$CCC_ANALYZER_ANALYSIS$COVERITY_BUILD_COMMAND" && echo oops

How is sa_assert defined for you?

    $ grep -C3 sa_assert src/internal.h
    # if STATIC_ANALYSIS
    #  undef NDEBUG /* Don't let a prior NDEBUG definition cause trouble.  */
    #  include <assert.h>
    #  define sa_assert(expr) assert (expr)
    # else
    #  define sa_assert(expr) /* empty */
    # endif

With those, the net result in your file should be that
sa_assert is a no-op.

If you're still convinced that the segfault is due to that use
of sa_assert, please send me preprocessed output for that file, i.e.,

    cd src
    f=nwfilter_ebiptables_driver
    touch nwfilter/$f.c
    la=libvirt_driver_nwfilter_la
    lo=$la-$f.lo
    make AM_CPPFLAGS='-E -dD' $lo
    mv .libs/$la-$f.o $f.i

The cpp-preprocessed output is now in

    src/nwfilter_ebiptables_driver.i

You should be able to see that sa_assert expands to nothing:

    $ grep sa_assert $f.i
    #define sa_assert(expr)




More information about the libvir-list mailing list