[libvirt] [PATCH] xen_hypervisor.c: avoid NULL deref for NULL domain argument

Daniel P. Berrange berrange at redhat.com
Wed Jan 27 11:02:47 UTC 2010 

On Tue, Jan 26, 2010 at 08:24:25PM +0100, Jim Meyering wrote:
> When "domain" is NULL, don't deref NULL.  Instead, just return -1,
> as in many other functions in this file, and as this function did
> up until a month ago.
> 
> An alternative (taken 3 times in this file) is to do this:
> 
>         virXenErrorFunc (NULL, VIR_ERR_INTERNAL_ERROR, __FUNCTION__,
>                          "domain or conn is NULL", 0);
>         return -1;
> 
> I could go either way.
> 
> 
> >From 177556167775b806a29bcb1af7ba4294d1909912 Mon Sep 17 00:00:00 2001
> From: Jim Meyering <meyering at redhat.com>
> Date: Tue, 26 Jan 2010 20:17:07 +0100
> Subject: [PATCH] xen_hypervisor.c: avoid NULL deref for NULL domain argument
> 
> * src/xen/xen_hypervisor.c (xenHypervisorGetVcpus): Don't attempt
> to diagnose an unlikely NULL-domain or NULL-domain->conn error.
> ---
>  src/xen/xen_hypervisor.c |    7 ++-----
>  1 files changed, 2 insertions(+), 5 deletions(-)
> 
> diff --git a/src/xen/xen_hypervisor.c b/src/xen/xen_hypervisor.c
> index 6d8accc..0257be2 100644
> --- a/src/xen/xen_hypervisor.c
> +++ b/src/xen/xen_hypervisor.c
> @@ -1,7 +1,7 @@
>  /*
>   * xen_internal.c: direct access to Xen hypervisor level
>   *
> - * Copyright (C) 2005, 2006, 2007, 2008, 2009 Red Hat, Inc.
> + * Copyright (C) 2005-2010 Red Hat, Inc.
>   *
>   * See COPYING.LIB for the License of this software
>   *
> @@ -3475,11 +3475,8 @@ xenHypervisorGetVcpus(virDomainPtr domain, virVcpuInfoPtr info, int maxinfo,
>      virVcpuInfoPtr ipt;
>      int nbinfo, i;
> 
> -    if (domain == NULL || domain->conn == NULL) {
> -        virXenErrorFunc (domain->conn, VIR_ERR_INVALID_ARG, __FUNCTION__,
> -                        "invalid argument", 0);
> +    if (domain == NULL || domain->conn == NULL)
>          return -1;
> -    }

I'd rather we just got rid of that check completely - its a left
over from a time when Xen was the only driver & these entry points
needed to do full checking. Now all mandatory parameters are checked
in the previous libvirt.c layer.

Daniel
-- 
|: Red Hat, Engineering, London   -o-   http://people.redhat.com/berrange/ :|
|: http://libvirt.org  -o-  http://virt-manager.org  -o-  http://ovirt.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505  -o-  F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|

More information about the libvir-list mailing list