[libvirt] [PATCH 8/8] storage: avoid crash on parse error

Eric Blake eblake at redhat.com
Fri Jul 1 23:36:06 UTC 2011


Coverity detected that we could crash on bogus input.  Meanwhile,
strtok_r is rather heavy compared to strchr.

* src/storage/storage_backend_iscsi.c (virStorageBackendIQNFound):
Check for parse failure, and use lighter-weight functions.
---
 src/storage/storage_backend_iscsi.c |   14 ++++++++++----
 1 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/src/storage/storage_backend_iscsi.c b/src/storage/storage_backend_iscsi.c
index 15b5862..72887e3 100644
--- a/src/storage/storage_backend_iscsi.c
+++ b/src/storage/storage_backend_iscsi.c
@@ -183,8 +183,7 @@ virStorageBackendIQNFound(const char *initiatoriqn,
     int ret = IQN_MISSING, fd = -1;
     char ebuf[64];
     FILE *fp = NULL;
-    char *line = NULL, *newline = NULL, *iqn = NULL, *token = NULL,
-        *saveptr = NULL;
+    char *line = NULL, *newline = NULL, *iqn = NULL, *token = NULL;
     virCommandPtr cmd = virCommandNewArgList(ISCSIADM,
                                              "--mode", "iface", NULL);

@@ -232,8 +231,15 @@ virStorageBackendIQNFound(const char *initiatoriqn,
         iqn++;

         if (STREQ(iqn, initiatoriqn)) {
-            token = strtok_r(line, " ", &saveptr);
-            *ifacename = strdup(token);
+            token = strchr(line, ' ');
+            if (!token) {
+                ret = IQN_ERROR;
+                virStorageReportError(VIR_ERR_INTERNAL_ERROR,
+                                      _("Missing space when parsing output "
+                                        "of '%s'"), ISCSIADM);
+                goto out;
+            }
+            *ifacename = strndup(line, token - line);
             if (*ifacename == NULL) {
                 ret = IQN_ERROR;
                 virReportOOMError();
-- 
1.7.4.4




More information about the libvir-list mailing list