[libvirt] [PATCH 01/11] tlscontext: Make sure to get proper pointer to name

Osier Yang jyang at redhat.com
Thu Jan 31 10:44:30 UTC 2013 

On 2013年01月31日 03:36, John Ferlan wrote:
> The 'dname' string was only filled in within the loop when available;
> however, the TRACE macros used it unconditionally and caused Coverity
> to compain about BAD_SIZEOF.  Using a dnameptr keeps Coverity at bay and
> makes sure dname was properly filled before attempting the TRACE message.
> ---
>   src/rpc/virnettlscontext.c | 8 +++++---
>   1 file changed, 5 insertions(+), 3 deletions(-)
>
> diff --git a/src/rpc/virnettlscontext.c b/src/rpc/virnettlscontext.c
> index 0f0ddff..29d1508 100644
> --- a/src/rpc/virnettlscontext.c
> +++ b/src/rpc/virnettlscontext.c
> @@ -1,7 +1,7 @@
>   /*
>    * virnettlscontext.c: TLS encryption/x509 handling
>    *
> - * Copyright (C) 2010-2012 Red Hat, Inc.
> + * Copyright (C) 2010-2013 Red Hat, Inc.
>    *
>    * This library is free software; you can redistribute it and/or
>    * modify it under the terms of the GNU Lesser General Public
> @@ -950,6 +950,7 @@ static int virNetTLSContextValidCertificate(virNetTLSContextPtr ctxt,
>       unsigned int nCerts, i;
>       char dname[256];
>       size_t dnamesize = sizeof(dname);
> +    char *dnameptr = NULL;
>
>       memset(dname, 0, dnamesize);
>
> @@ -1025,6 +1026,7 @@ static int virNetTLSContextValidCertificate(virNetTLSContextPtr ctxt,
>                                  "[session]", gnutls_strerror(ret));
>                   goto authfail;
>               }
> +            dnameptr = dname;
>               VIR_DEBUG("Peer DN is %s", dname);
>
>               if (virNetTLSContextCheckCertDN(cert, "[session]", sess->hostname, dname,
> @@ -1062,14 +1064,14 @@ static int virNetTLSContextValidCertificate(virNetTLSContextPtr ctxt,
>
>       PROBE(RPC_TLS_CONTEXT_SESSION_ALLOW,
>             "ctxt=%p sess=%p dname=%s",
> -          ctxt, sess, dname);
> +          ctxt, sess, dnameptr ? dnameptr : "(unknown)");
>
>       return 0;
>
>   authdeny:
>       PROBE(RPC_TLS_CONTEXT_SESSION_DENY,
>             "ctxt=%p sess=%p dname=%s",
> -          ctxt, sess, dname);
> +          ctxt, sess, dnameptr ? dnameptr : "(unknown)");
>
>       return -1;
>

I guess dname[0] is guaranteed to be not nul as long as
gnutls_x509_crt_get_dn succeeded.

If so, the patch can be simplified as:

dname[0] ? dname : "(unknown)"

Osier

More information about the libvir-list mailing list