[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH 7/8] qemu: Resolve Coverity BAD_SIZEOF




On 09/15/2014 04:09 AM, Peter Krempa wrote:
> On 09/13/14 15:27, John Ferlan wrote:
>> Coverity complains about the calculation of the buf & len within
>> the PROBE macro.  So to quiet things down, do the calculation prior
>> to usage in either write() or qemuMonitorIOWriteWithFD() calls and
>> then have the PROBE use the calculated values - which works.
>>
>> Signed-off-by: John Ferlan <jferlan redhat com>
>> ---
>>  src/qemu/qemu_monitor.c | 18 +++++++-----------
>>  1 file changed, 7 insertions(+), 11 deletions(-)
>>
>> diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c
>> index 6059133..80c6ef8 100644
>> --- a/src/qemu/qemu_monitor.c
>> +++ b/src/qemu/qemu_monitor.c
>> @@ -478,6 +478,8 @@ static int
>>  qemuMonitorIOWrite(qemuMonitorPtr mon)
>>  {
>>      int done;
>> +    char *buf;
>> +    int len;
> 
> len should be "size_t"
> 

Of course seen when formatting %d on the PROBE() I was reminded I had to
change the type of the printf format ;-)... Also, I would be remiss if I
didn't point out...

struct _qemuMonitorMessage {
    int txFD;

    char *txBuffer;
    int txOffset;
    int txLength;
...

John

>>  
>>      /* If no active message, or fully transmitted, the no-op */
>>      if (!mon->msg || mon->msg->txOffset == mon->msg->txLength)
>> @@ -489,22 +491,16 @@ qemuMonitorIOWrite(qemuMonitorPtr mon)
>>          return -1;
>>      }
>>  
>> +    buf = mon->msg->txBuffer + mon->msg->txOffset;
>> +    len = mon->msg->txLength - mon->msg->txOffset;
>>      if (mon->msg->txFD == -1)
>> -        done = write(mon->fd,
>> -                     mon->msg->txBuffer + mon->msg->txOffset,
>> -                     mon->msg->txLength - mon->msg->txOffset);
>> +        done = write(mon->fd, buf, len);
>>      else
>> -        done = qemuMonitorIOWriteWithFD(mon,
>> -                                        mon->msg->txBuffer + mon->msg->txOffset,
>> -                                        mon->msg->txLength - mon->msg->txOffset,
>> -                                        mon->msg->txFD);
>> +        done = qemuMonitorIOWriteWithFD(mon, buf, len, mon->msg->txFD);
>>  
>>      PROBE(QEMU_MONITOR_IO_WRITE,
>>            "mon=%p buf=%s len=%d ret=%d errno=%d",
>> -          mon,
>> -          mon->msg->txBuffer + mon->msg->txOffset,
>> -          mon->msg->txLength - mon->msg->txOffset,
>> -          done, errno);
>> +          mon, buf, len, done, errno);
>>  
>>      if (mon->msg->txFD != -1) {
>>          PROBE(QEMU_MONITOR_IO_SEND_FD,
>>
> 
> ACK with the type corrected.
> 
> Peter
> 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]