[libvirt] [PATCH 1/6] virNetDevBridgeGet: Avoid NULL dereference
Peter Krempa
pkrempa at redhat.com
Tue May 31 11:33:35 UTC 2016
On Tue, May 31, 2016 at 13:17:30 +0200, Michal Privoznik wrote:
> On 31.05.2016 13:06, Peter Krempa wrote:
> > On Tue, May 31, 2016 at 12:33:25 +0200, Michal Privoznik wrote:
> >> It may happen, that this function would dereference a NULL
> >> pointer:
> >>
> >> util/virnetdevbridge.c: In function 'virNetDevBridgeGetVlanFiltering':
> >> util/virnetdevbridge.c:199:23: error: null pointer dereference [-Werror=null-dereference]
> >> ifr->ifr_data = (char*)&args;
> >> ~~~~~~~~~~~~~~^~~~~~~~~~~~~~
> >>
> >> Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
> >> ---
> >> src/util/virnetdevbridge.c | 6 +++++-
> >> 1 file changed, 5 insertions(+), 1 deletion(-)
> >
> > How about fixing the single caller that passes NULL in @ifr?
> >
> > virNetDevBridgeGetVlanFiltering
> >
>
> What about it? AFAIK, SIOCDEVPRIVATE ioctl is not able to tell us
> whether vlan filtering is enabled. Therefore I don't see much sense in
> providing a fd and ifreq struct just so that we can go through else
> branch too.
Then the check should be based on @fd being -1 where apparently the
second case doesn't make sense at all whether @ifr is set or not.
I think it would make sense to extract the part that operates on @path
and call it separately since you don't need the fallback path at all
rather than using the compound function.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20160531/d3853bd7/attachment-0001.sig>
More information about the libvir-list
mailing list