[libvirt] [PATCH 7/8] conf: check for buffer errors before virBufferUse
Ján Tomko
jtomko at redhat.com
Wed Jul 26 13:29:35 UTC 2017
After an OOM error, virBuffer* APIs set buf->use to zero.
Adding a buffer to the parent buffer only if use is non-zero
would quitely drop data on error.
Check the error beforehand to make sure buf->use is zero
because we have not attempted to add anything to it.
---
src/conf/capabilities.c | 5 +++++
src/conf/cpu_conf.c | 4 ++++
src/conf/domain_conf.c | 31 +++++++++++++++++++++++++++++--
3 files changed, 38 insertions(+), 2 deletions(-)
diff --git a/src/conf/capabilities.c b/src/conf/capabilities.c
index 0f99f3096..db7efffdf 100644
--- a/src/conf/capabilities.c
+++ b/src/conf/capabilities.c
@@ -930,6 +930,11 @@ virCapabilitiesFormatCaches(virBufferPtr buf,
bank->controls[j]->max_allocation);
}
+ if (virBufferCheckError(&controlBuf) < 0) {
+ VIR_FREE(cpus_str);
+ return -1;
+ }
+
if (virBufferUse(&controlBuf)) {
virBufferAddLit(buf, ">\n");
virBufferAddBuffer(buf, &controlBuf);
diff --git a/src/conf/cpu_conf.c b/src/conf/cpu_conf.c
index da40e9ba9..065b4df99 100644
--- a/src/conf/cpu_conf.c
+++ b/src/conf/cpu_conf.c
@@ -646,6 +646,10 @@ virCPUDefFormatBufFull(virBufferPtr buf,
if (virDomainNumaDefCPUFormat(&childrenBuf, numa) < 0)
goto cleanup;
+ if (virBufferCheckError(&attributeBuf) < 0 ||
+ virBufferCheckError(&childrenBuf) < 0)
+ goto cleanup;
+
/* Put it all together */
if (virBufferUse(&attributeBuf) || virBufferUse(&childrenBuf)) {
virBufferAddLit(buf, "<cpu");
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 7728321cb..4dc49fdb0 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -21560,6 +21560,9 @@ virDomainDiskDefFormat(virBufferPtr buf,
virDomainVirtioOptionsFormat(&driverBuf, def->virtio);
+ if (virBufferCheckError(&driverBuf) < 0)
+ return -1;
+
if (virBufferUse(&driverBuf)) {
virBufferAddLit(buf, "<driver");
virBufferAddBuffer(buf, &driverBuf);
@@ -21744,7 +21747,7 @@ virDomainControllerDriverFormat(virBufferPtr buf,
virDomainVirtioOptionsFormat(&driverBuf, def->virtio);
- if (virBufferUse(&driverBuf)) {
+ if (virBufferError(&driverBuf) != 0 || virBufferUse(&driverBuf)) {
virBufferAddLit(buf, "<driver");
virBufferAddBuffer(buf, &driverBuf);
virBufferAddLit(buf, "/>\n");
@@ -21891,6 +21894,9 @@ virDomainControllerDefFormat(virBufferPtr buf,
"pcihole64>\n", def->opts.pciopts.pcihole64size);
}
+ if (virBufferCheckError(&childBuf) < 0)
+ return -1;
+
if (virBufferUse(&childBuf)) {
virBufferAddLit(buf, ">\n");
virBufferAddBuffer(buf, &childBuf);
@@ -21962,6 +21968,9 @@ virDomainFSDefFormat(virBufferPtr buf,
virDomainVirtioOptionsFormat(&driverBuf, def->virtio);
+ if (virBufferCheckError(&driverBuf) < 0)
+ return -1;
+
if (virBufferUse(&driverBuf)) {
virBufferAddLit(buf, "<driver");
virBufferAddBuffer(buf, &driverBuf);
@@ -23223,6 +23232,9 @@ virDomainMemballoonDefFormat(virBufferPtr buf,
}
}
+ if (virBufferCheckError(&childrenBuf) < 0)
+ return -1;
+
if (!virBufferUse(&childrenBuf)) {
virBufferAddLit(buf, "/>\n");
} else {
@@ -23309,6 +23321,10 @@ static int virDomainPanicDefFormat(virBufferPtr buf,
virBufferAdjustIndent(&childrenBuf, indent + 2);
if (virDomainDeviceInfoFormat(&childrenBuf, &def->info, 0) < 0)
return -1;
+
+ if (virBufferCheckError(&childrenBuf) < 0)
+ return -1;
+
if (virBufferUse(&childrenBuf)) {
virBufferAddLit(buf, ">\n");
virBufferAddBuffer(buf, &childrenBuf);
@@ -23655,6 +23671,9 @@ virDomainInputDefFormat(virBufferPtr buf,
if (virDomainDeviceInfoFormat(&childbuf, &def->info, flags) < 0)
return -1;
+ if (virBufferCheckError(&childbuf) < 0)
+ return -1;
+
if (!virBufferUse(&childbuf)) {
virBufferAddLit(buf, "/>\n");
} else {
@@ -24596,6 +24615,9 @@ virDomainCputuneDefFormat(virBufferPtr buf,
def->iothreadids[i]->iothread_id);
}
+ if (virBufferCheckError(&childrenBuf) < 0)
+ return -1;
+
if (virBufferUse(&childrenBuf)) {
virBufferAddLit(buf, "<cputune>\n");
virBufferAddBuffer(buf, &childrenBuf);
@@ -24709,7 +24731,8 @@ virDomainIOMMUDefFormat(virBufferPtr buf,
virBufferAsprintf(buf, "<iommu model='%s'",
virDomainIOMMUModelTypeToString(iommu->model));
- if (virBufferUse(&childBuf)) {
+
+ if (virBufferError(&childBuf) != 0 || virBufferUse(&childBuf)) {
virBufferAddLit(buf, ">\n");
virBufferAddBuffer(buf, &childBuf);
virBufferAddLit(buf, "</iommu>\n");
@@ -24847,6 +24870,10 @@ virDomainDefFormatInternal(virDomainDefPtr def,
virBufferAdjustIndent(&childrenBuf, -2);
virBufferAddLit(&childrenBuf, "</device>\n");
}
+
+ if (virBufferCheckError(&childrenBuf) < 0)
+ goto error;
+
if (virBufferUse(&childrenBuf)) {
virBufferAddLit(buf, "<blkiotune>\n");
virBufferAddBuffer(buf, &childrenBuf);
--
2.13.0
More information about the libvir-list
mailing list