[libvirt] [PATCH v2] completer: Doesn't alloc enough space for null terminated array of strings
Simon Kobyda
skobyda at redhat.com
Thu Jul 12 14:00:08 UTC 2018
Functions virshSecretEventNameCompleter, virshPoolEventNameCompleter,
virshNodedevEventNameCompleter allocates only enough space
for array of N strings.
However these are null terminated strings, so program needs to
alloc space for array of N+1 strings.
How to replicate error: valgrind virsh, use completer for
'-nodedev-event --event' or '-pool-event --event' or
'-secret-event --event'.
Signed-off-by: Simon Kobyda <skobyda at redhat.com>
---
Changes in V2:
- Added "Signed-off-by"
- Changed format of commit message to make it more
readable
tools/virsh-completer.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/tools/virsh-completer.c b/tools/virsh-completer.c
index 2327e08340..be59ea2e82 100644
--- a/tools/virsh-completer.c
+++ b/tools/virsh-completer.c
@@ -709,7 +709,7 @@ virshSecretEventNameCompleter(vshControl *ctl ATTRIBUTE_UNUSED,
virCheckFlags(0, NULL);
- if (VIR_ALLOC_N(ret, VIR_SECRET_EVENT_ID_LAST) < 0)
+ if (VIR_ALLOC_N(ret, VIR_SECRET_EVENT_ID_LAST + 1) < 0)
goto error;
for (i = 0; i < VIR_SECRET_EVENT_ID_LAST; i++) {
@@ -761,7 +761,7 @@ virshPoolEventNameCompleter(vshControl *ctl ATTRIBUTE_UNUSED,
virCheckFlags(0, NULL);
- if (VIR_ALLOC_N(ret, VIR_STORAGE_POOL_EVENT_ID_LAST) < 0)
+ if (VIR_ALLOC_N(ret, VIR_STORAGE_POOL_EVENT_ID_LAST + 1) < 0)
goto error;
for (i = 0; i < VIR_STORAGE_POOL_EVENT_ID_LAST; i++) {
@@ -787,7 +787,7 @@ virshNodedevEventNameCompleter(vshControl *ctl ATTRIBUTE_UNUSED,
virCheckFlags(0, NULL);
- if (VIR_ALLOC_N(ret, VIR_NODE_DEVICE_EVENT_ID_LAST) < 0)
+ if (VIR_ALLOC_N(ret, VIR_NODE_DEVICE_EVENT_ID_LAST + 1) < 0)
goto error;
for (i = 0; i < VIR_NODE_DEVICE_EVENT_ID_LAST; i++) {
--
2.17.1
More information about the libvir-list
mailing list