[libvirt] [PATCH v2 4/4] libvirt-<module>: Check caller-provided buffers to be NULL with size > 0
Daniel P. Berrangé
berrange at redhat.com
Thu Nov 21 10:50:55 UTC 2019
On Thu, Nov 21, 2019 at 09:58:32AM +0100, Erik Skultety wrote:
> Pre-Glib era which used malloc allowed the size of the client-side
> buffers to be declared as 0, because malloc documents that it can either
> return 0 or a unique pointer on 0 size allocations.
> With glib this doesn't work anymore, because glib documents that for
> such allocation requests NULL is always returned which results in an
> error in our public API checks server-side.
> This patch complements the fix in the RPC layer by explicitly erroring
> out on the following combination of args used by our legacy APIs (their
> moder equivalents don't suffer from this):
>
> function(caller-allocated-array, size, ...) {
> if (!caller-allocated-array && size > 0)
> return error;
> }
>
> treating everything else as a valid input and potentially let that fail
> on the server-side rather than client-side.
>
> Signed-off-by: Erik Skultety <eskultet at redhat.com>
> ---
> src/internal.h | 13 +++++++++++++
> src/libvirt-domain-snapshot.c | 4 ++--
> src/libvirt-domain.c | 21 ++++++---------------
> src/libvirt-host.c | 2 +-
> src/libvirt-interface.c | 4 ++--
> src/libvirt-network.c | 4 ++--
> src/libvirt-nodedev.c | 4 ++--
> src/libvirt-nwfilter.c | 2 +-
> src/libvirt-secret.c | 2 +-
> src/libvirt-storage.c | 6 +++---
> 10 files changed, 33 insertions(+), 29 deletions(-)
> @@ -11136,10 +11133,7 @@ virDomainFSFreeze(virDomainPtr dom,
>
> virCheckDomainReturn(dom, -1);
> virCheckReadOnlyGoto(dom->conn->flags, error);
> - if (nmountpoints)
> - virCheckNonNullArgGoto(mountpoints, error);
> - else
> - virCheckNullArgGoto(mountpoints, error);
Interesting, so this actually returned an error if you did *not*
pass NULL when nmountpoints == 0, so this would be broken if
the caller's malloc() returned non-NULL region for size==0
> + virCheckNonNullArrayArgGoto(mountpoints, nmountpoints, error);
>
Reviewed-by: Daniel P. Berrangé <berrange at redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
More information about the libvir-list
mailing list