5:42 a.m.
The changes in commit c7542573 introduced possible segfault. Looking
deeper into the code and the original code before the patch series were
applied I think that we should report error for each function failure
and also we shouldn't call some of the function twice.
Found by coverity.
Signed-off-by: Pavel Hrdina <phrdina(a)redhat.com>
---
src/access/viraccessdriverpolkit.c | 20 +++++++++-----------
1 file changed, 9 insertions(+), 11 deletions(-)
diff --git a/src/access/viraccessdriverpolkit.c b/src/access/viraccessdriverpolkit.c
index 2bc1842..3136be7 100644
--- a/src/access/viraccessdriverpolkit.c
+++ b/src/access/viraccessdriverpolkit.c
@@ -87,24 +87,22 @@ virAccessDriverPolkitGetCaller(const char *actionid,
actionid);
return -1;
}
- if (virIdentityGetUNIXProcessID(identity, pid) < 0)
- goto cleanup;
- if (virIdentityGetUNIXProcessTime(identity, startTime) < 0)
- goto cleanup;
- if (virIdentityGetUNIXUserID(identity, uid) < 0)
- goto cleanup;
- if (!pid) {
+ if (virIdentityGetUNIXProcessID(identity, pid) < 0) {
virAccessError(VIR_ERR_INTERNAL_ERROR, "%s",
_("No UNIX process ID available"));
goto cleanup;
}
-
- if (virIdentityGetUNIXProcessTime(identity, startTime) < 0)
+ if (virIdentityGetUNIXProcessTime(identity, startTime) < 0) {
+ virAccessError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("No UNIX process start time available"));
goto cleanup;
-
- if (virIdentityGetUNIXUserID(identity, uid) < 0)
+ }
+ if (virIdentityGetUNIXUserID(identity, uid) < 0) {
+ virAccessError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("No UNIX caller UID available"));
goto cleanup;
+ }
ret = 0;
--
1.8.5.5
5:48 a.m.
On Thu, Sep 25, 2014 at 12:42:09PM +0200, Pavel Hrdina wrote:
The changes in commit c7542573 introduced possible segfault. Looking
deeper into the code and the original code before the patch series were
applied I think that we should report error for each function failure
and also we shouldn't call some of the function twice.
Found by coverity.
Signed-off-by: Pavel Hrdina <phrdina(a)redhat.com>
---
src/access/viraccessdriverpolkit.c | 20 +++++++++-----------
1 file changed, 9 insertions(+), 11 deletions(-)
diff --git a/src/access/viraccessdriverpolkit.c b/src/access/viraccessdriverpolkit.c
index 2bc1842..3136be7 100644
--- a/src/access/viraccessdriverpolkit.c
+++ b/src/access/viraccessdriverpolkit.c
@@ -87,24 +87,22 @@ virAccessDriverPolkitGetCaller(const char *actionid,
actionid);
return -1;
}
- if (virIdentityGetUNIXProcessID(identity, pid) < 0)
- goto cleanup;
- if (virIdentityGetUNIXProcessTime(identity, startTime) < 0)
- goto cleanup;
- if (virIdentityGetUNIXUserID(identity, uid) < 0)
- goto cleanup;
- if (!pid) {
+ if (virIdentityGetUNIXProcessID(identity, pid) < 0) {
virAccessError(VIR_ERR_INTERNAL_ERROR, "%s",
_("No UNIX process ID available"));
goto cleanup;
}
-
- if (virIdentityGetUNIXProcessTime(identity, startTime) < 0)
+ if (virIdentityGetUNIXProcessTime(identity, startTime) < 0) {
+ virAccessError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("No UNIX process start time available"));
goto cleanup;
-
- if (virIdentityGetUNIXUserID(identity, uid) < 0)
+ }
+ if (virIdentityGetUNIXUserID(identity, uid) < 0) {
+ virAccessError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("No UNIX caller UID available"));
goto cleanup;
+ }
ACK, that duplication comes from a merge rebase error.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
5:58 a.m.
On 09/25/2014 12:48 PM, Daniel P. Berrange wrote:
On Thu, Sep 25, 2014 at 12:42:09PM +0200, Pavel Hrdina wrote:
> The changes in commit c7542573 introduced possible segfault. Looking
> deeper into the code and the original code before the patch series were
> applied I think that we should report error for each function failure
> and also we shouldn't call some of the function twice.
>
> Found by coverity.
>
> Signed-off-by: Pavel Hrdina <phrdina(a)redhat.com>
> ---
> src/access/viraccessdriverpolkit.c | 20 +++++++++-----------
> 1 file changed, 9 insertions(+), 11 deletions(-)
>
> diff --git a/src/access/viraccessdriverpolkit.c b/src/access/viraccessdriverpolkit.c
> index 2bc1842..3136be7 100644
> --- a/src/access/viraccessdriverpolkit.c
> +++ b/src/access/viraccessdriverpolkit.c
> @@ -87,24 +87,22 @@ virAccessDriverPolkitGetCaller(const char *actionid,
> actionid);
> return -1;
> }
> - if (virIdentityGetUNIXProcessID(identity, pid) < 0)
> - goto cleanup;
> - if (virIdentityGetUNIXProcessTime(identity, startTime) < 0)
> - goto cleanup;
> - if (virIdentityGetUNIXUserID(identity, uid) < 0)
> - goto cleanup;
>
> - if (!pid) {
> + if (virIdentityGetUNIXProcessID(identity, pid) < 0) {
> virAccessError(VIR_ERR_INTERNAL_ERROR, "%s",
> _("No UNIX process ID available"));
> goto cleanup;
> }
> -
> - if (virIdentityGetUNIXProcessTime(identity, startTime) < 0)
> + if (virIdentityGetUNIXProcessTime(identity, startTime) < 0) {
> + virAccessError(VIR_ERR_INTERNAL_ERROR, "%s",
> + _("No UNIX process start time available"));
> goto cleanup;
> -
> - if (virIdentityGetUNIXUserID(identity, uid) < 0)
> + }
> + if (virIdentityGetUNIXUserID(identity, uid) < 0) {
> + virAccessError(VIR_ERR_INTERNAL_ERROR, "%s",
> + _("No UNIX caller UID available"));
> goto cleanup;
> + }
>
ACK, that duplication comes from a merge rebase error.
Regards,
Daniel
Thanks, pushed.
Pavel
3714
days inactive
3714
days old
2 comments
2 participants
participants (2)
-
Daniel P. Berrange -
Pavel Hrdina