On Tue, May 31, 2016 at 12:55:06 +0200, Peter Krempa wrote:
On Tue, May 31, 2016 at 12:33:33 +0200, Michal Privoznik wrote:
Gcc fails to see that virDomainChrGetDomainPtrsInternal always sets pointers to a non NULL value (except for chr device type VIR_DOMAIN_CHR_DEVICE_TYPE_LAST which if occurs, we are in way bigger problem than NULL deref).
In file included from conf/domain_conf.c:37:0: conf/domain_conf.c: In function 'virDomainChrPreAlloc': conf/domain_conf.c:14109:35: error: potential null pointer dereference [-Werror=null-dereference] return VIR_REALLOC_N(*arrPtr, *cntPtr + 1); ^~ ./util/viralloc.h:158:73: note: in definition of macro 'VIR_REALLOC_N' # define VIR_REALLOC_N(ptr, count) virReallocN(&(ptr), sizeof(*(ptr)), (count), \ ^~~~~ conf/domain_conf.c: In function 'virDomainChrRemove': conf/domain_conf.c:14133:21: error: potential null pointer dereference [-Werror=null-dereference] for (i = 0; i < *cntPtr; i++) { ^~~~~~~ cc1: all warnings being treated as errors
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> --- src/conf/domain_conf.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 3daeb1e..67ed4d7 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -14106,6 +14106,12 @@ virDomainChrPreAlloc(virDomainDefPtr vmdef,
virDomainChrGetDomainPtrsInternal(vmdef, chr->deviceType, &arrPtr, &cntPtr);
+ if (!arrPtr || !cntPtr) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("Impossible happened")); + return -1; + } + return VIR_REALLOC_N(*arrPtr, *cntPtr + 1); }
NACK
virDomainChrGetDomainPtrsInternal can be made to return failure if the type is invalid rather than open-coding this multiple times. Additionally the error message is weird.