Re: [libvirt] [PATCH 1/4] Use explicit boolean comparison in OOM check
On Thu, Feb 23, 2017 at 09:41:12AM +0100, Michal Privoznik wrote:
On 02/22/2017 06:52 PM, Daniel P. Berrange wrote:
> GCC 7 gets upset by
>
> if (!tmp && (size * count))
>
> warning
>
> util/viralloc.c: In function 'virReallocN':
> util/viralloc.c:246:23: error: '*' in boolean context, suggest
'&&' instead [-Werror=int-in-bool-context]
> if (!tmp && (size * count)) {
> ~~~~~~^~~~~~~~
>
> Keep it happy by adding != 0 to the right hand expression
> so it realizes we really are wanting to treat the result
> of the arithmetic expression as a boolean
>
> Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
> ---
> src/util/viralloc.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/util/viralloc.c b/src/util/viralloc.c
> index 812aa5b..81f99d9 100644
> --- a/src/util/viralloc.c
> +++ b/src/util/viralloc.c
> @@ -243,7 +243,7 @@ int virReallocN(void *ptrptr,
> return -1;
> }
> tmp = realloc(*(void**)ptrptr, size * count);
> - if (!tmp && (size * count)) {
> + if (!tmp && ((size * count) != 0)) {
> if (report)
> virReportOOMErrorFull(domcode, filename, funcname, linenr);
> return -1;
>
This is just stupid. I mean the warning, not your fix.
It is a warning that is certainly going to trigger a non-negligible
number of false positives across various codebases, but I don't think
it is stupid. The pattern it is looking for here with mixed integer
and boolean operators has been a repeated source of bugs in software
and a number of them have resulted in CVEs before when they've been
mis-handling untrusted input validation or breaking crypto algorithms,
etc.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|