Sorry for the ping, I worry this patch was missed, because its my first contribution and I've sent patch without subscription and it was delayed. 21.01.2026 10:41, Dmitry Lopatin пишет:
Add missing return value checks to fix the following issues reported by the static analyzer:
- vah_add_file() call when adding render node path to the AppArmor profile (line 1029) was not checked, while there are examples with return code check throughout the code.
- vah_add_file() call when adding default render node path (line 1037) had the same issue.
- virDriverLoadModule() call when loading the storage driver (line 908) was not checked, while there are examples with return code check throughout the code.
Signed-off-by: Dmitry Lopatin <dmitry.lopatin@flant.com> --- src/security/virt-aa-helper.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c index 067a17f331..07e5882237 100644 --- a/src/security/virt-aa-helper.c +++ b/src/security/virt-aa-helper.c @@ -905,7 +905,8 @@ get_files(vahControl * ctl)
/* load the storage driver so that backing store can be accessed */ #ifdef WITH_STORAGE - virDriverLoadModule("storage", "storageRegister", false); + if (virDriverLoadModule("storage", "storageRegister", false) < 0) + goto cleanup; #endif
for (i = 0; i < ctl->def->ndisks; i++) { @@ -1026,7 +1027,8 @@ get_files(vahControl * ctl) const char *rendernode = virDomainGraphicsGetRenderNode(graphics);
if (rendernode) { - vah_add_file(&buf, rendernode, "rw"); + if (vah_add_file(&buf, rendernode, "rw") != 0) + goto cleanup; needsgl = true; } else { if (virDomainGraphicsNeedsAutoRenderNode(graphics)) { @@ -1034,7 +1036,8 @@ get_files(vahControl * ctl) needsgl = true;
if (defaultRenderNode) { - vah_add_file(&buf, defaultRenderNode, "rw"); + if (vah_add_file(&buf, defaultRenderNode, "rw") != 0) + goto cleanup; VIR_FREE(defaultRenderNode); } }