2011/5/18 Daniel P. Berrange <berrange(a)redhat.com>:
strerror_r() is free to not set any error string, if the passed
errno is not valid. It may, however, still return a pointer to
the original passed in buffer. This resulting in random garbage
from the stack being present as the error string.
To reliably detect case where no error string is set, pre-init
the buffer to all-zeros, and then check for empty string after
calling sterror_r
* src/util/virterror.c: Ensure virStrerror always sets an
error string
---
src/util/virterror.c | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/src/util/virterror.c b/src/util/virterror.c
index 2d7309a..eff8468 100644
--- a/src/util/virterror.c
+++ b/src/util/virterror.c
@@ -1267,9 +1267,13 @@ const char *virStrerror(int theerrno, char *errBuf, size_t
errBufLen)
int save_errno = errno;
const char *ret;
+ memset(errBuf, 0, errBufLen);
strerror_r(theerrno, errBuf, errBufLen);
ret = errBuf;
errno = save_errno;
+
+ if (ret[0] == '\0')
+ strncpy(errBuf, _("Unknown errno"), errBufLen);
return ret;
}
--
1.7.4.4
I wonder in what situation you managed to notice this problem :)
This doesn't pass make syntax-check because of strncpy. virStrncpy
should be used instead, but this might result in not setting any error
string at all when the buffer is to small. On the other hand we
commonly use 1k buffers with virStrerror.
Matthias