On 01/14/2014 10:43 PM, Eric Blake wrote:
Several APIs clear out a user input buffer before attempting to populate it; but in a few cases we missed this memset if we detect a reason for an early exit. Note that these APIs check for non-NULL arguments, and exit early with an error message when NULL is passed in; which means that we must be careful to avoid a NULL deref in order to get to that error message. Also, we were inconsistent on the use of sizeof(virType) vs. sizeof(expression); the latter is more robust if we ever change the type of the expression (although such action is unlikely since these types are part of our public API).
* src/libvirt.c (virDomainGetInfo, virDomainGetBlockInfo) (virStoragePoolGetInfo, virStorageVolGetInfo) (virDomainGetJobInfo, virDomainGetBlockJobInfo): Move memset before any returns.
Signed-off-by: Eric Blake <eblake@redhat.com> ---
v2 avoid null deref, prefer sizeof(expr)
src/libvirt.c | 29 +++++++++++++++++------------ 1 file changed, 17 insertions(+), 12 deletions(-)
@@ -8449,12 +8450,12 @@ virDomainGetBlockInfo(virDomainPtr domain, const char *disk,
virResetLastError();
if (info)
+ memset(info, 0, sizeof(*info)); +
virCheckDomainReturn(domain, -1); virCheckNonNullArgGoto(disk, error); virCheckNonNullArgGoto(info, error);
- memset(info, 0, sizeof(virDomainBlockInfo)); - conn = domain->conn;
if (conn->driver->domainGetBlockInfo) {
Jan