Re: [libvirt] [PATCH 1/3] vircommand: Ensure buffers are NULL-terminated
On Tue, Feb 05, 2019 at 04:16:21PM +0100, Andrea Bolognani wrote:
The memory allocated by VIR_REALLOC_N() is uninitialized,
which means it's not possible to figure out whether any
output was produced at all after the fact.
I really wish we had never added the VIR_REALLOC_N function.
One of the best things about VIR_ALLOC/VIR_EXPAND/VIR_RESIZE
are that they remove all bugs related to use of uninitialized
memory. We really ought to try to eliminate use of VIR_REALLOC_N
in favour of the other safer functions throughout the code.
Signed-off-by: Andrea Bolognani <abologna(a)redhat.com>
---
src/util/vircommand.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/util/vircommand.c b/src/util/vircommand.c
index d965068369..6e9e56d0c0 100644
--- a/src/util/vircommand.c
+++ b/src/util/vircommand.c
@@ -2057,11 +2057,13 @@ virCommandProcessIO(virCommandPtr cmd)
outfd = cmd->outfd;
if (VIR_REALLOC_N(*cmd->outbuf, 1) < 0)
ret = -1;
+ *cmd->outbuf[0] = '\0';
}
if (cmd->errbuf) {
errfd = cmd->errfd;
if (VIR_REALLOC_N(*cmd->errbuf, 1) < 0)
ret = -1;
+ *cmd->errbuf[0] = '\0';
Here we don't really care about the original contents on outbuf/errbuf.
I'd probably go for making that explicit by replacing VIR_REALLOC_N
with VIR_FREE + VIR_ALLOC_N
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|