On Tue, Feb 05, 2019 at 04:16:21PM +0100, Andrea Bolognani wrote:
The memory allocated by VIR_REALLOC_N() is uninitialized, which means it's not possible to figure out whether any output was produced at all after the fact.
I really wish we had never added the VIR_REALLOC_N function. One of the best things about VIR_ALLOC/VIR_EXPAND/VIR_RESIZE are that they remove all bugs related to use of uninitialized memory. We really ought to try to eliminate use of VIR_REALLOC_N in favour of the other safer functions throughout the code.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/util/vircommand.c | 2 ++ 1 file changed, 2 insertions(+)
diff --git a/src/util/vircommand.c b/src/util/vircommand.c index d965068369..6e9e56d0c0 100644 --- a/src/util/vircommand.c +++ b/src/util/vircommand.c @@ -2057,11 +2057,13 @@ virCommandProcessIO(virCommandPtr cmd) outfd = cmd->outfd; if (VIR_REALLOC_N(*cmd->outbuf, 1) < 0) ret = -1; + *cmd->outbuf[0] = '\0'; } if (cmd->errbuf) { errfd = cmd->errfd; if (VIR_REALLOC_N(*cmd->errbuf, 1) < 0) ret = -1; + *cmd->errbuf[0] = '\0';
Here we don't really care about the original contents on outbuf/errbuf. I'd probably go for making that explicit by replacing VIR_REALLOC_N with VIR_FREE + VIR_ALLOC_N Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|