Re: [libvirt] [PATCH v2 6/7] virsh: Expose virNodeGetFreePages
On 06/16/2014 09:08 AM, Michal Privoznik wrote:
The new API is exposed under 'freepages' command.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
tools/virsh-host.c | 167 +++++++++++++++++++++++++++++++++++++++++++++++++++++
tools/virsh.pod | 8 +++
2 files changed, 175 insertions(+)
I'm working on a followup patch to fix several bugs...
+ {.name = "pagesize",
+ .type = VSH_OT_INT,
+ .help = N_("page size (in kibibites)")
s/bites/bytes/
+static bool
+cmdFreepages(vshControl *ctl, const vshCmd *cmd)
+{
+ bool ret = false;
+ unsigned int npages;
+ unsigned int *pagesize = NULL;
+ int cell;
+ unsigned long long *counts = NULL;
+ size_t i, j;
+ xmlNodePtr *nodes = NULL;
+ int nodes_cnt;
pagesize is an int...
+
+ nodes_cnt = virXPathNodeSet("/capabilities/host/cpu/pages", ctxt,
&nodes);
+
+ if (nodes_cnt <= 0) {
+ vshError(ctl, "%s", _("could not get information about
"
+ "supported page sizes"));
+ goto cleanup;
+ }
+
+ pagesize = vshMalloc(ctl, nodes_cnt * sizeof(*pagesize));
Risks multiplication overflow (probably unlikely in practice, but in
theory a super-large number of /capabilities/host/cpu/pages can
overflow). You're not the first culprit; we've got lots of abuse of
vshMalloc(, a * b) which should instead be using vshCalloc or VIR_ALLOC_N.
+
+ pagesize = vshMalloc(ctl, sizeof(*pagesize));
...so this allocates only 4 bytes...
+ if (vshCommandOptScaledInt(cmd, "pagesize",
(unsigned long long *) pagesize,
+ 1, UINT_MAX) < 0) {
...but this pointer cast causes a store through 8 bytes. Absolute
no-no. Clang caught it, and so will valgrind.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
Attachments:
- signature.asc (application/pgp-signature — 604 bytes)