[Libvir] [PATCH] Handle failed strdup and malloc.

Wednesday, 14 November 2007

I noticed a bunch of unchecked strdup's in a row,
and audited the rest of the file:

	Handle failed strdup and malloc.

	* src/remote_internal.c: Don't dereference NULL after
	failed strdup or malloc in doRemoteOpen.

---
 src/remote_internal.c |   22 ++++++++++++++++++++++
 1 files changed, 22 insertions(+), 0 deletions(-)

diff --git a/src/remote_internal.c b/src/remote_internal.c
index 1420a88..bd8b5a7 100644
--- a/src/remote_internal.c
+++ b/src/remote_internal.c
@@ -522,6 +522,10 @@ doRemoteOpen (virConnectPtr conn, struct private_data *priv, const
char *uri_str
                     sockname = strdup (LIBVIRTD_PRIV_UNIX_SOCKET_RO);
                 else
                     sockname = strdup (LIBVIRTD_PRIV_UNIX_SOCKET);
+                if (sockname == NULL) {
+                    error (NULL, VIR_ERR_SYSTEM_ERROR, strerror (errno));
+                    goto failed;
+                }
             }
         }
 
@@ -576,10 +580,19 @@ doRemoteOpen (virConnectPtr conn, struct private_data *priv, const
char *uri_str
         if (no_tty) nr_args += 5;   /* For -T -o BatchMode=yes -e none */
 
         command = command ? : strdup ("ssh");
+        if (command == NULL) {
+            error (NULL, VIR_ERR_SYSTEM_ERROR, strerror (errno));
+            goto failed;
+        }
 
         // Generate the final command argv[] array.
         //   ssh -p $port [-l $username] $hostname $netcat -U $sockname [NULL]
         cmd_argv = malloc (nr_args * sizeof (char *));
+        if (cmd_argv == NULL) {
+            error (NULL, VIR_ERR_SYSTEM_ERROR, strerror (errno));
+            goto failed;
+        }
+
         j = 0;
         cmd_argv[j++] = strdup (command);
         cmd_argv[j++] = strdup ("-p");
@@ -601,6 +614,11 @@ doRemoteOpen (virConnectPtr conn, struct private_data *priv, const
char *uri_str
         cmd_argv[j++] = strdup (sockname ? sockname : LIBVIRTD_PRIV_UNIX_SOCKET);
         cmd_argv[j++] = 0;
         assert (j == nr_args);
+        for (j = 0; j < nr_args; j++)
+            if (cmd_argv[j] == NULL) {
+                error (NULL, VIR_ERR_SYSTEM_ERROR, strerror (ENOMEM));
+                goto failed;
+            }
     }
 
         /*FALLTHROUGH*/
@@ -633,6 +651,10 @@ doRemoteOpen (virConnectPtr conn, struct private_data *priv, const
char *uri_str
             // Run the external process.
             if (!cmd_argv) {
                 cmd_argv = malloc (2 * sizeof (char *));
+                if (cmd_argv == NULL) {
+                    error (NULL, VIR_ERR_SYSTEM_ERROR, strerror (errno));
+                    goto failed;
+                }
                 cmd_argv[0] = command;
                 cmd_argv[1] = 0;
             }
-- 
1.5.3.5.666.gfb5f


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005