lxc: Clang is complaining about possible NULL pointer.

[libvirt] [PATCH] lxc: Clang is complaining about possible NULL pointer.

Posted by Julio Faracco 7 years, 1 month ago

The array "mount" inside lxc_container is not being checked before for
loop. Clang syntax scan is complaining about this segmentation fault.

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
---
 src/lxc/lxc_container.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index 918194dacd..6b7bcd8eb6 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -871,7 +871,7 @@ static int lxcContainerSetReadOnly(void)
         qsort(mounts, nmounts, sizeof(mounts[0]),
               virStringSortRevCompare);
 
-    for (i = 0; i < nmounts; i++) {
+    for (i = 0; i < nmounts && mounts; i++) {
         VIR_DEBUG("Bind readonly %s", mounts[i]);
         if (mount(mounts[i], mounts[i], "none", MS_BIND|MS_REC|MS_RDONLY|MS_REMOUNT, NULL) < 0) {
             virReportSystemError(errno,
@@ -883,7 +883,7 @@ static int lxcContainerSetReadOnly(void)
 
     ret = 0;
  cleanup:
-    for (i = 0; i < nmounts; i++)
+    for (i = 0; i < nmounts && mounts; i++)
         VIR_FREE(mounts[i]);
     VIR_FREE(mounts);
     endmntent(procmnt);
-- 
2.17.1

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH] lxc: Clang is complaining about possible NULL pointer.

Posted by Pino Toscano 7 years, 1 month ago

On Monday, 5 November 2018 19:58:14 CET Julio Faracco wrote:
> The array "mount" inside lxc_container is not being checked before for
> loop. Clang syntax scan is complaining about this segmentation fault.
> 
> Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
> ---
>  src/lxc/lxc_container.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
> index 918194dacd..6b7bcd8eb6 100644
> --- a/src/lxc/lxc_container.c
> +++ b/src/lxc/lxc_container.c
> @@ -871,7 +871,7 @@ static int lxcContainerSetReadOnly(void)
>          qsort(mounts, nmounts, sizeof(mounts[0]),
>                virStringSortRevCompare);

The code here is:

    if (mounts)
        qsort(mounts, nmounts, sizeof(mounts[0]),
              virStringSortRevCompare);

Hence ...

> -    for (i = 0; i < nmounts; i++) {
> +    for (i = 0; i < nmounts && mounts; i++) {
>          VIR_DEBUG("Bind readonly %s", mounts[i]);
>          if (mount(mounts[i], mounts[i], "none", MS_BIND|MS_REC|MS_RDONLY|MS_REMOUNT, NULL) < 0) {
>              virReportSystemError(errno,

... IMHO it is a better idea to move the whole for loop inside the
'if (mounts)' above.

> @@ -883,7 +883,7 @@ static int lxcContainerSetReadOnly(void)
>  
>      ret = 0;
>   cleanup:
> -    for (i = 0; i < nmounts; i++)
> +    for (i = 0; i < nmounts && mounts; i++)
>          VIR_FREE(mounts[i]);

Same idea here: just use a simple if to detect when 'mounts' is non-null.

-- 
Pino Toscano--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list