Coverity noted that each of the fmemopen called used the strlen value
in order to allocate space, but that neglected space for terminating
null string. So just add 1 to the strlen.
Signed-off-by: John Ferlan <jferlan@redhat.com>
---
tests/vircgroupmock.c | 21 ++++++++++++---------
1 file changed, 12 insertions(+), 9 deletions(-)
diff --git a/tests/vircgroupmock.c b/tests/vircgroupmock.c
index d512417789..6587fb3c7e 100644
--- a/tests/vircgroupmock.c
+++ b/tests/vircgroupmock.c
@@ -466,12 +466,13 @@ FILE *fopen(const char *path, const char *mode)
if (STREQ(mode, "r")) {
if (allinone)
return fmemopen((void *)procmountsallinone,
- strlen(procmountsallinone), mode);
+ strlen(procmountsallinone) + 1, mode);
else if (logind)
return fmemopen((void *)procmountslogind,
- strlen(procmountslogind), mode);
+ strlen(procmountslogind) + 1, mode);
else
- return fmemopen((void *)procmounts, strlen(procmounts), mode);
+ return fmemopen((void *)procmounts,
+ strlen(procmounts) + 1, mode);
} else {
errno = EACCES;
return NULL;
@@ -481,12 +482,13 @@ FILE *fopen(const char *path, const char *mode)
if (STREQ(mode, "r")) {
if (allinone)
return fmemopen((void *)proccgroupsallinone,
- strlen(proccgroupsallinone), mode);
+ strlen(proccgroupsallinone) + 1, mode);
else if (logind)
return fmemopen((void *)proccgroupslogind,
- strlen(proccgroupslogind), mode);
+ strlen(proccgroupslogind) + 1, mode);
else
- return fmemopen((void *)proccgroups, strlen(proccgroups), mode);
+ return fmemopen((void *)proccgroups,
+ strlen(proccgroups) + 1, mode);
} else {
errno = EACCES;
return NULL;
@@ -496,12 +498,13 @@ FILE *fopen(const char *path, const char *mode)
if (STREQ(mode, "r")) {
if (allinone)
return fmemopen((void *)procselfcgroupsallinone,
- strlen(procselfcgroupsallinone), mode);
+ strlen(procselfcgroupsallinone) + 1, mode);
else if (logind)
return fmemopen((void *)procselfcgroupslogind,
- strlen(procselfcgroupslogind), mode);
+ strlen(procselfcgroupslogind) + 1, mode);
else
- return fmemopen((void *)procselfcgroups, strlen(procselfcgroups), mode);
+ return fmemopen((void *)procselfcgroups,
+ strlen(procselfcgroups) + 1, mode);
} else {
errno = EACCES;
return NULL;
--
2.17.1
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
On Thu, Sep 20, 2018 at 05:34:36PM -0400, John Ferlan wrote: > In virDomainMemoryDefParseXML and virDomainVideoDefParseXML if > the VIR_ALLOC fails and NULL is returned, then the alteration > to ctxt->node isn't reversed. > > Found by Coverity > > Signed-off-by: John Ferlan <jferlan@redhat.com> > --- Reviewed-by: Erik Skultety <eskultet@redhat.com> -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
On Thu, Sep 20, 2018 at 05:34:38PM -0400, John Ferlan wrote: > Coverity noted that each of the fmemopen called used the strlen value > in order to allocate space, but that neglected space for terminating > null string. So just add 1 to the strlen. > > Signed-off-by: John Ferlan <jferlan@redhat.com> > --- Reviewed-by: Erik Skultety <eskultet@redhat.com> Although, I'm wondering whether it's worth having an internal wrapper like the STREQ stuff we have to mitigate the off-by-1 errors in cases like these, but I guess there would be cases, where that might be undesirable. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
© 2016 - 2026 Red Hat, Inc.