[libvirt] [PATCH] util: require command args to be non-NULL

Daniel P. Berrangé posted 1 patch 5 years, 3 months ago
Test syntax-check passed
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/libvirt tags/patchew/20181217132026.5451-1-berrange@redhat.com
src/util/vircommand.c                                | 10 ++++++++++
tests/storagevolxml2argvdata/qcow2-zerocapacity.argv |  2 +-
tests/storagevolxml2xmlin/vol-qcow2-zerocapacity.xml |  1 +
3 files changed, 12 insertions(+), 1 deletion(-)
[libvirt] [PATCH] util: require command args to be non-NULL
Posted by Daniel P. Berrangé 5 years, 3 months ago
The virCommand APIs do not expect to be given a NULL value for an arg
name or value. Such a mistake can lead to execution of the wrong
command, as the NULL may prematurely terminate the list of args.
Detect this and report suitable error messages.

This identified a flaw in the storage test which was passing a NULL
instead of the volume path. This flaw was then validated by an incorrect
set of qemu-img args as expected data.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
 src/util/vircommand.c                                | 10 ++++++++++
 tests/storagevolxml2argvdata/qcow2-zerocapacity.argv |  2 +-
 tests/storagevolxml2xmlin/vol-qcow2-zerocapacity.xml |  1 +
 3 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/src/util/vircommand.c b/src/util/vircommand.c
index 3559f4bafa..d965068369 100644
--- a/src/util/vircommand.c
+++ b/src/util/vircommand.c
@@ -1498,6 +1498,12 @@ virCommandAddArg(virCommandPtr cmd, const char *val)
     if (!cmd || cmd->has_error)
         return;
 
+    if (val == NULL) {
+        cmd->has_error = EINVAL;
+        abort();
+        return;
+    }
+
     if (VIR_STRDUP_QUIET(arg, val) < 0) {
         cmd->has_error = ENOMEM;
         return;
@@ -1595,6 +1601,10 @@ virCommandAddArgFormat(virCommandPtr cmd, const char *format, ...)
 void
 virCommandAddArgPair(virCommandPtr cmd, const char *name, const char *val)
 {
+    if (name == NULL || val == NULL) {
+        cmd->has_error = EINVAL;
+        return;
+    }
     virCommandAddArgFormat(cmd, "%s=%s", name, val);
 }
 
diff --git a/tests/storagevolxml2argvdata/qcow2-zerocapacity.argv b/tests/storagevolxml2argvdata/qcow2-zerocapacity.argv
index d83b08b342..45894931ae 100644
--- a/tests/storagevolxml2argvdata/qcow2-zerocapacity.argv
+++ b/tests/storagevolxml2argvdata/qcow2-zerocapacity.argv
@@ -1 +1 @@
-qemu-img create -f qcow2 -o compat=0.10  0K
+qemu-img create -f qcow2 -o compat=0.10 /var/lib/libvirt/images/OtherDemo.img 0K
diff --git a/tests/storagevolxml2xmlin/vol-qcow2-zerocapacity.xml b/tests/storagevolxml2xmlin/vol-qcow2-zerocapacity.xml
index 1d1e6deac0..027a73b4bf 100644
--- a/tests/storagevolxml2xmlin/vol-qcow2-zerocapacity.xml
+++ b/tests/storagevolxml2xmlin/vol-qcow2-zerocapacity.xml
@@ -1,6 +1,7 @@
 <volume>
   <name>OtherDemo.img</name>
   <target>
+    <path>/var/lib/libvirt/images/OtherDemo.img</path>
     <format type="qcow2"/>
   </target>
   <capacity>0</capacity>
-- 
2.19.2

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] util: require command args to be non-NULL
Posted by Michal Privoznik 5 years, 3 months ago
On 12/17/18 2:20 PM, Daniel P. Berrangé wrote:
> The virCommand APIs do not expect to be given a NULL value for an arg
> name or value. Such a mistake can lead to execution of the wrong
> command, as the NULL may prematurely terminate the list of args.
> Detect this and report suitable error messages.
> 
> This identified a flaw in the storage test which was passing a NULL
> instead of the volume path. This flaw was then validated by an incorrect
> set of qemu-img args as expected data.
> 
> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
> ---
>  src/util/vircommand.c                                | 10 ++++++++++
>  tests/storagevolxml2argvdata/qcow2-zerocapacity.argv |  2 +-
>  tests/storagevolxml2xmlin/vol-qcow2-zerocapacity.xml |  1 +

ACK

And also now you push the other patch unchanged.

Michal

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list