[libvirt] [PATCH] util: Fix segmentation fault when seclabel fails to allocate memory

jcfaracco@gmail.com posted 1 patch 2 weeks ago
Test syntax-check passed
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/libvirt tags/patchew/20191102042851.21674-1-jcfaracco@gmail.com
src/util/virseclabel.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

[libvirt] [PATCH] util: Fix segmentation fault when seclabel fails to allocate memory

Posted by jcfaracco@gmail.com 2 weeks ago
From: Julio Faracco <jcfaracco@gmail.com>

In function virSecurityDeviceLabelDefNew(), when libvirt fails to
allocate seclabel structure it returns a failure. This case is setting
seclabel as a NULL pointer and accessing its attribute below. This
commit fixes this wrong logic.

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
---
 src/util/virseclabel.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/util/virseclabel.c b/src/util/virseclabel.c
index a2b5ebf6b7..2141d84210 100644
--- a/src/util/virseclabel.c
+++ b/src/util/virseclabel.c
@@ -77,7 +77,7 @@ virSecurityDeviceLabelDefNew(const char *model)
 
     if (VIR_ALLOC(seclabel) < 0) {
         virSecurityDeviceLabelDefFree(seclabel);
-        seclabel = NULL;
+        return NULL;
     }
 
     seclabel->model = g_strdup(model);
-- 
2.20.1

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH] util: Fix segmentation fault when seclabel fails to allocate memory

Posted by Ján Tomko 1 week ago
On Sat, Nov 02, 2019 at 01:28:51AM -0300, jcfaracco@gmail.com wrote:
>From: Julio Faracco <jcfaracco@gmail.com>
>
>In function virSecurityDeviceLabelDefNew(), when libvirt fails to
>allocate seclabel structure it returns a failure. This case is setting
>seclabel as a NULL pointer and accessing its attribute below. This
>commit fixes this wrong logic.
>

As of [0]:
commit 52117fa97e46d27718eaeb92534a0f5800c326ef
Author:     Daniel P. Berrangé <berrange@redhat.com>
CommitDate: 2019-09-13 10:05:17 +0100

    util: make allocation functions abort on OOM

libvirt's allocation functions never fail.
This change was made to allow usage of GLib allocation functions, which
also abort on OOM.

>Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
>---
> src/util/virseclabel.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
>diff --git a/src/util/virseclabel.c b/src/util/virseclabel.c
>index a2b5ebf6b7..2141d84210 100644
>--- a/src/util/virseclabel.c
>+++ b/src/util/virseclabel.c
>@@ -77,7 +77,7 @@ virSecurityDeviceLabelDefNew(const char *model)
>
>     if (VIR_ALLOC(seclabel) < 0) {

So everything inside this if is dead code waiting to be cleaned up.

See:
https://libvirt.org/hacking.html#glib
for the GLib equivalents of functions for allocation.

Jano

>         virSecurityDeviceLabelDefFree(seclabel);
>-        seclabel = NULL;
>+        return NULL;
>     }
>
>     seclabel->model = g_strdup(model);
>-- 
>2.20.1
>
>--
>libvir-list mailing list
>libvir-list@redhat.com
>https://www.redhat.com/mailman/listinfo/libvir-list

[0] https://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=52117fa97e46d
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list