target/xtensa/translate.c | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-)
malloc() return value is used without a check.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Signed-off-by: Dmitry Frolov <frolov@swemel.ru>
---
target/xtensa/translate.c | 9 ++-------
1 file changed, 2 insertions(+), 7 deletions(-)
diff --git a/target/xtensa/translate.c b/target/xtensa/translate.c
index 34ae2f4e16..42ef8d3eb9 100644
--- a/target/xtensa/translate.c
+++ b/target/xtensa/translate.c
@@ -112,13 +112,8 @@ void xtensa_collect_sr_names(const XtensaConfig *config)
if (*pname) {
if (strstr(*pname, name) == NULL) {
- char *new_name =
- malloc(strlen(*pname) + strlen(name) + 2);
-
- strcpy(new_name, *pname);
- strcat(new_name, "/");
- strcat(new_name, name);
- free(*pname);
+ char *new_name = g_strdup_printf("%s/%s", *pname, name);
+ g_free(*pname);
*pname = new_name;
}
} else {
--
2.34.1On Tue, Jul 29, 2025 at 4:12 AM Dmitry Frolov <frolov@swemel.ru> wrote:
>
> malloc() return value is used without a check.
>
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
>
> Signed-off-by: Dmitry Frolov <frolov@swemel.ru>
> ---
> target/xtensa/translate.c | 9 ++-------
> 1 file changed, 2 insertions(+), 7 deletions(-)
>
> diff --git a/target/xtensa/translate.c b/target/xtensa/translate.c
> index 34ae2f4e16..42ef8d3eb9 100644
> --- a/target/xtensa/translate.c
> +++ b/target/xtensa/translate.c
> @@ -112,13 +112,8 @@ void xtensa_collect_sr_names(const XtensaConfig *config)
>
> if (*pname) {
> if (strstr(*pname, name) == NULL) {
> - char *new_name =
> - malloc(strlen(*pname) + strlen(name) + 2);
> -
> - strcpy(new_name, *pname);
> - strcat(new_name, "/");
> - strcat(new_name, name);
> - free(*pname);
> + char *new_name = g_strdup_printf("%s/%s", *pname, name);
> + g_free(*pname);
> *pname = new_name;
> }
> } else {
I believe that
*pname = strdup(name);
in the `else` clause should also be changed to
*pname = g_strdup(name);
to maintain coupling between allocation and deallocation functions.
--
Thanks.
-- Max
malloc() return value is used without a check.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
v2: Also replaced strdup() with g_strdup()
Signed-off-by: Dmitry Frolov <frolov@swemel.ru>
---
target/xtensa/translate.c | 11 +++--------
1 file changed, 3 insertions(+), 8 deletions(-)
diff --git a/target/xtensa/translate.c b/target/xtensa/translate.c
index 34ae2f4e16..4faa5ae213 100644
--- a/target/xtensa/translate.c
+++ b/target/xtensa/translate.c
@@ -112,17 +112,12 @@ void xtensa_collect_sr_names(const XtensaConfig *config)
if (*pname) {
if (strstr(*pname, name) == NULL) {
- char *new_name =
- malloc(strlen(*pname) + strlen(name) + 2);
-
- strcpy(new_name, *pname);
- strcat(new_name, "/");
- strcat(new_name, name);
- free(*pname);
+ char *new_name = g_strdup_printf("%s/%s", *pname, name);
+ g_free(*pname);
*pname = new_name;
}
} else {
- *pname = strdup(name);
+ *pname = g_strdup(name);
}
}
}
--
2.34.1On Tue, Jul 29, 2025 at 11:22 PM Dmitry Frolov <frolov@swemel.ru> wrote: > > malloc() return value is used without a check. > > Found by Linux Verification Center (linuxtesting.org) with SVACE. > > v2: Also replaced strdup() with g_strdup() > > Signed-off-by: Dmitry Frolov <frolov@swemel.ru> > --- > target/xtensa/translate.c | 11 +++-------- > 1 file changed, 3 insertions(+), 8 deletions(-) Reviewed-by: Max Filippov <jcmvbkbc@gmail.com> -- Thanks. -- Max
© 2016 - 2025 Red Hat, Inc.