1. Patchew
  2. Xen
  3. [PATCH XENSTORE v1 00/10] Code analysis fixes
  4. View patch

[PATCH XENSTORE v1 10/10] xs: add error handling

Norbert Manthey posted 10 patches 4 years, 11 months ago
[PATCH XENSTORE v1 10/10] xs: add error handling
Posted by Norbert Manthey 4 years, 11 months ago 
In case of a failure deep in the call tree, we might return NULL as the
value of the domain. In that case, error out instead of dereferencing
the NULL pointer.

This bug was discovered and resolved using Coverity Static Analysis
Security Testing (SAST) by Synopsys, Inc.

Signed-off-by: Norbert Manthey <nmanthey@amazon.de>
Reviewed-by: Julien Grall <jgrall@amazon.co.uk>
Reviewed-by: Raphael Ning <raphning@amazon.co.uk>

---
 tools/libs/store/xs.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/tools/libs/store/xs.c b/tools/libs/store/xs.c
--- a/tools/libs/store/xs.c
+++ b/tools/libs/store/xs.c
@@ -1183,7 +1183,12 @@ bool xs_path_is_subpath(const char *parent, const char *child)
 bool xs_is_domain_introduced(struct xs_handle *h, unsigned int domid)
 {
 	char *domain = single_with_domid(h, XS_IS_DOMAIN_INTRODUCED, domid);
-	int rc = strcmp("F", domain);
+	bool rc = false;
+
+	if (!domain)
+		return rc;
+
+	rc = strcmp("F", domain) != 0;
 
 	free(domain);
 	return rc;
-- 
2.17.1




Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879
Re: [PATCH XENSTORE v1 10/10] xs: add error handling
Posted by Julien Grall 4 years, 11 months ago 
Hi Norbert,

On 26/02/2021 14:41, Norbert Manthey wrote:
> In case of a failure deep in the call tree, we might return NULL as the
> value of the domain. In that case, error out instead of dereferencing
> the NULL pointer.
> 
> This bug was discovered and resolved using Coverity Static Analysis
> Security Testing (SAST) by Synopsys, Inc.

This commit message is not very descriptive. Internally, I suggested:

"
tools/xenstore: Harden xs_domain_is_introduced()

The function single_with_domid() may return NULL if something
went wrong (e.g. XenStored returns an error or the connection is
in bad state).

They are unlikely but not impossible, so it would be better to
return an error and allow the caller to handle it gracefully rather
than crashing.

In this case we should treat it as the domain has disappeared (i.e.
return false) as the caller will not likely going to be able to
communicate with XenStored again.

This bug was discovered and resolved using Coverity Static Analysis
Security Testing (SAST) by Synopsys, Inc.
"

I would have expected this to be addressed given that...

> 
> Signed-off-by: Norbert Manthey <nmanthey@amazon.de>
> Reviewed-by: Julien Grall <jgrall@amazon.co.uk
... you carried over my reviewed-by tag.


Cheers,

-- 
Julien Grall
Re: [PATCH XENSTORE v1 10/10] xs: add error handling
Posted by Norbert Manthey 4 years, 11 months ago 
On 2/26/21 3:53 PM, Julien Grall wrote:
> Hi Norbert,
>
> On 26/02/2021 14:41, Norbert Manthey wrote:
>> In case of a failure deep in the call tree, we might return NULL as the
>> value of the domain. In that case, error out instead of dereferencing
>> the NULL pointer.
>>
>> This bug was discovered and resolved using Coverity Static Analysis
>> Security Testing (SAST) by Synopsys, Inc.
>
> This commit message is not very descriptive. Internally, I suggested:
>
> "
> tools/xenstore: Harden xs_domain_is_introduced()
>
> The function single_with_domid() may return NULL if something
> went wrong (e.g. XenStored returns an error or the connection is
> in bad state).
>
> They are unlikely but not impossible, so it would be better to
> return an error and allow the caller to handle it gracefully rather
> than crashing.
>
> In this case we should treat it as the domain has disappeared (i.e.
> return false) as the caller will not likely going to be able to
> communicate with XenStored again.
>
> This bug was discovered and resolved using Coverity Static Analysis
> Security Testing (SAST) by Synopsys, Inc.
> "
>
> I would have expected this to be addressed given that...

Understood. I will iterate.

Norbert

>
>>
>> Signed-off-by: Norbert Manthey <nmanthey@amazon.de>
>> Reviewed-by: Julien Grall <jgrall@amazon.co.uk
> ... you carried over my reviewed-by tag.
>
>
> Cheers,
>
> -- 
> Julien Grall



Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879
Re: [PATCH XENSTORE v1 10/10] xs: add error handling
Posted by Jürgen Groß 4 years, 11 months ago 
On 26.02.21 15:41, Norbert Manthey wrote:
> In case of a failure deep in the call tree, we might return NULL as the
> value of the domain. In that case, error out instead of dereferencing
> the NULL pointer.
> 
> This bug was discovered and resolved using Coverity Static Analysis
> Security Testing (SAST) by Synopsys, Inc.
> 
> Signed-off-by: Norbert Manthey <nmanthey@amazon.de>
> Reviewed-by: Julien Grall <jgrall@amazon.co.uk>
> Reviewed-by: Raphael Ning <raphning@amazon.co.uk>

Reviewed-by: Juergen Gross <jgross@suse.com>


Juergen
Re: [PATCH XENSTORE v1 10/10] xs: add error handling
Posted by Ian Jackson 4 years, 11 months ago 
Norbert Manthey writes ("[PATCH XENSTORE v1 10/10] xs: add error handling"):
> In case of a failure deep in the call tree, we might return NULL as the
> value of the domain. In that case, error out instead of dereferencing
> the NULL pointer.
> 
> This bug was discovered and resolved using Coverity Static Analysis
> Security Testing (SAST) by Synopsys, Inc.
> 
> Signed-off-by: Norbert Manthey <nmanthey@amazon.de>
> Reviewed-by: Julien Grall <jgrall@amazon.co.uk>
> Reviewed-by: Raphael Ning <raphning@amazon.co.uk>

Release-Acked-by: Ian Jackson <iwj@xenproject.org>

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.