1. Patchew
  2. Xen
  3. View series

[PATCH] loadpolicy: Verifies memory allocation during policy loading

yskelg@gmail.com posted 1 patch 5 months, 4 weeks ago
Patches applied successfully (tree, apply log)
git fetch https://gitlab.com/xen-project/patchew/xen tags/patchew/20240527125438.66349-1-yskelg@gmail.com
tools/flask/utils/loadpolicy.c | 5 +++++
1 file changed, 5 insertions(+)
[PATCH] loadpolicy: Verifies memory allocation during policy loading
Posted by yskelg@gmail.com 5 months, 4 weeks ago 
From: Yunseong Kim <yskelg@gmail.com>

memory allocation failure handling in the loadpolicy module.

Signed-off-by: Yunseong Kim <yskelg@gmail.com>
---
 tools/flask/utils/loadpolicy.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/tools/flask/utils/loadpolicy.c b/tools/flask/utils/loadpolicy.c
index 76710a256c..7f6bab4dcd 100644
--- a/tools/flask/utils/loadpolicy.c
+++ b/tools/flask/utils/loadpolicy.c
@@ -58,6 +58,11 @@ int main (int argCnt, const char *args[])
     }
 
     polMemCp = malloc(info.st_size);
+    if (!polMemCp) {
+        fprintf(stderr, "Error occurred allocating %ld bytes\n", info.st_size);
+        ret = -ENOMEM;
+        goto cleanup;
+    }
 
 #ifdef USE_MMAP
     polMem = mmap(NULL, info.st_size, PROT_READ, MAP_SHARED, polFd, 0);
-- 
2.34.1
Re: [PATCH] loadpolicy: Verifies memory allocation during policy loading
Posted by Jan Beulich 5 months ago 
On 27.05.2024 14:54, yskelg@gmail.com wrote:
> --- a/tools/flask/utils/loadpolicy.c
> +++ b/tools/flask/utils/loadpolicy.c
> @@ -58,6 +58,11 @@ int main (int argCnt, const char *args[])
>      }
>  
>      polMemCp = malloc(info.st_size);
> +    if (!polMemCp) {
> +        fprintf(stderr, "Error occurred allocating %ld bytes\n", info.st_size);
> +        ret = -ENOMEM;

I don't think -ENOMEM is valid to use here. See neighboring code. Nevertheless
it is correct that a check should be here.

As to %ld - is that portably usable with an off_t value?

In any event, Daniel, really your turn to review / ack. I'm looking at this
merely because I found this and another bugfix still sit in waiting-for-ack
state.

Jan
Re: [PATCH] loadpolicy: Verifies memory allocation during policy loading
Posted by Daniel P. Smith 5 months ago 
On 6/19/24 08:04, Jan Beulich wrote:
> On 27.05.2024 14:54, yskelg@gmail.com wrote:
>> --- a/tools/flask/utils/loadpolicy.c
>> +++ b/tools/flask/utils/loadpolicy.c
>> @@ -58,6 +58,11 @@ int main (int argCnt, const char *args[])
>>       }
>>   
>>       polMemCp = malloc(info.st_size);
>> +    if (!polMemCp) {
>> +        fprintf(stderr, "Error occurred allocating %ld bytes\n", info.st_size);
>> +        ret = -ENOMEM;
> 
> I don't think -ENOMEM is valid to use here. See neighboring code. Nevertheless
> it is correct that a check should be here.
> 
> As to %ld - is that portably usable with an off_t value?
> 
> In any event, Daniel, really your turn to review / ack. I'm looking at this
> merely because I found this and another bugfix still sit in waiting-for-ack
> state.

I saw this but was on the fence of whether it really required my ack 
since it was more of a toolstack code fix versus an XSM relevant change.

With that said, and to expand on Jan's comment regarding ENOMEM, the 
utility does not currently differentiate main's return code. Unless the 
tools maintainer wants to start changing this, I would suggest setting 
ret to -1.

As to the '%ld', aligning with Jan's first comment, perhaps you might 
consider just reporting `strerror(errno)` similar to the other error 
handling checks. NB: it is likely errno will be set to -ENOMEM, so by 
doing this you will end up notifying ENOMEM occurred as you were 
attempting to do by providing it with `ret`. Additionally, then you 
won't have to deal with portability concerns over off_t.

V/r,
Daniel P. Smith

Patchew 2.1-devel-b67e4c2

© 2016 - 2024 Red Hat, Inc.