From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Ian Jackson <Ian.Jackson@eu.citrix.com>
Cc: Roger Pau Monne <roger.pau@citrix.com>,
Ian Campbell <Ian.Campbell@citrix.com>,
Xen-devel <xen-devel@lists.xen.org>
Subject: Re: [Patch v3 3/4] tools/libxl: Fix libxl__device_nic_from_xs_be()
Date: Tue, 26 Nov 2013 13:58:16 +0000 [thread overview]
Message-ID: <5294A8F8.8090706@citrix.com> (raw)
In-Reply-To: <21140.36721.61987.750679@mariner.uk.xensource.com>
On 26/11/13 12:09, Ian Jackson wrote:
> Andrew Cooper writes ("Re: [Xen-devel] [Patch v3 3/4] tools/libxl: Fix libxl__device_nic_from_xs_be()"):
>> As this function cant fail, I was trying to force all error paths to
>> apply safe defaults to the libxl_device_nic structure.
> Perhaps the function should be able to fail.
>
> From 3cea493c97f23eeb8e175915186f7ca2701da60a Mon Sep 17 00:00:00 2001
> From: Ian Jackson <ian.jackson@eu.citrix.com>
> Date: Tue, 26 Nov 2013 12:08:09 +0000
> Subject: [PATCH] libxl: Fix error handling in libxl__device_nic_from_xs_be
>
> This requires changing its return type and fixing the callers.
>
> Introduce here a READ_BACKEND macro to make the code less repetitive.
>
> Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
Commit message should include the Coverity ID 1055886, and perhaps a
reference to the fact that it is a memory leak.
> ---
> tools/libxl/libxl.c | 62 ++++++++++++++++++++++++++++++---------------------
> 1 file changed, 37 insertions(+), 25 deletions(-)
>
> diff --git a/tools/libxl/libxl.c b/tools/libxl/libxl.c
> index 2b847ef..62ff6db 100644
> --- a/tools/libxl/libxl.c
> +++ b/tools/libxl/libxl.c
> @@ -2976,45 +2976,51 @@ out:
> return;
> }
>
> -static void libxl__device_nic_from_xs_be(libxl__gc *gc,
> - const char *be_path,
> - libxl_device_nic *nic)
> +static int libxl__device_nic_from_xs_be(libxl__gc *gc,
> + const char *be_path,
> + libxl_device_nic *nic)
> {
> - libxl_ctx *ctx = libxl__gc_owner(gc);
> - unsigned int len;
> - char *tmp;
> + const char *tmp;
> int rc;
>
> libxl_device_nic_init(nic);
>
> - tmp = xs_read(ctx->xsh, XBT_NULL,
> - libxl__sprintf(gc, "%s/handle", be_path), &len);
> - if ( tmp )
> +#define READ_BACKEND(subpath) ({ \
> + rc = libxl__xs_read_checked(gc, XBT_NULL, \
> + GCSPRINTF("%s/" subpath, be_path), \
> + &tmp); \
> + if (rc) goto out; \
> + (char*)tmp; \
> + });
> +
> + tmp = READ_BACKEND("handle");
> + if (tmp)
> nic->devid = atoi(tmp);
> else
> nic->devid = 0;
>
> /* nic->mtu = */
>
> - tmp = xs_read(ctx->xsh, XBT_NULL,
> - libxl__sprintf(gc, "%s/mac", be_path), &len);
> - rc = libxl__parse_mac(tmp, nic->mac);
> - if (rc)
> + tmp = READ_BACKEND("mac");
> + if (tmp) {
> + rc = libxl__parse_mac(tmp, nic->mac);
> + if (rc) goto out;
> + } else {
> memset(nic->mac, 0, sizeof(nic->mac));
> + }
>
> - nic->ip = xs_read(ctx->xsh, XBT_NULL,
> - libxl__sprintf(gc, "%s/ip", be_path), &len);
> -
> - nic->bridge = xs_read(ctx->xsh, XBT_NULL,
> - libxl__sprintf(gc, "%s/bridge", be_path), &len);
> -
> - nic->script = xs_read(ctx->xsh, XBT_NULL,
> - libxl__sprintf(gc, "%s/script", be_path), &len);
> + nic->ip = READ_BACKEND("ip");
> + nic->bridge = READ_BACKEND("bridge");
> + nic->script = READ_BACKEND("script");
This is not correct. libxl_device_nic_dispose() is in charge of freeing
these pointers, but now they are part of the gc.
~Andrew
>
> /* vif_ioemu nics use the same xenstore entries as vif interfaces */
> nic->nictype = LIBXL_NIC_TYPE_VIF;
> nic->model = NULL; /* XXX Only for TYPE_IOEMU */
> nic->ifname = NULL; /* XXX Only for TYPE_IOEMU */
> +
> + rc = 0;
> + out:
> + return rc;
> }
>
> int libxl_devid_to_device_nic(libxl_ctx *ctx, uint32_t domid,
> @@ -3035,7 +3041,8 @@ int libxl_devid_to_device_nic(libxl_ctx *ctx, uint32_t domid,
> if (!path)
> goto out;
>
> - libxl__device_nic_from_xs_be(gc, path, nic);
> + rc = libxl__device_nic_from_xs_be(gc, path, nic);
> + if (rc) goto out;
>
> rc = 0;
> out:
> @@ -3053,6 +3060,7 @@ static int libxl__append_nic_list_of_type(libxl__gc *gc,
> char **dir = NULL;
> unsigned int n = 0;
> libxl_device_nic *pnic = NULL, *pnic_end = NULL;
> + int rc;
>
> be_path = libxl__sprintf(gc, "%s/backend/%s/%d",
> libxl__xs_get_dompath(gc, 0), type, domid);
> @@ -3064,16 +3072,20 @@ static int libxl__append_nic_list_of_type(libxl__gc *gc,
> return ERROR_NOMEM;
> *nics = tmp;
> pnic = *nics + *nnics;
> - *nnics += n;
> - pnic_end = *nics + *nnics;
> + pnic_end = *nics + *nnics + n;
> for (; pnic < pnic_end; pnic++, dir++) {
> const char *p;
> p = libxl__sprintf(gc, "%s/%s", be_path, *dir);
> - libxl__device_nic_from_xs_be(gc, p, pnic);
> + rc = libxl__device_nic_from_xs_be(gc, p, pnic);
> + if (rc) goto out;
> pnic->backend_domid = 0;
> }
> + *nnics += n;
> }
> return 0;
> +
> + out:
> + return rc;
> }
>
> libxl_device_nic *libxl_device_nic_list(libxl_ctx *ctx, uint32_t domid, int *num)
next prev parent reply other threads:[~2013-11-26 13:58 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-11-25 11:12 [PATCH 0/4] Coverity fixes for tools/libxl Andrew Cooper
2013-11-25 11:12 ` [PATCH 1/4] tools/libxl: Avoid deliberate NULL pointer dereference Andrew Cooper
2013-11-25 12:32 ` Ian Jackson
2013-11-25 11:12 ` [PATCH 2/4] tools/libxl: Fix integer overflows in sched_sedf_domain_set() Andrew Cooper
2013-11-25 12:35 ` Ian Jackson
2013-11-25 11:12 ` [PATCH 3/4] tools/libxl: Fix libxl__device_nic_from_xs_be() Andrew Cooper
2013-11-25 11:38 ` Roger Pau Monné
2013-11-25 15:19 ` [Patch v2 " Andrew Cooper
2013-11-25 18:52 ` Roger Pau Monné
2013-11-25 20:49 ` [Patch v3 " Andrew Cooper
2013-11-26 8:11 ` Roger Pau Monné
2013-11-26 11:32 ` Ian Jackson
2013-11-26 11:42 ` Andrew Cooper
2013-11-26 12:09 ` Ian Jackson
2013-11-26 13:58 ` Andrew Cooper [this message]
2013-11-26 15:08 ` Ian Jackson
2013-11-26 15:15 ` Andrew Cooper
2013-11-26 15:39 ` Ian Jackson
2013-12-09 13:35 ` Andrew Cooper
2013-12-18 11:11 ` Ian Campbell
2013-12-18 11:10 ` Ian Campbell
2013-11-25 12:38 ` [PATCH " Ian Jackson
2013-11-25 11:12 ` [PATCH 4/4] tools/libxl: Fix memory leak in sched_domain_output() Andrew Cooper
2013-11-25 13:46 ` Ian Jackson
2013-11-25 13:48 ` Andrew Cooper
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5294A8F8.8090706@citrix.com \
--to=andrew.cooper3@citrix.com \
--cc=Ian.Campbell@citrix.com \
--cc=Ian.Jackson@eu.citrix.com \
--cc=roger.pau@citrix.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.