From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:55775) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bkf3u-0001lT-9A for qemu-devel@nongnu.org; Thu, 15 Sep 2016 18:23:20 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bkf3p-00065N-Qe for qemu-devel@nongnu.org; Thu, 15 Sep 2016 18:23:17 -0400 Received: from mail-wm0-f65.google.com ([74.125.82.65]:34776) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bkf3p-00064t-JW for qemu-devel@nongnu.org; Thu, 15 Sep 2016 18:23:13 -0400 Received: by mail-wm0-f65.google.com with SMTP id g141so859801wmd.1 for ; Thu, 15 Sep 2016 15:23:13 -0700 (PDT) Sender: Paolo Bonzini References: <147257704749.28515.17213711886150247423.stgit@bahia.lab.toulouse-stg.fr.ibm.com> <147257719770.28515.3353821932092912758.stgit@bahia.lab.toulouse-stg.fr.ibm.com> From: Paolo Bonzini Message-ID: Date: Fri, 16 Sep 2016 00:22:11 +0200 MIME-Version: 1.0 In-Reply-To: <147257719770.28515.3353821932092912758.stgit@bahia.lab.toulouse-stg.fr.ibm.com> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH v4 3/3] 9pfs: handle walk of ".." in the root directory List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Greg Kurz , qemu-devel@nongnu.org Cc: Peter Maydell , Felix Wilhelm , "Michael S. Tsirkin" , P J P , "Aneesh Kumar K.V" On 30/08/2016 20:40, Greg Kurz wrote: > + > + err = fid_to_qid(pdu, fidp, &qid); > + if (err < 0) { > + goto out; > + } > + > v9fs_path_init(&dpath); > v9fs_path_init(&path); The "out" label can now be reached without having initialized dpath and path. This upsets Coverity (and might also cause a segfault, indeed). The simplest fix is to move the v9fs_path_init before the fid_to_qid call. Paolo > /* > @@ -1318,16 +1334,22 @@ static void v9fs_walk(void *opaque) > v9fs_path_copy(&dpath, &fidp->path); > v9fs_path_copy(&path, &fidp->path); > for (name_idx = 0; name_idx < nwnames; name_idx++) { > - err = v9fs_co_name_to_path(pdu, &dpath, wnames[name_idx].data, &path); > - if (err < 0) { > - goto out; > - } > - err = v9fs_co_lstat(pdu, &path, &stbuf); > - if (err < 0) { > - goto out; > + if (not_same_qid(&pdu->s->root_qid, &qid) || > + strcmp("..", wnames[name_idx].data)) { > + err = v9fs_co_name_to_path(pdu, &dpath, wnames[name_idx].data, > + &path); > + if (err < 0) { > + goto out; > + } > + > + err = v9fs_co_lstat(pdu, &path, &stbuf); > + if (err < 0) { > + goto out; > + } > + stat_to_qid(&stbuf, &qid); > + v9fs_path_copy(&dpath, &path); > } > - stat_to_qid(&stbuf, &qids[name_idx]); > - v9fs_path_copy(&dpath, &path); > + memcpy(&qids[name_idx], &qid, sizeof(qid)); > } > if (fid == newfid) { > BUG_ON(fidp->fid_type != P9_FID_NONE); > diff --git a/hw/9pfs/9p.h b/hw/9pfs/9p.h > index b4f757ab5449..a38603398ef5 100644 > --- a/hw/9pfs/9p.h > +++ b/hw/9pfs/9p.h > @@ -236,6 +236,7 @@ typedef struct V9fsState > int32_t root_fid; > Error *migration_blocker; > V9fsConf fsconf; > + V9fsQID root_qid; > } V9fsState; > > /* 9p2000.L open flags */ > > >