From: Bandan Das <bsd@redhat.com>
To: Peter Maydell <peter.maydell@linaro.org>
Cc: Gerd Hoffmann <kraxel@redhat.com>,
QEMU Developers <qemu-devel@nongnu.org>,
Eduardo Habkost <ehabkost@redhat.com>
Subject: Re: [Qemu-devel] [PULL 7/8] usb-mtp: breakup MTP write into smaller chunks
Date: Fri, 15 Feb 2019 13:45:51 -0500 [thread overview]
Message-ID: <jpgef886gbk.fsf@linux.bootlegged.copy> (raw)
In-Reply-To: <CAFEAcA-hgtFq-LHY=73+PtQKp2J-b6LdG73+Ag_uPtwF9Z4iYg@mail.gmail.com> (Peter Maydell's message of "Thu, 14 Feb 2019 18:52:21 +0000")
Peter Maydell <peter.maydell@linaro.org> writes:
> On Wed, 30 Jan 2019 at 07:41, Gerd Hoffmann <kraxel@redhat.com> wrote:
>>
>> From: Bandan Das <bsd@redhat.com>
>>
>> For every MTP_WRITE_BUF_SZ copied, this patch writes it to file before
>> getting the next block of data. The file is kept opened for the
>> duration of the operation but the sanity checks on the write operation
>> are performed only once when the write operation starts. Additionally,
>> we also update the file size in the object metadata once the file has
>> completely been written.
>>
>> Suggested-by: Gerd Hoffman <kraxel@redhat.com>
>> Signed-off-by: Bandan Das <bsd@redhat.com>
>> Message-id: 20190129131908.27924-3-bsd@redhat.com
>> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
>
> Hi; Coverity has spotted a couple of issues with this patch:
>
>
>> +static void usb_mtp_update_object(MTPObject *parent, char *name)
>> +{
>> + MTPObject *o =
>> + usb_mtp_object_lookup_name(parent, name, strlen(name));
>> +
>> + if (o) {
>> + lstat(o->path, &o->stat);
>
> CID 1398651: We don't check the return value of this lstat() for failure.
>
Thanks, will post a patch for this.
>> + }
>> +}
>> +
>> static void usb_mtp_write_data(MTPState *s)
>> {
>> MTPData *d = s->data_out;
>
> [...]
>
>> + case WRITE_CONTINUE:
>> + case WRITE_END:
>> + rc = write_retry(d->fd, d->data, d->data_offset,
>> + d->offset - d->data_offset);
>> + if (rc != d->data_offset) {
>> usb_mtp_queue_result(s, RES_STORE_FULL, d->trans,
>> 0, 0, 0, 0);
>> goto done;
>> + }
>> + if (d->write_status != WRITE_END) {
>> + return;
>
> CID 1398642: This early-return case in usb_mtp_write_data() returns
> from the function without doing any of the cleanup (closing file,
> freeing data, etc). Possibly it should be "goto done;" instead ?
> The specific thing Coverity complains about is the memory pointed
> to by "path".
>
I believe this is a false positive, there's still more data incoming
and we have successfully written the data we got this time, so we return
without freeing up any of the structures. I will add a comment here.
Bandan
> thanks
> -- PMM
next prev parent reply other threads:[~2019-02-15 18:53 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-30 7:34 [Qemu-devel] [PULL 0/8] Usb 20190130 patches Gerd Hoffmann
2019-01-30 7:34 ` [Qemu-devel] [PULL 1/8] usb: assign unique serial numbers to hid devices Gerd Hoffmann
2019-05-17 16:54 ` Dr. David Alan Gilbert
2019-01-30 7:34 ` [Qemu-devel] [PULL 2/8] usb: dev-mtp: close fd in usb_mtp_object_readdir() Gerd Hoffmann
2019-01-30 7:34 ` [Qemu-devel] [PULL 3/8] hw/usb: Fix LGPL information in the file headers Gerd Hoffmann
2019-01-30 7:34 ` [Qemu-devel] [PULL 4/8] usb: XHCI shall not halt isochronous endpoints Gerd Hoffmann
2019-01-30 7:34 ` [Qemu-devel] [PULL 5/8] usb: implement XHCI underrun/overrun events Gerd Hoffmann
2019-01-30 7:34 ` [Qemu-devel] [PULL 6/8] usb-mtp: Reallocate buffer in multiples of MTP_WRITE_BUF_SZ Gerd Hoffmann
2019-01-30 7:34 ` [Qemu-devel] [PULL 7/8] usb-mtp: breakup MTP write into smaller chunks Gerd Hoffmann
2019-02-14 18:52 ` Peter Maydell
2019-02-15 18:45 ` Bandan Das [this message]
2019-02-15 18:55 ` Peter Maydell
2019-02-15 19:22 ` Bandan Das
2019-01-30 7:34 ` [Qemu-devel] [PULL 8/8] usb-mtp: replace the homebrew write with qemu_write_full Gerd Hoffmann
2019-01-31 15:40 ` [Qemu-devel] [PULL 0/8] Usb 20190130 patches Peter Maydell
2019-01-31 18:10 ` no-reply
2019-02-02 21:26 ` no-reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=jpgef886gbk.fsf@linux.bootlegged.copy \
--to=bsd@redhat.com \
--cc=ehabkost@redhat.com \
--cc=kraxel@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).