From: Dario Faggioli <dario.faggioli@citrix.com>
To: Ian Jackson <Ian.Jackson@eu.citrix.com>
Cc: xen-devel@lists.xenproject.org, coverity@xenproject.org
Subject: Re: xen-mfndump xch bug (was Re: New Defects reported by Coverity Scan for XenProject)
Date: Thu, 13 Mar 2014 18:19:55 +0100 [thread overview]
Message-ID: <1394731195.4159.66.camel@Solace> (raw)
In-Reply-To: <21281.58725.678755.849173@mariner.uk.xensource.com>
[-- Attachment #1.1: Type: text/plain, Size: 1501 bytes --]
On gio, 2014-03-13 at 17:05 +0000, Ian Jackson wrote:
> scan-admin@coverity.com writes ("New Defects reported by Coverity Scan for XenProject"):
> ___________________________
> > *** CID 1191885: Dereference after null check (FORWARD_NULL)
> > /tools/misc/xen-mfndump.c: 401 in main()
> > 400 xch = xc_interface_open(0, 0, 0);
> > >>> CID 1191885: Dereference after null check (FORWARD_NULL)
> > >>> Comparing "xch" to null implies that "xch" might be null.
> > 401 if ( !xch )
> > 402 {
> > 403 ERROR("Failed to open an xc handler");
>
> This complaint is accurate. ERROR uses xch. (This is IMO not a
> security problem.)
>
I think Andrew sent a patch (and its v2 also) about it already:
http://www.gossamer-threads.com/lists/xen/devel/320397
> Furthermore, I was rather startled to discover that xen-mfndump.c
> #includes <xc_private.h>.
>
Makes sense... Sorry for that. I think I remember, when working on it,
starting from copying tools/misc/xen-hptool.c, and then modifying it for
my purposes. I probably just left the #include-s untouched without much
thinking.
Do you want me to try to remove it and send a patch to that effect?
Regards,
Dario
--
<<This happens because I choose it to happen!>> (Raistlin Majere)
-----------------------------------------------------------------
Dario Faggioli, Ph.D, http://about.me/dario.faggioli
Senior Software Engineer, Citrix Systems R&D Ltd., Cambridge (UK)
[-- Attachment #1.2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 198 bytes --]
[-- Attachment #2: Type: text/plain, Size: 126 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
next prev parent reply other threads:[~2014-03-13 17:20 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <532047fec9998_3c9c450684431a@209.249.196.67.mail>
2014-03-13 17:05 ` xen-mfndump xch bug (was Re: New Defects reported by Coverity Scan for XenProject) Ian Jackson
2014-03-13 17:19 ` Dario Faggioli [this message]
2014-03-13 17:23 ` Andrew Cooper
2014-03-13 17:35 ` Ian Campbell
2014-03-13 17:36 ` Dario Faggioli
2014-03-14 11:37 ` Ian Jackson
2014-03-14 11:45 ` Dario Faggioli
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1394731195.4159.66.camel@Solace \
--to=dario.faggioli@citrix.com \
--cc=Ian.Jackson@eu.citrix.com \
--cc=coverity@xenproject.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).