From mboxrd@z Thu Jan 1 00:00:00 1970 From: Dario Faggioli Subject: Re: xen-mfndump xch bug (was Re: New Defects reported by Coverity Scan for XenProject) Date: Thu, 13 Mar 2014 18:19:55 +0100 Message-ID: <1394731195.4159.66.camel@Solace> References: <532047fec9998_3c9c450684431a@209.249.196.67.mail> <21281.58725.678755.849173@mariner.uk.xensource.com> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="===============5299511890788544486==" Return-path: Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WO9Ib-0001OM-Bg for xen-devel@lists.xenproject.org; Thu, 13 Mar 2014 17:20:10 +0000 In-Reply-To: <21281.58725.678755.849173@mariner.uk.xensource.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: Ian Jackson Cc: xen-devel@lists.xenproject.org, coverity@xenproject.org List-Id: xen-devel@lists.xenproject.org --===============5299511890788544486== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-tZ67hUtDc5/s9clAe9bd" --=-tZ67hUtDc5/s9clAe9bd Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On gio, 2014-03-13 at 17:05 +0000, Ian Jackson wrote: > scan-admin@coverity.com writes ("New Defects reported by Coverity Scan fo= r XenProject"): > ___________________________ > > *** CID 1191885: Dereference after null check (FORWARD_NULL) > > /tools/misc/xen-mfndump.c: 401 in main() > > 400 xch =3D xc_interface_open(0, 0, 0); > > >>> CID 1191885: Dereference after null check (FORWARD_NULL) > > >>> Comparing "xch" to null implies that "xch" might be null. > > 401 if ( !xch ) > > 402 { > > 403 ERROR("Failed to open an xc handler"); >=20 > This complaint is accurate. ERROR uses xch. (This is IMO not a > security problem.) >=20 I think Andrew sent a patch (and its v2 also) about it already: http://www.gossamer-threads.com/lists/xen/devel/320397 > Furthermore, I was rather startled to discover that xen-mfndump.c > #includes . >=20 Makes sense... Sorry for that. I think I remember, when working on it, starting from copying tools/misc/xen-hptool.c, and then modifying it for my purposes. I probably just left the #include-s untouched without much thinking. Do you want me to try to remove it and send a patch to that effect? Regards, Dario --=20 <> (Raistlin Majere) ----------------------------------------------------------------- Dario Faggioli, Ph.D, http://about.me/dario.faggioli Senior Software Engineer, Citrix Systems R&D Ltd., Cambridge (UK) --=-tZ67hUtDc5/s9clAe9bd Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iEYEABECAAYFAlMh6LsACgkQk4XaBE3IOsSxfgCgoGjniUIRcKIfTq1pUwcwUGVh HiQAn2XUbA9iOXNtoXDDwXaA+s2bHlme =XUa8 -----END PGP SIGNATURE----- --=-tZ67hUtDc5/s9clAe9bd-- --===============5299511890788544486== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel --===============5299511890788544486==--