* xen-mfndump xch bug (was Re: New Defects reported by Coverity Scan for XenProject)
[not found] <532047fec9998_3c9c450684431a@209.249.196.67.mail>
@ 2014-03-13 17:05 ` Ian Jackson
2014-03-13 17:19 ` Dario Faggioli
0 siblings, 1 reply; 7+ messages in thread
From: Ian Jackson @ 2014-03-13 17:05 UTC (permalink / raw)
To: xen-devel, Dario Faggioli; +Cc: coverity
scan-admin@coverity.com writes ("New Defects reported by Coverity Scan for XenProject"):
___________________________
> *** CID 1191885: Dereference after null check (FORWARD_NULL)
> /tools/misc/xen-mfndump.c: 401 in main()
> 400 xch = xc_interface_open(0, 0, 0);
> >>> CID 1191885: Dereference after null check (FORWARD_NULL)
> >>> Comparing "xch" to null implies that "xch" might be null.
> 401 if ( !xch )
> 402 {
> 403 ERROR("Failed to open an xc handler");
This complaint is accurate. ERROR uses xch. (This is IMO not a
security problem.)
Furthermore, I was rather startled to discover that xen-mfndump.c
#includes <xc_private.h>.
Thanks,
Ian.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: xen-mfndump xch bug (was Re: New Defects reported by Coverity Scan for XenProject)
2014-03-13 17:05 ` xen-mfndump xch bug (was Re: New Defects reported by Coverity Scan for XenProject) Ian Jackson
@ 2014-03-13 17:19 ` Dario Faggioli
2014-03-13 17:23 ` Andrew Cooper
` (2 more replies)
0 siblings, 3 replies; 7+ messages in thread
From: Dario Faggioli @ 2014-03-13 17:19 UTC (permalink / raw)
To: Ian Jackson; +Cc: xen-devel, coverity
[-- Attachment #1.1: Type: text/plain, Size: 1501 bytes --]
On gio, 2014-03-13 at 17:05 +0000, Ian Jackson wrote:
> scan-admin@coverity.com writes ("New Defects reported by Coverity Scan for XenProject"):
> ___________________________
> > *** CID 1191885: Dereference after null check (FORWARD_NULL)
> > /tools/misc/xen-mfndump.c: 401 in main()
> > 400 xch = xc_interface_open(0, 0, 0);
> > >>> CID 1191885: Dereference after null check (FORWARD_NULL)
> > >>> Comparing "xch" to null implies that "xch" might be null.
> > 401 if ( !xch )
> > 402 {
> > 403 ERROR("Failed to open an xc handler");
>
> This complaint is accurate. ERROR uses xch. (This is IMO not a
> security problem.)
>
I think Andrew sent a patch (and its v2 also) about it already:
http://www.gossamer-threads.com/lists/xen/devel/320397
> Furthermore, I was rather startled to discover that xen-mfndump.c
> #includes <xc_private.h>.
>
Makes sense... Sorry for that. I think I remember, when working on it,
starting from copying tools/misc/xen-hptool.c, and then modifying it for
my purposes. I probably just left the #include-s untouched without much
thinking.
Do you want me to try to remove it and send a patch to that effect?
Regards,
Dario
--
<<This happens because I choose it to happen!>> (Raistlin Majere)
-----------------------------------------------------------------
Dario Faggioli, Ph.D, http://about.me/dario.faggioli
Senior Software Engineer, Citrix Systems R&D Ltd., Cambridge (UK)
[-- Attachment #1.2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 198 bytes --]
[-- Attachment #2: Type: text/plain, Size: 126 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: xen-mfndump xch bug (was Re: New Defects reported by Coverity Scan for XenProject)
2014-03-13 17:19 ` Dario Faggioli
@ 2014-03-13 17:23 ` Andrew Cooper
2014-03-13 17:35 ` Ian Campbell
2014-03-14 11:37 ` Ian Jackson
2 siblings, 0 replies; 7+ messages in thread
From: Andrew Cooper @ 2014-03-13 17:23 UTC (permalink / raw)
To: Dario Faggioli; +Cc: xen-devel, Ian Jackson, coverity
[-- Attachment #1.1: Type: text/plain, Size: 923 bytes --]
On 13/03/14 17:19, Dario Faggioli wrote:
> On gio, 2014-03-13 at 17:05 +0000, Ian Jackson wrote:
>> scan-admin@coverity.com writes ("New Defects reported by Coverity
Scan for XenProject"):
>> ___________________________
>>> *** CID 1191885: Dereference after null check (FORWARD_NULL)
>>> /tools/misc/xen-mfndump.c: 401 in main()
>>> 400 xch = xc_interface_open(0, 0, 0);
>>>>>> CID 1191885: Dereference after null check (FORWARD_NULL)
>>>>>> Comparing "xch" to null implies that "xch" might be null.
>>> 401 if ( !xch )
>>> 402 {
>>> 403 ERROR("Failed to open an xc handler");
>>
>> This complaint is accurate. ERROR uses xch. (This is IMO not a
>> security problem.)
>>
> I think Andrew sent a patch (and its v2 also) about it already:
> http://www.gossamer-threads.com/lists/xen/devel/320397
Indeed I have - it has suitable acks and is pending committing now.
~Andrew
[-- Attachment #1.2: Type: text/html, Size: 1738 bytes --]
[-- Attachment #2: Type: text/plain, Size: 126 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: xen-mfndump xch bug (was Re: New Defects reported by Coverity Scan for XenProject)
2014-03-13 17:19 ` Dario Faggioli
2014-03-13 17:23 ` Andrew Cooper
@ 2014-03-13 17:35 ` Ian Campbell
2014-03-13 17:36 ` Dario Faggioli
2014-03-14 11:37 ` Ian Jackson
2 siblings, 1 reply; 7+ messages in thread
From: Ian Campbell @ 2014-03-13 17:35 UTC (permalink / raw)
To: Dario Faggioli; +Cc: xen-devel, Ian Jackson, coverity
On Thu, 2014-03-13 at 18:19 +0100, Dario Faggioli wrote:
> > Furthermore, I was rather startled to discover that xen-mfndump.c
> > #includes <xc_private.h>.
> >
> Makes sense... Sorry for that. I think I remember, when working on it,
> starting from copying tools/misc/xen-hptool.c
(begs the question why this guy needs it too, oh well)
> , and then modifying it for
> my purposes. I probably just left the #include-s untouched without much
> thinking.
>
> Do you want me to try to remove it and send a patch to that effect?
Yes Please.
>
> Regards,
> Dario
>
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: xen-mfndump xch bug (was Re: New Defects reported by Coverity Scan for XenProject)
2014-03-13 17:35 ` Ian Campbell
@ 2014-03-13 17:36 ` Dario Faggioli
0 siblings, 0 replies; 7+ messages in thread
From: Dario Faggioli @ 2014-03-13 17:36 UTC (permalink / raw)
To: Ian Campbell; +Cc: xen-devel, Ian Jackson, coverity
[-- Attachment #1.1: Type: text/plain, Size: 975 bytes --]
On gio, 2014-03-13 at 17:35 +0000, Ian Campbell wrote:
> On Thu, 2014-03-13 at 18:19 +0100, Dario Faggioli wrote:
> > > Furthermore, I was rather startled to discover that xen-mfndump.c
> > > #includes <xc_private.h>.
> > >
> > Makes sense... Sorry for that. I think I remember, when working on it,
> > starting from copying tools/misc/xen-hptool.c
>
> (begs the question why this guy needs it too, oh well)
>
Indeed. :-)
> > , and then modifying it for
> > my purposes. I probably just left the #include-s untouched without much
> > thinking.
> >
> > Do you want me to try to remove it and send a patch to that effect?
>
> Yes Please.
>
I'll do, and try to kill both uses.
Dario
--
<<This happens because I choose it to happen!>> (Raistlin Majere)
-----------------------------------------------------------------
Dario Faggioli, Ph.D, http://about.me/dario.faggioli
Senior Software Engineer, Citrix Systems R&D Ltd., Cambridge (UK)
[-- Attachment #1.2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 198 bytes --]
[-- Attachment #2: Type: text/plain, Size: 126 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: xen-mfndump xch bug (was Re: New Defects reported by Coverity Scan for XenProject)
2014-03-13 17:19 ` Dario Faggioli
2014-03-13 17:23 ` Andrew Cooper
2014-03-13 17:35 ` Ian Campbell
@ 2014-03-14 11:37 ` Ian Jackson
2014-03-14 11:45 ` Dario Faggioli
2 siblings, 1 reply; 7+ messages in thread
From: Ian Jackson @ 2014-03-14 11:37 UTC (permalink / raw)
To: Dario Faggioli; +Cc: xen-devel, coverity
Dario Faggioli writes ("Re: xen-mfndump xch bug (was Re: New Defects reported by Coverity Scan for XenProject)"):
> On gio, 2014-03-13 at 17:05 +0000, Ian Jackson wrote:
> > Furthermore, I was rather startled to discover that xen-mfndump.c
> > #includes <xc_private.h>.
> >
> Makes sense... Sorry for that. I think I remember, when working on it,
> starting from copying tools/misc/xen-hptool.c, and then modifying it for
> my purposes. I probably just left the #include-s untouched without much
> thinking.
Ah, that would explain it.
> Do you want me to try to remove it and send a patch to that effect?
Not unless you're feeling really bored :-). Tidying up the in-tree
libxc callers is probably something we can put off...
Thanks,
Ian.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: xen-mfndump xch bug (was Re: New Defects reported by Coverity Scan for XenProject)
2014-03-14 11:37 ` Ian Jackson
@ 2014-03-14 11:45 ` Dario Faggioli
0 siblings, 0 replies; 7+ messages in thread
From: Dario Faggioli @ 2014-03-14 11:45 UTC (permalink / raw)
To: Ian Jackson; +Cc: xen-devel, coverity
[-- Attachment #1.1: Type: text/plain, Size: 722 bytes --]
On ven, 2014-03-14 at 11:37 +0000, Ian Jackson wrote:
> Dario Faggioli writes ("Re: xen-mfndump xch bug (was Re: New Defects reported by Coverity Scan for XenProject)"):
> > Do you want me to try to remove it and send a patch to that effect?
>
> Not unless you're feeling really bored :-). Tidying up the in-tree
> libxc callers is probably something we can put off...
>
Right. Adding it to my "When really bored" TODO list :-)
Regards,
Dario
--
<<This happens because I choose it to happen!>> (Raistlin Majere)
-----------------------------------------------------------------
Dario Faggioli, Ph.D, http://about.me/dario.faggioli
Senior Software Engineer, Citrix Systems R&D Ltd., Cambridge (UK)
[-- Attachment #1.2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 198 bytes --]
[-- Attachment #2: Type: text/plain, Size: 126 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2014-03-14 11:45 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <532047fec9998_3c9c450684431a@209.249.196.67.mail>
2014-03-13 17:05 ` xen-mfndump xch bug (was Re: New Defects reported by Coverity Scan for XenProject) Ian Jackson
2014-03-13 17:19 ` Dario Faggioli
2014-03-13 17:23 ` Andrew Cooper
2014-03-13 17:35 ` Ian Campbell
2014-03-13 17:36 ` Dario Faggioli
2014-03-14 11:37 ` Ian Jackson
2014-03-14 11:45 ` Dario Faggioli
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).