From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andrew Cooper Subject: Re: xen-mfndump xch bug (was Re: New Defects reported by Coverity Scan for XenProject) Date: Thu, 13 Mar 2014 17:23:23 +0000 Message-ID: <5321E98B.2020907@citrix.com> References: <532047fec9998_3c9c450684431a@209.249.196.67.mail> <21281.58725.678755.849173@mariner.uk.xensource.com> <1394731195.4159.66.camel@Solace> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="===============0909539237390028451==" Return-path: Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WO9Ls-000227-VZ for xen-devel@lists.xenproject.org; Thu, 13 Mar 2014 17:23:29 +0000 In-Reply-To: <1394731195.4159.66.camel@Solace> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: Dario Faggioli Cc: xen-devel@lists.xenproject.org, Ian Jackson , coverity@xenproject.org List-Id: xen-devel@lists.xenproject.org --===============0909539237390028451== Content-Type: multipart/alternative; boundary="------------030300000001040200020509" --------------030300000001040200020509 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit On 13/03/14 17:19, Dario Faggioli wrote: > On gio, 2014-03-13 at 17:05 +0000, Ian Jackson wrote: >> scan-admin@coverity.com writes ("New Defects reported by Coverity Scan for XenProject"): >> ___________________________ >>> *** CID 1191885: Dereference after null check (FORWARD_NULL) >>> /tools/misc/xen-mfndump.c: 401 in main() >>> 400 xch = xc_interface_open(0, 0, 0); >>>>>> CID 1191885: Dereference after null check (FORWARD_NULL) >>>>>> Comparing "xch" to null implies that "xch" might be null. >>> 401 if ( !xch ) >>> 402 { >>> 403 ERROR("Failed to open an xc handler"); >> >> This complaint is accurate. ERROR uses xch. (This is IMO not a >> security problem.) >> > I think Andrew sent a patch (and its v2 also) about it already: > http://www.gossamer-threads.com/lists/xen/devel/320397 Indeed I have - it has suitable acks and is pending committing now. ~Andrew --------------030300000001040200020509 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: 8bit On 13/03/14 17:19, Dario Faggioli wrote:
> On gio, 2014-03-13 at 17:05 +0000, Ian Jackson wrote:
>> scan-admin@coverity.com writes ("New Defects reported by Coverity Scan for XenProject"):
>> ___________________________
>>> *** CID 1191885:  Dereference after null check  (FORWARD_NULL)
>>> /tools/misc/xen-mfndump.c: 401 in main()
>>> 400         xch = xc_interface_open(0, 0, 0);
>>>>>>     CID 1191885:  Dereference after null check  (FORWARD_NULL)
>>>>>>     Comparing "xch" to null implies that "xch" might be null.
>>> 401         if ( !xch )
>>> 402         {
>>> 403             ERROR("Failed to open an xc handler");
>>
>> This complaint is accurate.  ERROR uses xch.  (This is IMO not a
>> security problem.)
>>
> I think Andrew sent a patch (and its v2 also) about it already:
> http://www.gossamer-threads.com/lists/xen/devel/320397

Indeed I have - it has suitable acks and is pending committing now.

~Andrew
--------------030300000001040200020509-- --===============0909539237390028451== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel --===============0909539237390028451==--