On a Thursday in 2026, [email protected] wrote:
Sorry for the ping, I worry this patch was missed, because its my first contribution and I've sent patch without subscription and it was delayed.
Yeah, the setup is a bit unfortunate. You can sometimes check in the archives if it made it through: https://lists.libvirt.org/archives/list/[email protected]/ But there have also been situations when just the archives were broken. On a Wednesday in 2026, Dmitry Lopatin wrote:
Add missing return value checks to fix the following issues reported by the static analyzer: - vah_add_file() call when adding render node path to the AppArmor profile (line 1029) was not checked, while there are examples with return code check throughout the code. - vah_add_file() call when adding default render node path (line 1037) had the same issue. - virDriverLoadModule() call when loading the storage driver (line 908) was not checked, while there are examples with return code check throughout the code. Signed-off-by: Dmitry Lopatin <[email protected]> --- src/security/virt-aa-helper.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-)
The patch does not apply for me on current master, please send patches against the current master branch.
diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index 067a17f331..07e5882237 100644
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -905,7 +905,8 @@ get_files(vahControl * ctl)
/* load the storage driver so that backing store can be accessed */
#ifdef WITH_STORAGE
- virDriverLoadModule("storage", "storageRegister", false);
+ if (virDriverLoadModule("storage", "storageRegister", false) < 0)
+ goto cleanup;
#endif
for (i = 0; i < ctl->def->ndisks; i++) {
@@ -1026,7 +1027,8 @@ get_files(vahControl * ctl)
const char *rendernode = virDomainGraphicsGetRenderNode(graphics);
if (rendernode) {
- vah_add_file(&buf, rendernode, "rw");
+ if (vah_add_file(&buf, rendernode, "rw") != 0)
+ goto cleanup;
needsgl = true;
} else {
if (virDomainGraphicsNeedsAutoRenderNode(graphics)) {
@@ -1034,7 +1036,8 @@ get_files(vahControl * ctl)
needsgl = true;
if (defaultRenderNode) {
- vah_add_file(&buf, defaultRenderNode, "rw");
+ if (vah_add_file(&buf, defaultRenderNode, "rw") != 0)
+ goto cleanup;
VIR_FREE(defaultRenderNode);
}
}
These two vah_add_file calls are already checked since: commit ecca0dded412c84c3c89f9e4f1d6f2c5c57b4174 Author: Michal Prívozník <[email protected]> AuthorDate: 2025-06-11 13:59:49 +0200 Commit: Michal Prívozník <[email protected]> CommitDate: 2025-07-02 13:54:30 +0200 virt-aa-helper: Check retval of vah_add_file() Which was already released in libvirt 11.6.0 Jano
signature.asc
Description: PGP signature
