Re: [libvirt] [PATCH] virBufferVSprintf: do not skip va_end
On Thu, Feb 18, 2010 at 09:27:25PM +0100, Jim Meyering wrote: This fixes the last of the varargs problems reported by coverity: va_end(argptr) was never called, and va_end(locarg) would have been skipped upon OOM. From 7a75b9da0d08a54e9f256dd26cca061b59c32c6d Mon Sep 17 00:00:00 2001 From: Jim Meyering meyer...@redhat.com Date: Thu, 18 Feb 2010 21:25:01 +0100 Subject: [PATCH] virBufferVSprintf: do not skip va_end * src/util/buf.c (virBufferVSprintf): Do not omit or skip va_end calls. --- src/util/buf.c |7 +-- 1 files changed, 5 insertions(+), 2 deletions(-) diff --git a/src/util/buf.c b/src/util/buf.c index cc0a087..caf8ee0 100644 --- a/src/util/buf.c +++ b/src/util/buf.c @@ -246,14 +246,17 @@ virBufferVSprintf(const virBufferPtr buf, const char *format, ...) grow_size = (count 1000) ? count : 1000; if (virBufferGrow(buf, grow_size) 0) -return; +goto cleanup; size = buf-size - buf-use - 1; va_copy(locarg, argptr); } -va_end(locarg); buf-use += count; buf-content[buf-use] = '\0'; + + cleanup: +va_end(argptr); +va_end(locarg); } /** Hum, that one I'm not sure. In the case of virBufferGrow failure, we just did va_end(locarg); in the loop before, so going to cleanup there does it twice, and I'm not sure it's legal. Probably simpler to add just va_end(argptr); before return in that case and drop the cleanup: target. Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ dan...@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/ -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] virBufferVSprintf: do not skip va_end
Daniel Veillard wrote:
Subject: [PATCH] virBufferVSprintf: do not skip va_end
* src/util/buf.c (virBufferVSprintf): Do not omit or skip va_end calls.
...
Hum, that one I'm not sure. In the case of virBufferGrow failure,
we just did va_end(locarg); in the loop before, so going to cleanup
there does it twice, and I'm not sure it's legal. Probably simpler to
add just va_end(argptr); before return in that case and drop the
cleanup: target.
Good catch. Corrected, as you suggest:
From 313af81e8ff93ceb06b6086ea917db6a7eb160cc Mon Sep 17 00:00:00 2001
From: Jim Meyering meyer...@redhat.com
Date: Thu, 18 Feb 2010 21:25:01 +0100
Subject: [PATCH] virBufferVSprintf: do not omit va_end call
* src/util/buf.c (virBufferVSprintf): Do not omit va_end call.
Improved-by: Daniel Veillard.
---
.gnulib|2 +-
src/util/buf.c |4 +++-
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/.gnulib b/.gnulib
index 11fbc57..a1d565a 16
--- a/.gnulib
+++ b/.gnulib
@@ -1 +1 @@
-Subproject commit 11fbc57405a118e6ec9a3ebc19bbf5ececdae4d6
+Subproject commit a1d565aa5b47ec56243e74d4ac8b4988a751fef2
diff --git a/src/util/buf.c b/src/util/buf.c
index cc0a087..ef72294 100644
--- a/src/util/buf.c
+++ b/src/util/buf.c
@@ -245,8 +245,10 @@ virBufferVSprintf(const virBufferPtr buf, const char
*format, ...)
va_end(locarg);
grow_size = (count 1000) ? count : 1000;
-if (virBufferGrow(buf, grow_size) 0)
+if (virBufferGrow(buf, grow_size) 0) {
+va_end(argptr);
return;
+}
size = buf-size - buf-use - 1;
va_copy(locarg, argptr);
--
1.7.0.233.g05e1a
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] virBufferVSprintf: do not skip va_end
Jim Meyering wrote:
Daniel Veillard wrote:
Subject: [PATCH] virBufferVSprintf: do not skip va_end
* src/util/buf.c (virBufferVSprintf): Do not omit or skip va_end calls.
...
Hum, that one I'm not sure. In the case of virBufferGrow failure,
we just did va_end(locarg); in the loop before, so going to cleanup
there does it twice, and I'm not sure it's legal. Probably simpler to
add just va_end(argptr); before return in that case and drop the
cleanup: target.
Good catch. Corrected, as you suggest:
From 313af81e8ff93ceb06b6086ea917db6a7eb160cc Mon Sep 17 00:00:00 2001
From: Jim Meyering meyer...@redhat.com
Date: Thu, 18 Feb 2010 21:25:01 +0100
Subject: [PATCH] virBufferVSprintf: do not omit va_end call
* src/util/buf.c (virBufferVSprintf): Do not omit va_end call.
Improved-by: Daniel Veillard.
---
.gnulib|2 +-
src/util/buf.c |4 +++-
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/.gnulib b/.gnulib
index 11fbc57..a1d565a 16
--- a/.gnulib
+++ b/.gnulib
@@ -1 +1 @@
-Subproject commit 11fbc57405a118e6ec9a3ebc19bbf5ececdae4d6
+Subproject commit a1d565aa5b47ec56243e74d4ac8b4988a751fef2
diff --git a/src/util/buf.c b/src/util/buf.c
index cc0a087..ef72294 100644
--- a/src/util/buf.c
+++ b/src/util/buf.c
@@ -245,8 +245,10 @@ virBufferVSprintf(const virBufferPtr buf, const char
*format, ...)
va_end(locarg);
grow_size = (count 1000) ? count : 1000;
-if (virBufferGrow(buf, grow_size) 0)
+if (virBufferGrow(buf, grow_size) 0) {
+va_end(argptr);
return;
+}
size = buf-size - buf-use - 1;
va_copy(locarg, argptr);
I looked at this again and realized that the above is insufficient.
We do have to call va_end(argptr) at the end, as well, so I'm merging
this additional change locally. Otherwise, we'd leak in the common case.
diff --git a/.gnulib b/.gnulib
index 11fbc57..a1d565a 16
--- a/.gnulib
+++ b/.gnulib
@@ -1 +1 @@
-Subproject commit 11fbc57405a118e6ec9a3ebc19bbf5ececdae4d6
+Subproject commit a1d565aa5b47ec56243e74d4ac8b4988a751fef2
diff --git a/src/util/buf.c b/src/util/buf.c
index ef72294..fc1217b 100644
--- a/src/util/buf.c
+++ b/src/util/buf.c
@@ -252,8 +252,9 @@ virBufferVSprintf(const virBufferPtr buf, const char
*format, ...)
size = buf-size - buf-use - 1;
va_copy(locarg, argptr);
}
+va_end(argptr);
va_end(locarg);
buf-use += count;
buf-content[buf-use] = '\0';
}
Amended patch:
From 2a5ca2656325546231a546cf580f08bb0462d37a Mon Sep 17 00:00:00 2001
From: Jim Meyering meyer...@redhat.com
Date: Thu, 18 Feb 2010 21:25:01 +0100
Subject: [PATCH] virBufferVSprintf: do not omit va_end(argptr) call
* src/util/buf.c (virBufferVSprintf): Do not omit va_end(argptr).
Improved-by: Daniel Veillard.
---
.gnulib|2 +-
src/util/buf.c |5 -
2 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/.gnulib b/.gnulib
index 11fbc57..a1d565a 16
--- a/.gnulib
+++ b/.gnulib
@@ -1 +1 @@
-Subproject commit 11fbc57405a118e6ec9a3ebc19bbf5ececdae4d6
+Subproject commit a1d565aa5b47ec56243e74d4ac8b4988a751fef2
diff --git a/src/util/buf.c b/src/util/buf.c
index cc0a087..fc1217b 100644
--- a/src/util/buf.c
+++ b/src/util/buf.c
@@ -245,12 +245,15 @@ virBufferVSprintf(const virBufferPtr buf, const char
*format, ...)
va_end(locarg);
grow_size = (count 1000) ? count : 1000;
-if (virBufferGrow(buf, grow_size) 0)
+if (virBufferGrow(buf, grow_size) 0) {
+va_end(argptr);
return;
+}
size = buf-size - buf-use - 1;
va_copy(locarg, argptr);
}
+va_end(argptr);
va_end(locarg);
buf-use += count;
buf-content[buf-use] = '\0';
--
1.7.0.233.g05e1a
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] virBufferVSprintf: do not skip va_end
Eric Blake wrote: According to Jim Meyering on 2/19/2010 3:45 AM: Hum, that one I'm not sure. In the case of virBufferGrow failure, we just did va_end(locarg); in the loop before, so going to cleanup there does it twice, and I'm not sure it's legal. Probably simpler to add just va_end(argptr); before return in that case and drop the cleanup: target. Good catch. Corrected, as you suggest: +++ b/.gnulib @@ -1 +1 @@ -Subproject commit 11fbc57405a118e6ec9a3ebc19bbf5ececdae4d6 +Subproject commit a1d565aa5b47ec56243e74d4ac8b4988a751fef2 Shouldn't that be an independent patch? Yes. BTW, if I were to update to the latest from gnulib, it would break syntax-check, due to a weakness in maint.mk's new hash.h check. It gets a false-positive on any inclusion of libvirt's own hash.h: $ git ls-files|grep hash.h src/util/hash.h I haven't yet decided what to do about that. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] virBufferVSprintf: do not skip va_end
Eric Blake wrote: According to Jim Meyering on 2/19/2010 6:50 AM: Why the change in .gnulib? Shouldn't that be an independent patch? Well spotted. I saw it too, and (as you probably noticed) removed it from the updated patch. I still see it in your most recent post: https://www.redhat.com/archives/libvir-list/2010-February/msg00698.html Humph ;-) Well I did remove it, but then pulled it back in with an --amend. Thanks! -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] virBufferVSprintf: do not skip va_end
This fixes the last of the varargs problems reported by coverity: va_end(argptr) was never called, and va_end(locarg) would have been skipped upon OOM. From 7a75b9da0d08a54e9f256dd26cca061b59c32c6d Mon Sep 17 00:00:00 2001 From: Jim Meyering meyer...@redhat.com Date: Thu, 18 Feb 2010 21:25:01 +0100 Subject: [PATCH] virBufferVSprintf: do not skip va_end * src/util/buf.c (virBufferVSprintf): Do not omit or skip va_end calls. --- src/util/buf.c |7 +-- 1 files changed, 5 insertions(+), 2 deletions(-) diff --git a/src/util/buf.c b/src/util/buf.c index cc0a087..caf8ee0 100644 --- a/src/util/buf.c +++ b/src/util/buf.c @@ -246,14 +246,17 @@ virBufferVSprintf(const virBufferPtr buf, const char *format, ...) grow_size = (count 1000) ? count : 1000; if (virBufferGrow(buf, grow_size) 0) -return; +goto cleanup; size = buf-size - buf-use - 1; va_copy(locarg, argptr); } -va_end(locarg); buf-use += count; buf-content[buf-use] = '\0'; + + cleanup: +va_end(argptr); +va_end(locarg); } /** -- 1.7.0.233.g05e1a -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
