In case of a failure deep in the call tree, we might return NULL as the
value of the domain. In that case, error out instead of dereferencing
the NULL pointer.

This bug was discovered and resolved using Coverity Static Analysis
Security Testing (SAST) by Synopsys, Inc.

Signed-off-by: Norbert Manthey <nmant...@amazon.de>
Reviewed-by: Julien Grall <jgr...@amazon.co.uk>
Reviewed-by: Raphael Ning <raphn...@amazon.co.uk>

---
 tools/libs/store/xs.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/tools/libs/store/xs.c b/tools/libs/store/xs.c
--- a/tools/libs/store/xs.c
+++ b/tools/libs/store/xs.c
@@ -1183,7 +1183,12 @@ bool xs_path_is_subpath(const char *parent, const char 
*child)
 bool xs_is_domain_introduced(struct xs_handle *h, unsigned int domid)
 {
        char *domain = single_with_domid(h, XS_IS_DOMAIN_INTRODUCED, domid);
-       int rc = strcmp("F", domain);
+       bool rc = false;
+
+       if (!domain)
+               return rc;
+
+       rc = strcmp("F", domain) != 0;
 
        free(domain);
        return rc;
-- 
2.17.1




Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879




Reply via email to