[XENSTORE,v1,04/10] xenstore_client: handle memory on error

Message ID	20210226144144.9252-5-nmanthey@amazon.de (mailing list archive)
State	New, archived
Headers	show Return-Path: <SRS0=mA2z=H4=lists.xenproject.org=xen-devel-bounces@kernel.org> DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 0F7BD64EDB Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org> From: Norbert Manthey <nmanthey@amazon.de> To: <xen-devel@lists.xenproject.org> CC: Ian Jackson <iwj@xenproject.org>, Juergen Gross <jgross@suse.com>, Wei Liu <wl@xen.org>, Julien Grall <jgrall@amazon.co.uk>, Michael Kurth <mku@amazon.de>, Norbert Manthey <nmanthey@amazon.de> Subject: [PATCH XENSTORE v1 04/10] xenstore_client: handle memory on error Date: Fri, 26 Feb 2021 15:41:38 +0100 Message-ID: <20210226144144.9252-5-nmanthey@amazon.de> In-Reply-To: <20210226144144.9252-1-nmanthey@amazon.de> References: <20210226144144.9252-1-nmanthey@amazon.de> MIME-Version: 1.0 Content-Type: text/plain Precedence: Bulk
Series	Code analysis fixes \| expand [XENSTORE,v1,00/10] Code analysis fixes [XENSTORE,v1,01/10] xenstore: add missing NULL check [XENSTORE,v1,02/10] xenstore: fix print format string [XENSTORE,v1,03/10] xenstore: check formats of trace [XENSTORE,v1,04/10] xenstore_client: handle memory on error [XENSTORE,v1,05/10] xenstore: handle daemon creation errors [XENSTORE,v1,06/10] xenstored: handle port reads correctly [XENSTORE,v1,07/10] xenstore: handle do_mkdir and do_rm failure [XENSTORE,v1,08/10] xenstore: add missing NULL check [XENSTORE,v1,09/10] xs: handle daemon socket error [XENSTORE,v1,10/10] xs: add error handling

Message ID

20210226144144.9252-5-nmanthey@amazon.de (mailing list archive)

State

New, archived

Headers

DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 0F7BD64EDB
Errors-To: xen-devel-bounces@lists.xenproject.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
From: Norbert Manthey <nmanthey@amazon.de>
To: <xen-devel@lists.xenproject.org>
CC: Ian Jackson <iwj@xenproject.org>, Juergen Gross <jgross@suse.com>, Wei Liu
	<wl@xen.org>, Julien Grall <jgrall@amazon.co.uk>, Michael Kurth
	<mku@amazon.de>, Norbert Manthey <nmanthey@amazon.de>
Subject: [PATCH XENSTORE v1 04/10] xenstore_client: handle memory on error
Date: Fri, 26 Feb 2021 15:41:38 +0100
Message-ID: <20210226144144.9252-5-nmanthey@amazon.de>
In-Reply-To: <20210226144144.9252-1-nmanthey@amazon.de>
References: <20210226144144.9252-1-nmanthey@amazon.de>
MIME-Version: 1.0
Content-Type: text/plain
Precedence: Bulk

Series

Code analysis fixes | expand

Commit Message

Norbert Manthey Feb. 26, 2021, 2:41 p.m. UTC

In case a command fails, also free the memory. As this is for the CLI
client, currently the leaked memory is freed right after receiving the
error, as the application terminates next.

Similarly, if the allocation fails, do not use the NULL pointer
afterwards, but instead error out.

This bug was discovered and resolved using Coverity Static Analysis
Security Testing (SAST) by Synopsys, Inc.

Signed-off-by: Norbert Manthey <nmanthey@amazon.de>
Reviewed-by: Thomas Friebel <friebelt@amazon.de>
Reviewed-by: Julien Grall <jgrall@amazon.co.uk>

---
 tools/xenstore/xenstore_client.c | 3 +++
 1 file changed, 3 insertions(+)

Comments

Jürgen Groß March 2, 2021, 5:08 a.m. UTC | #1

On 26.02.21 15:41, Norbert Manthey wrote:
> In case a command fails, also free the memory. As this is for the CLI
> client, currently the leaked memory is freed right after receiving the
> error, as the application terminates next.
> 
> Similarly, if the allocation fails, do not use the NULL pointer
> afterwards, but instead error out.
> 
> This bug was discovered and resolved using Coverity Static Analysis
> Security Testing (SAST) by Synopsys, Inc.
> 
> Signed-off-by: Norbert Manthey <nmanthey@amazon.de>
> Reviewed-by: Thomas Friebel <friebelt@amazon.de>
> Reviewed-by: Julien Grall <jgrall@amazon.co.uk>

Reviewed-by: Juergen Gross <jgross@suse.com>


Juergen

Ian Jackson March 3, 2021, 4:10 p.m. UTC | #2

Norbert Manthey writes ("[PATCH XENSTORE v1 04/10] xenstore_client: handle memory on error"):
> In case a command fails, also free the memory. As this is for the CLI
> client, currently the leaked memory is freed right after receiving the
> error, as the application terminates next.
> 
> Similarly, if the allocation fails, do not use the NULL pointer
> afterwards, but instead error out.

I think this is not for 4.15.

Thanks,
Ian.

diff --git a/tools/xenstore/xenstore_client.c b/tools/xenstore/xenstore_client.c
--- a/tools/xenstore/xenstore_client.c
+++ b/tools/xenstore/xenstore_client.c
@@ -382,11 +382,14 @@  perform(enum mode mode, int optind, int argc, char **argv, struct xs_handle *xsh
                 /* Copy path, because we can't modify argv because we will need it
                    again if xs_transaction_end gives us EAGAIN. */
                 char *p = malloc(strlen(path) + 1);
+                if (!p)
+                    return 1;
                 strcpy(p, path);
                 path = p;
 
             again:
                 if (do_rm(path, xsh, xth)) {
+                    free(path);
                     return 1;
                 }

[XENSTORE,v1,04/10] xenstore_client: handle memory on error

Commit Message

Comments

Patch