[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] xen-mfndump xch bug (was Re: New Defects reported by Coverity Scan for XenProject)
On gio, 2014-03-13 at 17:05 +0000, Ian Jackson wrote: > scan-admin@xxxxxxxxxxxx writes ("New Defects reported by Coverity Scan for > XenProject"): > ___________________________ > > *** CID 1191885: Dereference after null check (FORWARD_NULL) > > /tools/misc/xen-mfndump.c: 401 in main() > > 400 xch = xc_interface_open(0, 0, 0); > > >>> CID 1191885: Dereference after null check (FORWARD_NULL) > > >>> Comparing "xch" to null implies that "xch" might be null. > > 401 if ( !xch ) > > 402 { > > 403 ERROR("Failed to open an xc handler"); > > This complaint is accurate. ERROR uses xch. (This is IMO not a > security problem.) > I think Andrew sent a patch (and its v2 also) about it already: http://www.gossamer-threads.com/lists/xen/devel/320397 > Furthermore, I was rather startled to discover that xen-mfndump.c > #includes <xc_private.h>. > Makes sense... Sorry for that. I think I remember, when working on it, starting from copying tools/misc/xen-hptool.c, and then modifying it for my purposes. I probably just left the #include-s untouched without much thinking. Do you want me to try to remove it and send a patch to that effect? Regards, Dario -- <<This happens because I choose it to happen!>> (Raistlin Majere) ----------------------------------------------------------------- Dario Faggioli, Ph.D, http://about.me/dario.faggioli Senior Software Engineer, Citrix Systems R&D Ltd., Cambridge (UK) Attachment:
signature.asc _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |