libxl: add initializers for libxl__domid_history
diff mbox series

Message ID 20200226131213.15305-1-pdurrant@amazon.com
State New
Headers show
Series
  • libxl: add initializers for libxl__domid_history
Related show

Commit Message

Paul Durrant Feb. 26, 2020, 1:12 p.m. UTC
This patch fixes Coverity issue CID 1459006 (Insecure data handling
(INTEGER_OVERFLOW)).

The problem is that the error paths for libxl__mark_domid_recent() and
libxl__is_domid_recent() check the 'f' field in struct libxl__domid_history
when it may not have been initialized.

Signed-off-by: Paul Durrant <pdurrant@amazon.com>
---
Cc: Ian Jackson <ian.jackson@eu.citrix.com>
Cc: Wei Liu <wl@xen.org>
Cc: Anthony PERARD <anthony.perard@citrix.com>
---
 tools/libxl/libxl_domain.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

Comments

Wei Liu Feb. 26, 2020, 4:54 p.m. UTC | #1
On Wed, Feb 26, 2020 at 01:12:13PM +0000, Paul Durrant wrote:
> This patch fixes Coverity issue CID 1459006 (Insecure data handling
> (INTEGER_OVERFLOW)).
> 
> The problem is that the error paths for libxl__mark_domid_recent() and
> libxl__is_domid_recent() check the 'f' field in struct libxl__domid_history
> when it may not have been initialized.
> 
> Signed-off-by: Paul Durrant <pdurrant@amazon.com>

Acked-by: Wei Liu <wl@xen.org>

Patch
diff mbox series

diff --git a/tools/libxl/libxl_domain.c b/tools/libxl/libxl_domain.c
index 8937aeb260..41d08394f3 100644
--- a/tools/libxl/libxl_domain.c
+++ b/tools/libxl/libxl_domain.c
@@ -1390,7 +1390,7 @@  static int libxl__read_recent(libxl__gc *gc,
 static int libxl__mark_domid_recent(libxl__gc *gc, uint32_t domid)
 {
     libxl__flock *lock;
-    struct libxl__domid_history ctxt;
+    struct libxl__domid_history ctxt = {};
     char *new;
     FILE *nf = NULL;
     int r, rc;
@@ -1461,7 +1461,7 @@  out:
 
 int libxl__is_domid_recent(libxl__gc *gc, uint32_t domid, bool *recent)
 {
-    struct libxl__domid_history ctxt;
+    struct libxl__domid_history ctxt = {};
     int rc;
 
     rc = libxl__open_domid_history(gc, &ctxt);