Message ID | 152231460685.69730.14860451936216690693.stgit@bahia.lan (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
On Thu, 29 Mar 2018 11:10:06 +0200 Greg Kurz <groug@kaod.org> wrote: > The string returned by object_property_get_str() is dynamically allocated. > > Fixes: 3c4e9baacf4d9 > Signed-off-by: Greg Kurz <groug@kaod.org> > --- > hw/s390x/s390-virtio-ccw.c | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c > index 864145a7c6f3..435f7c99e77c 100644 > --- a/hw/s390x/s390-virtio-ccw.c > +++ b/hw/s390x/s390-virtio-ccw.c > @@ -246,6 +246,7 @@ static void s390_init_ipl_dev(const char *kernel_filename, > { > Object *new = object_new(TYPE_S390_IPL); > DeviceState *dev = DEVICE(new); > + char *netboot_fw_prop; > > if (kernel_filename) { > qdev_prop_set_string(dev, "kernel", kernel_filename); > @@ -256,9 +257,11 @@ static void s390_init_ipl_dev(const char *kernel_filename, > qdev_prop_set_string(dev, "cmdline", kernel_cmdline); > qdev_prop_set_string(dev, "firmware", firmware); > qdev_prop_set_bit(dev, "enforce_bios", enforce_bios); > - if (!strlen(object_property_get_str(new, "netboot_fw", &error_abort))) { > + netboot_fw_prop = object_property_get_str(new, "netboot_fw", &error_abort); > + if (!strlen(netboot_fw_prop)) { > qdev_prop_set_string(dev, "netboot_fw", netboot_fw); > } > + g_free(netboot_fw_prop); > object_property_add_child(qdev_get_machine(), TYPE_S390_IPL, > new, NULL); > object_unref(new); > It's a bit ugly that we need a new variable for this, but it can't be helped. I'll queue this to s390-fixes unless there are any complaints.
On Thu, 29 Mar 2018 11:10:06 +0200 Greg Kurz <groug@kaod.org> wrote: > The string returned by object_property_get_str() is dynamically allocated. > > Fixes: 3c4e9baacf4d9 > Signed-off-by: Greg Kurz <groug@kaod.org> > --- > hw/s390x/s390-virtio-ccw.c | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c > index 864145a7c6f3..435f7c99e77c 100644 > --- a/hw/s390x/s390-virtio-ccw.c > +++ b/hw/s390x/s390-virtio-ccw.c > @@ -246,6 +246,7 @@ static void s390_init_ipl_dev(const char *kernel_filename, > { > Object *new = object_new(TYPE_S390_IPL); > DeviceState *dev = DEVICE(new); > + char *netboot_fw_prop; > > if (kernel_filename) { > qdev_prop_set_string(dev, "kernel", kernel_filename); > @@ -256,9 +257,11 @@ static void s390_init_ipl_dev(const char *kernel_filename, > qdev_prop_set_string(dev, "cmdline", kernel_cmdline); > qdev_prop_set_string(dev, "firmware", firmware); > qdev_prop_set_bit(dev, "enforce_bios", enforce_bios); > - if (!strlen(object_property_get_str(new, "netboot_fw", &error_abort))) { > + netboot_fw_prop = object_property_get_str(new, "netboot_fw", &error_abort); > + if (!strlen(netboot_fw_prop)) { probably not really issue here but, is strlen really safe in case netboot_fw_prop == NULL? > qdev_prop_set_string(dev, "netboot_fw", netboot_fw); > } > + g_free(netboot_fw_prop); > object_property_add_child(qdev_get_machine(), TYPE_S390_IPL, > new, NULL); > object_unref(new); > >
On Thu, 29 Mar 2018 11:27:21 +0200 Igor Mammedov <imammedo@redhat.com> wrote: > On Thu, 29 Mar 2018 11:10:06 +0200 > Greg Kurz <groug@kaod.org> wrote: > > > The string returned by object_property_get_str() is dynamically allocated. > > > > Fixes: 3c4e9baacf4d9 > > Signed-off-by: Greg Kurz <groug@kaod.org> > > --- > > hw/s390x/s390-virtio-ccw.c | 5 ++++- > > 1 file changed, 4 insertions(+), 1 deletion(-) > > > > diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c > > index 864145a7c6f3..435f7c99e77c 100644 > > --- a/hw/s390x/s390-virtio-ccw.c > > +++ b/hw/s390x/s390-virtio-ccw.c > > @@ -246,6 +246,7 @@ static void s390_init_ipl_dev(const char *kernel_filename, > > { > > Object *new = object_new(TYPE_S390_IPL); > > DeviceState *dev = DEVICE(new); > > + char *netboot_fw_prop; > > > > if (kernel_filename) { > > qdev_prop_set_string(dev, "kernel", kernel_filename); > > @@ -256,9 +257,11 @@ static void s390_init_ipl_dev(const char *kernel_filename, > > qdev_prop_set_string(dev, "cmdline", kernel_cmdline); > > qdev_prop_set_string(dev, "firmware", firmware); > > qdev_prop_set_bit(dev, "enforce_bios", enforce_bios); > > - if (!strlen(object_property_get_str(new, "netboot_fw", &error_abort))) { > > + netboot_fw_prop = object_property_get_str(new, "netboot_fw", &error_abort); > > + if (!strlen(netboot_fw_prop)) { > probably not really issue here but, > is strlen really safe in case netboot_fw_prop == NULL? It will always be != NULL IIUC. > > > qdev_prop_set_string(dev, "netboot_fw", netboot_fw); > > } > > + g_free(netboot_fw_prop); > > object_property_add_child(qdev_get_machine(), TYPE_S390_IPL, > > new, NULL); > > object_unref(new); > > > > >
On Thu, 29 Mar 2018 11:27:21 +0200 Igor Mammedov <imammedo@redhat.com> wrote: > On Thu, 29 Mar 2018 11:10:06 +0200 > Greg Kurz <groug@kaod.org> wrote: > > > The string returned by object_property_get_str() is dynamically allocated. > > > > Fixes: 3c4e9baacf4d9 > > Signed-off-by: Greg Kurz <groug@kaod.org> > > --- > > hw/s390x/s390-virtio-ccw.c | 5 ++++- > > 1 file changed, 4 insertions(+), 1 deletion(-) > > > > diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c > > index 864145a7c6f3..435f7c99e77c 100644 > > --- a/hw/s390x/s390-virtio-ccw.c > > +++ b/hw/s390x/s390-virtio-ccw.c > > @@ -246,6 +246,7 @@ static void s390_init_ipl_dev(const char *kernel_filename, > > { > > Object *new = object_new(TYPE_S390_IPL); > > DeviceState *dev = DEVICE(new); > > + char *netboot_fw_prop; > > > > if (kernel_filename) { > > qdev_prop_set_string(dev, "kernel", kernel_filename); > > @@ -256,9 +257,11 @@ static void s390_init_ipl_dev(const char *kernel_filename, > > qdev_prop_set_string(dev, "cmdline", kernel_cmdline); > > qdev_prop_set_string(dev, "firmware", firmware); > > qdev_prop_set_bit(dev, "enforce_bios", enforce_bios); > > - if (!strlen(object_property_get_str(new, "netboot_fw", &error_abort))) { > > + netboot_fw_prop = object_property_get_str(new, "netboot_fw", &error_abort); > > + if (!strlen(netboot_fw_prop)) { > probably not really issue here but, > is strlen really safe in case netboot_fw_prop == NULL? > You're right, object_property_get_str() can theoretically return NULL and strlen() would crash... Not sure how this would happen though. Anyway, the current code doesn't check if object_property_get_str() returns NULL so if this needs to be fixed as well, let's do it in a followup patch. > > qdev_prop_set_string(dev, "netboot_fw", netboot_fw); > > } > > + g_free(netboot_fw_prop); > > object_property_add_child(qdev_get_machine(), TYPE_S390_IPL, > > new, NULL); > > object_unref(new); > > > > >
On Thu, 29 Mar 2018 11:39:41 +0200 Greg Kurz <groug@kaod.org> wrote: > On Thu, 29 Mar 2018 11:27:21 +0200 > Igor Mammedov <imammedo@redhat.com> wrote: > > > On Thu, 29 Mar 2018 11:10:06 +0200 > > Greg Kurz <groug@kaod.org> wrote: > > > > > The string returned by object_property_get_str() is dynamically allocated. > > > > > > Fixes: 3c4e9baacf4d9 > > > Signed-off-by: Greg Kurz <groug@kaod.org> > > > --- > > > hw/s390x/s390-virtio-ccw.c | 5 ++++- > > > 1 file changed, 4 insertions(+), 1 deletion(-) > > > > > > diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c > > > index 864145a7c6f3..435f7c99e77c 100644 > > > --- a/hw/s390x/s390-virtio-ccw.c > > > +++ b/hw/s390x/s390-virtio-ccw.c > > > @@ -246,6 +246,7 @@ static void s390_init_ipl_dev(const char *kernel_filename, > > > { > > > Object *new = object_new(TYPE_S390_IPL); > > > DeviceState *dev = DEVICE(new); > > > + char *netboot_fw_prop; > > > > > > if (kernel_filename) { > > > qdev_prop_set_string(dev, "kernel", kernel_filename); > > > @@ -256,9 +257,11 @@ static void s390_init_ipl_dev(const char *kernel_filename, > > > qdev_prop_set_string(dev, "cmdline", kernel_cmdline); > > > qdev_prop_set_string(dev, "firmware", firmware); > > > qdev_prop_set_bit(dev, "enforce_bios", enforce_bios); > > > - if (!strlen(object_property_get_str(new, "netboot_fw", &error_abort))) { > > > + netboot_fw_prop = object_property_get_str(new, "netboot_fw", &error_abort); > > > + if (!strlen(netboot_fw_prop)) { > > probably not really issue here but, > > is strlen really safe in case netboot_fw_prop == NULL? > > > > You're right, object_property_get_str() can theoretically return NULL and > strlen() would crash... Not sure how this would happen though. Anyway, the > current code doesn't check if object_property_get_str() returns NULL so > if this needs to be fixed as well, let's do it in a followup patch. I don't think so - if the attribute exists, we'll always get != NULL if I read the code correctly. > > > > qdev_prop_set_string(dev, "netboot_fw", netboot_fw); > > > } > > > + g_free(netboot_fw_prop); > > > object_property_add_child(qdev_get_machine(), TYPE_S390_IPL, > > > new, NULL); > > > object_unref(new); > > > > > > > > >
On 29.03.2018 12:31, Cornelia Huck wrote: > On Thu, 29 Mar 2018 11:39:41 +0200 > Greg Kurz <groug@kaod.org> wrote: > >> On Thu, 29 Mar 2018 11:27:21 +0200 >> Igor Mammedov <imammedo@redhat.com> wrote: >> >>> On Thu, 29 Mar 2018 11:10:06 +0200 >>> Greg Kurz <groug@kaod.org> wrote: >>> >>>> The string returned by object_property_get_str() is dynamically allocated. >>>> >>>> Fixes: 3c4e9baacf4d9 >>>> Signed-off-by: Greg Kurz <groug@kaod.org> >>>> --- >>>> hw/s390x/s390-virtio-ccw.c | 5 ++++- >>>> 1 file changed, 4 insertions(+), 1 deletion(-) >>>> >>>> diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c >>>> index 864145a7c6f3..435f7c99e77c 100644 >>>> --- a/hw/s390x/s390-virtio-ccw.c >>>> +++ b/hw/s390x/s390-virtio-ccw.c >>>> @@ -246,6 +246,7 @@ static void s390_init_ipl_dev(const char *kernel_filename, >>>> { >>>> Object *new = object_new(TYPE_S390_IPL); >>>> DeviceState *dev = DEVICE(new); >>>> + char *netboot_fw_prop; >>>> >>>> if (kernel_filename) { >>>> qdev_prop_set_string(dev, "kernel", kernel_filename); >>>> @@ -256,9 +257,11 @@ static void s390_init_ipl_dev(const char *kernel_filename, >>>> qdev_prop_set_string(dev, "cmdline", kernel_cmdline); >>>> qdev_prop_set_string(dev, "firmware", firmware); >>>> qdev_prop_set_bit(dev, "enforce_bios", enforce_bios); >>>> - if (!strlen(object_property_get_str(new, "netboot_fw", &error_abort))) { >>>> + netboot_fw_prop = object_property_get_str(new, "netboot_fw", &error_abort); >>>> + if (!strlen(netboot_fw_prop)) { >>> probably not really issue here but, >>> is strlen really safe in case netboot_fw_prop == NULL? >>> >> >> You're right, object_property_get_str() can theoretically return NULL and >> strlen() would crash... Not sure how this would happen though. Anyway, the >> current code doesn't check if object_property_get_str() returns NULL so >> if this needs to be fixed as well, let's do it in a followup patch. > > I don't think so - if the attribute exists, we'll always get != NULL if > I read the code correctly. Right, the property is always there, so this should never be NULL. Thomas
On 29.03.2018 11:10, Greg Kurz wrote: > The string returned by object_property_get_str() is dynamically allocated. > > Fixes: 3c4e9baacf4d9 > Signed-off-by: Greg Kurz <groug@kaod.org> > --- > hw/s390x/s390-virtio-ccw.c | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c > index 864145a7c6f3..435f7c99e77c 100644 > --- a/hw/s390x/s390-virtio-ccw.c > +++ b/hw/s390x/s390-virtio-ccw.c > @@ -246,6 +246,7 @@ static void s390_init_ipl_dev(const char *kernel_filename, > { > Object *new = object_new(TYPE_S390_IPL); > DeviceState *dev = DEVICE(new); > + char *netboot_fw_prop; > > if (kernel_filename) { > qdev_prop_set_string(dev, "kernel", kernel_filename); > @@ -256,9 +257,11 @@ static void s390_init_ipl_dev(const char *kernel_filename, > qdev_prop_set_string(dev, "cmdline", kernel_cmdline); > qdev_prop_set_string(dev, "firmware", firmware); > qdev_prop_set_bit(dev, "enforce_bios", enforce_bios); > - if (!strlen(object_property_get_str(new, "netboot_fw", &error_abort))) { > + netboot_fw_prop = object_property_get_str(new, "netboot_fw", &error_abort); > + if (!strlen(netboot_fw_prop)) { > qdev_prop_set_string(dev, "netboot_fw", netboot_fw); > } > + g_free(netboot_fw_prop); > object_property_add_child(qdev_get_machine(), TYPE_S390_IPL, > new, NULL); > object_unref(new); > > Reviewed-by: Thomas Huth <thuth@redhat.com>
On Thu, 29 Mar 2018 11:10:06 +0200 Greg Kurz <groug@kaod.org> wrote: > The string returned by object_property_get_str() is dynamically allocated. > > Fixes: 3c4e9baacf4d9 > Signed-off-by: Greg Kurz <groug@kaod.org> > --- > hw/s390x/s390-virtio-ccw.c | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) Thanks, queued to s390-fixes.
diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c index 864145a7c6f3..435f7c99e77c 100644 --- a/hw/s390x/s390-virtio-ccw.c +++ b/hw/s390x/s390-virtio-ccw.c @@ -246,6 +246,7 @@ static void s390_init_ipl_dev(const char *kernel_filename, { Object *new = object_new(TYPE_S390_IPL); DeviceState *dev = DEVICE(new); + char *netboot_fw_prop; if (kernel_filename) { qdev_prop_set_string(dev, "kernel", kernel_filename); @@ -256,9 +257,11 @@ static void s390_init_ipl_dev(const char *kernel_filename, qdev_prop_set_string(dev, "cmdline", kernel_cmdline); qdev_prop_set_string(dev, "firmware", firmware); qdev_prop_set_bit(dev, "enforce_bios", enforce_bios); - if (!strlen(object_property_get_str(new, "netboot_fw", &error_abort))) { + netboot_fw_prop = object_property_get_str(new, "netboot_fw", &error_abort); + if (!strlen(netboot_fw_prop)) { qdev_prop_set_string(dev, "netboot_fw", netboot_fw); } + g_free(netboot_fw_prop); object_property_add_child(qdev_get_machine(), TYPE_S390_IPL, new, NULL); object_unref(new);
The string returned by object_property_get_str() is dynamically allocated. Fixes: 3c4e9baacf4d9 Signed-off-by: Greg Kurz <groug@kaod.org> --- hw/s390x/s390-virtio-ccw.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)