[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH XENSTORE v1 07/10] xenstore: handle do_mkdir and do_rm failure

In the out of memory case, we might return a NULL pointer when
canonicalizing node names. This NULL pointer is not checked when
creating a directory, or when removing a node. This change handles
the NULL pointer for these two cases.

This bug was discovered and resolved using Coverity Static Analysis
Security Testing (SAST) by Synopsys, Inc.

Signed-off-by: Norbert Manthey <nmanthey@xxxxxxxxx>
Reviewed-by: Thomas Friebel <friebelt@xxxxxxxxx>
Reviewed-by: Julien Grall <jgrall@xxxxxxxxxxxx>

 tools/xenstore/xenstored_core.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/tools/xenstore/xenstored_core.c b/tools/xenstore/xenstored_core.c
--- a/tools/xenstore/xenstored_core.c
+++ b/tools/xenstore/xenstored_core.c
@@ -1160,6 +1160,8 @@ static int do_mkdir(struct connection *conn, struct 
buffered_data *in)
                /* No permissions? */
                if (errno != ENOENT)
                        return errno;
+               if (!name)
+                       return ENOMEM;
                node = create_node(conn, in, name, NULL, 0);
                if (!node)
                        return errno;
@@ -1274,6 +1276,8 @@ static int do_rm(struct connection *conn, struct 
buffered_data *in)
        if (!node) {
                /* Didn't exist already?  Fine, if parent exists. */
                if (errno == ENOENT) {
+                       if (!name)
+                               return ENOMEM;
                        parentname = get_parent(in, name);
                        if (!parentname)
                                return errno;

Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.