diff options
| author | Richard W.M. Jones <rjones@redhat.com> | 2011-06-09 09:39:54 +0100 |
|---|---|---|
| committer | Richard W.M. Jones <rjones@redhat.com> | 2011-06-09 10:53:51 +0100 |
| commit | 29453a58d818df24c238d0a08a68886ebe4029dd (patch) | |
| tree | d026ae2bc677f2b0c8844dc4163893c75761ff08 /daemon | |
| parent | 7a091a11d7aeddc170e4d1b833fd9d7d18c00841 (diff) | |
| download | libguestfs-29453a58d818df24c238d0a08a68886ebe4029dd.tar.gz libguestfs-29453a58d818df24c238d0a08a68886ebe4029dd.tar.xz libguestfs-29453a58d818df24c238d0a08a68886ebe4029dd.zip | |
Coverity: Don't return freed pointers from command* along error path.
If the external command failed to run, we could free up the allocated
*stdoutput and *stderror pointers, but then return those freed
pointers to the caller. The caller usually tries to print and free
*stderror, so this is a serious error.
Instead, return *stdoutput as NULL, and *stderror pointing to a
generic error message.
Diffstat (limited to 'daemon')
| -rw-r--r-- | daemon/guestfsd.c | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/daemon/guestfsd.c b/daemon/guestfsd.c index ceadfdbd..116a6b92 100644 --- a/daemon/guestfsd.c +++ b/daemon/guestfsd.c @@ -779,8 +779,20 @@ commandrvf (char **stdoutput, char **stderror, int flags, perror ("select"); quit: - if (stdoutput) free (*stdoutput); - if (stderror) free (*stderror); + if (stdoutput) { + free (*stdoutput); + *stdoutput = NULL; + } + if (stderror) { + free (*stderror); + /* Need to return non-NULL *stderror here since most callers + * will try to print and then free the err string. + * Unfortunately recovery from strdup failure here is not + * possible. + */ + *stderror = strdup ("error running external command, " + "see debug output for details"); + } close (so_fd[0]); close (se_fd[0]); waitpid (pid, NULL, 0); |