[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-commits] [qemu/qemu] 5cf42b: nbd: Initialize reply on failure

From: Peter Maydell
Subject: [Qemu-commits] [qemu/qemu] 5cf42b: nbd: Initialize reply on failure
Date: Mon, 22 Jul 2019 05:20:20 -0700

  Branch: refs/heads/master
  Home:   https://github.com/qemu/qemu
  Commit: 5cf42b1c1f75499b467701926d3c9691d27712e1
  Author: Eric Blake <address@hidden>
  Date:   2019-07-19 (Fri, 19 Jul 2019)

  Changed paths:
    M block/nbd.c

  Log Message:
  nbd: Initialize reply on failure

We've had two separate reports of different callers running into use
of uninitialized data if s->quit is set (one detected by gcc -O3,
another by valgrind), due to checking 'nbd_reply_is_simple(reply) ||
s->quit' in the wrong order. Rather than chasing down which callers
need to pre-initialize reply, and whether there are any other
uninitialized uses, it's easier to guarantee that reply will always be
set by nbd_co_receive_one_chunk() even on failure.

The uninitialized use happens to be harmless (the only time the
variable is uninitialized is if s->quit is set, so the conditional
results in the same action regardless of what was read from reply),
and was introduced in commit 65e01d47.

In fixing the problem, it can also be seen that all (one) callers pass
in a non-NULL reply, so there is a dead conditional to also be cleaned

Reported-by: Thomas Huth <address@hidden>
Reported-by: Andrey Shinkevich <address@hidden>
Signed-off-by: Eric Blake <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>

  Commit: b9e02bb3f98174209dbd5c96858e65a31723221b
  Author: Peter Maydell <address@hidden>
  Date:   2019-07-22 (Mon, 22 Jul 2019)

  Changed paths:
    M block/nbd.c

  Log Message:
  Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2019-07-19' into 

nbd patches for 2019-07-19

- silence harmless compiler/valgrind warning

# gpg: Signature made Fri 19 Jul 2019 21:17:12 BST
# gpg:                using RSA key A7A16B4A2527436A
# gpg: Good signature from "Eric Blake <address@hidden>" [full]
# gpg:                 aka "Eric Blake (Free Software Programmer) 
<address@hidden>" [full]
# gpg:                 aka "[jpeg image of size 6874]" [full]
# Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2  F3AA A7A1 6B4A 2527 436A

* remotes/ericb/tags/pull-nbd-2019-07-19:
  nbd: Initialize reply on failure

Signed-off-by: Peter Maydell <address@hidden>

Compare: https://github.com/qemu/qemu/compare/4a10982c3207...b9e02bb3f981

reply via email to

[Prev in Thread] Current Thread [Next in Thread]