rpc: avoid freeing uninitialized variable

Detected by Coverity. Both are instances of bad things happening if pipe2 fails; the virNetClientNew failure could free garbage, and virNetSocketNewConnectCommand could close random fds. Note: POSIX doesn't guarantee the contents of fd[0] and fd[1] after pipe failure: http://austingroupbugs.net/view.php?id=467 We may need to introduce a virPipe2 wrapper that guarantees that on pipe failure, the fds are explicitly set to -1, rather than our current state of assuming the fds are unchanged from their value prior to the failed pipe call. * src/rpc/virnetclient.c (virNetClientNew): Initialize variable. * src/rpc/virnetsocket.c (virNetSocketNewConnectCommand): Likewise.
2024-07-30 21:47:18 +00:00 · 2011-06-29 12:28:57 -06:00 · 2011-06-29 12:28:57 -06:00 · 0a8a79af53
commit 0a8a79af53
parent cdb0e0dc3f
2 changed files with 3 additions and 3 deletions
--- a/src/rpc/virnetclient.c
+++ b/src/rpc/virnetclient.c
@ -113,7 +113,7 @@ static void virNetClientIncomingEvent(virNetSocketPtr sock,
 static virNetClientPtr virNetClientNew(virNetSocketPtr sock,
                                       const char *hostname)
 {
-    virNetClientPtr client;
+    virNetClientPtr client = NULL;
    int wakeupFD[2] = { -1, -1 };

    if (pipe2(wakeupFD, O_CLOEXEC) < 0) {
--- a/src/rpc/virnetsocket.c
+++ b/src/rpc/virnetsocket.c
@ -511,8 +511,8 @@ int virNetSocketNewConnectCommand(virCommandPtr cmd,
                                  virNetSocketPtr *retsock)
 {
    pid_t pid = 0;
-    int sv[2];
-    int errfd[2];
+    int sv[2] = { -1, -1 };
+    int errfd[2] = { -1, -1 };

    *retsock = NULL;