[PATCH] tools/xl: Fix trim() following c/s e316316 "xl: Rewrite trim()"

xen-devel.lists.xenproject.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] tools/xl: Fix trim() following c/s e316316 "xl: Rewrite trim()"
@ 2015-07-16 19:18 Andrew Cooper
  2015-07-16 20:47 ` Wei Liu
  2015-07-17 10:04 ` Ian Jackson
  0 siblings, 2 replies; 7+ messages in thread
From: Andrew Cooper @ 2015-07-16 19:18 UTC (permalink / raw)
  To: Xen-devel; +Cc: Andrew Cooper, Ian Jackson, Ian Campbell, Wei Liu

c/s e316316 "xl: Rewrite trim()" uses the wrong indirection of
'output', causing memory corruption for all callers.

Introduce a new local variable, making the code more obviously
correct.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
CC: Ian Campbell <Ian.Campbell@citrix.com>
CC: Ian Jackson <Ian.Jackson@eu.citrix.com>
CC: Wei Liu <wei.liu2@citrix.com>
---
 tools/libxl/xl_cmdimpl.c |    8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/tools/libxl/xl_cmdimpl.c b/tools/libxl/xl_cmdimpl.c
index 37d4af6..0cc9f8b 100644
--- a/tools/libxl/xl_cmdimpl.c
+++ b/tools/libxl/xl_cmdimpl.c
@@ -663,10 +663,12 @@ static void trim(char_predicate_t predicate, const char *input, char **output)
         ;
 
     size_t len_nonnull = after - first;
+    char *result = xmalloc(len_nonnull + 1);
 
-    *output = xmalloc(len_nonnull + 1);
-    memcpy(output, first, len_nonnull);
-    output[len_nonnull] = 0;
+    memcpy(result, first, len_nonnull);
+    result[len_nonnull] = 0;
+
+    *output = result;
 }
 
 static int split_string_into_pair(const char *str,
-- 
1.7.10.4

^ permalink raw reply related	[flat|nested] 7+ messages in thread

* Re: [PATCH] tools/xl: Fix trim() following c/s e316316 "xl: Rewrite trim()"
  2015-07-16 19:18 [PATCH] tools/xl: Fix trim() following c/s e316316 "xl: Rewrite trim()" Andrew Cooper
@ 2015-07-16 20:47 ` Wei Liu
  2015-07-16 21:53   ` Andrew Cooper
  2015-07-17 10:04 ` Ian Jackson
  1 sibling, 1 reply; 7+ messages in thread
From: Wei Liu @ 2015-07-16 20:47 UTC (permalink / raw)
  To: Andrew Cooper; +Cc: Wei Liu, Ian Jackson, Ian Campbell, Xen-devel

On Thu, Jul 16, 2015 at 08:18:31PM +0100, Andrew Cooper wrote:
> c/s e316316 "xl: Rewrite trim()" uses the wrong indirection of
> 'output', causing memory corruption for all callers.
> 
> Introduce a new local variable, making the code more obviously
> correct.
> 
> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
> CC: Ian Campbell <Ian.Campbell@citrix.com>
> CC: Ian Jackson <Ian.Jackson@eu.citrix.com>
> CC: Wei Liu <wei.liu2@citrix.com>

Acked-by: Wei Liu <wei.liu2@citrix.com>

One nit below.

> ---
>  tools/libxl/xl_cmdimpl.c |    8 +++++---
>  1 file changed, 5 insertions(+), 3 deletions(-)
> 
> diff --git a/tools/libxl/xl_cmdimpl.c b/tools/libxl/xl_cmdimpl.c
> index 37d4af6..0cc9f8b 100644
> --- a/tools/libxl/xl_cmdimpl.c
> +++ b/tools/libxl/xl_cmdimpl.c
> @@ -663,10 +663,12 @@ static void trim(char_predicate_t predicate, const char *input, char **output)
>          ;
>  
>      size_t len_nonnull = after - first;
> +    char *result = xmalloc(len_nonnull + 1);
>  

Can you move the declaration of result to the beginning of this
function?

> -    *output = xmalloc(len_nonnull + 1);
> -    memcpy(output, first, len_nonnull);
> -    output[len_nonnull] = 0;
> +    memcpy(result, first, len_nonnull);
> +    result[len_nonnull] = 0;
> +
> +    *output = result;
>  }
>  
>  static int split_string_into_pair(const char *str,
> -- 
> 1.7.10.4

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] tools/xl: Fix trim() following c/s e316316 "xl: Rewrite trim()"
  2015-07-16 20:47 ` Wei Liu
@ 2015-07-16 21:53   ` Andrew Cooper
  2015-07-16 22:30     ` Wei Liu
  0 siblings, 1 reply; 7+ messages in thread
From: Andrew Cooper @ 2015-07-16 21:53 UTC (permalink / raw)
  To: Wei Liu; +Cc: Ian Jackson, Ian Campbell, Xen-devel

On 16/07/2015 21:47, Wei Liu wrote:
> On Thu, Jul 16, 2015 at 08:18:31PM +0100, Andrew Cooper wrote:
>> c/s e316316 "xl: Rewrite trim()" uses the wrong indirection of
>> 'output', causing memory corruption for all callers.
>>
>> Introduce a new local variable, making the code more obviously
>> correct.
>>
>> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
>> CC: Ian Campbell <Ian.Campbell@citrix.com>
>> CC: Ian Jackson <Ian.Jackson@eu.citrix.com>
>> CC: Wei Liu <wei.liu2@citrix.com>
> Acked-by: Wei Liu <wei.liu2@citrix.com>
>
> One nit below.
>
>> ---
>>  tools/libxl/xl_cmdimpl.c |    8 +++++---
>>  1 file changed, 5 insertions(+), 3 deletions(-)
>>
>> diff --git a/tools/libxl/xl_cmdimpl.c b/tools/libxl/xl_cmdimpl.c
>> index 37d4af6..0cc9f8b 100644
>> --- a/tools/libxl/xl_cmdimpl.c
>> +++ b/tools/libxl/xl_cmdimpl.c
>> @@ -663,10 +663,12 @@ static void trim(char_predicate_t predicate, const char *input, char **output)
>>          ;
>>  
>>      size_t len_nonnull = after - first;
>> +    char *result = xmalloc(len_nonnull + 1);
>>  
> Can you move the declaration of result to the beginning of this
> function?

I can, but why in particular?  It is adjacent to the declaration of
len_nonnull.

~Andrew

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] tools/xl: Fix trim() following c/s e316316 "xl: Rewrite trim()"
  2015-07-16 21:53   ` Andrew Cooper
@ 2015-07-16 22:30     ` Wei Liu
  2015-07-17 10:04       ` Ian Jackson
  2015-07-17 10:18       ` Ian Campbell
  0 siblings, 2 replies; 7+ messages in thread
From: Wei Liu @ 2015-07-16 22:30 UTC (permalink / raw)
  To: Andrew Cooper; +Cc: Ian Jackson, Wei Liu, Ian Campbell, Xen-devel

On Thu, Jul 16, 2015 at 10:53:02PM +0100, Andrew Cooper wrote:
> On 16/07/2015 21:47, Wei Liu wrote:
> > On Thu, Jul 16, 2015 at 08:18:31PM +0100, Andrew Cooper wrote:
> >> c/s e316316 "xl: Rewrite trim()" uses the wrong indirection of
> >> 'output', causing memory corruption for all callers.
> >>
> >> Introduce a new local variable, making the code more obviously
> >> correct.
> >>
> >> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
> >> CC: Ian Campbell <Ian.Campbell@citrix.com>
> >> CC: Ian Jackson <Ian.Jackson@eu.citrix.com>
> >> CC: Wei Liu <wei.liu2@citrix.com>
> > Acked-by: Wei Liu <wei.liu2@citrix.com>
> >
> > One nit below.
> >
> >> ---
> >>  tools/libxl/xl_cmdimpl.c |    8 +++++---
> >>  1 file changed, 5 insertions(+), 3 deletions(-)
> >>
> >> diff --git a/tools/libxl/xl_cmdimpl.c b/tools/libxl/xl_cmdimpl.c
> >> index 37d4af6..0cc9f8b 100644
> >> --- a/tools/libxl/xl_cmdimpl.c
> >> +++ b/tools/libxl/xl_cmdimpl.c
> >> @@ -663,10 +663,12 @@ static void trim(char_predicate_t predicate, const char *input, char **output)
> >>          ;
> >>  
> >>      size_t len_nonnull = after - first;
> >> +    char *result = xmalloc(len_nonnull + 1);
> >>  
> > Can you move the declaration of result to the beginning of this
> > function?
> 
> I can, but why in particular?  It is adjacent to the declaration of
> len_nonnull.
> 

C90 forbids this. Not sure how much we care about that and I'm probably
bicksheding too much.

Wei.

> ~Andrew

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] tools/xl: Fix trim() following c/s e316316 "xl: Rewrite trim()"
  2015-07-16 19:18 [PATCH] tools/xl: Fix trim() following c/s e316316 "xl: Rewrite trim()" Andrew Cooper
  2015-07-16 20:47 ` Wei Liu
@ 2015-07-17 10:04 ` Ian Jackson
  1 sibling, 0 replies; 7+ messages in thread
From: Ian Jackson @ 2015-07-17 10:04 UTC (permalink / raw)
  To: Andrew Cooper; +Cc: Wei Liu, Ian Campbell, Xen-devel

Andrew Cooper writes ("[PATCH] tools/xl: Fix trim() following c/s e316316 "xl: Rewrite trim()""):
> c/s e316316 "xl: Rewrite trim()" uses the wrong indirection of
> 'output', causing memory corruption for all callers.
> 
> Introduce a new local variable, making the code more obviously
> correct.

Gah, thanks.

Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
Committed-by: Ian Jackson <ian.jackson@eu.citrix.com>

Ian.

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] tools/xl: Fix trim() following c/s e316316 "xl: Rewrite trim()"
  2015-07-16 22:30     ` Wei Liu
@ 2015-07-17 10:04       ` Ian Jackson
  2015-07-17 10:18       ` Ian Campbell
  1 sibling, 0 replies; 7+ messages in thread
From: Ian Jackson @ 2015-07-17 10:04 UTC (permalink / raw)
  To: Wei Liu; +Cc: Andrew Cooper, Ian Campbell, Xen-devel

Wei Liu writes ("Re: [PATCH] tools/xl: Fix trim() following c/s e316316 "xl: Rewrite trim()""):
> C90 forbids this. Not sure how much we care about that and I'm probably
> bicksheding too much.

libxl/Makefile has -Wno-declaration-after-statement

Ian.

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] tools/xl: Fix trim() following c/s e316316 "xl: Rewrite trim()"
  2015-07-16 22:30     ` Wei Liu
  2015-07-17 10:04       ` Ian Jackson
@ 2015-07-17 10:18       ` Ian Campbell
  1 sibling, 0 replies; 7+ messages in thread
From: Ian Campbell @ 2015-07-17 10:18 UTC (permalink / raw)
  To: Wei Liu; +Cc: Andrew Cooper, Ian Jackson, Xen-devel

On Thu, 2015-07-16 at 23:30 +0100, Wei Liu wrote:
> On Thu, Jul 16, 2015 at 10:53:02PM +0100, Andrew Cooper wrote:
> > On 16/07/2015 21:47, Wei Liu wrote:
> > > On Thu, Jul 16, 2015 at 08:18:31PM +0100, Andrew Cooper wrote:
> > >> c/s e316316 "xl: Rewrite trim()" uses the wrong indirection of
> > >> 'output', causing memory corruption for all callers.
> > >>
> > >> Introduce a new local variable, making the code more obviously
> > >> correct.
> > >>
> > >> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
> > >> CC: Ian Campbell <Ian.Campbell@citrix.com>
> > >> CC: Ian Jackson <Ian.Jackson@eu.citrix.com>
> > >> CC: Wei Liu <wei.liu2@citrix.com>
> > > Acked-by: Wei Liu <wei.liu2@citrix.com>
> > >
> > > One nit below.
> > >
> > >> ---
> > >>  tools/libxl/xl_cmdimpl.c |    8 +++++---
> > >>  1 file changed, 5 insertions(+), 3 deletions(-)
> > >>
> > >> diff --git a/tools/libxl/xl_cmdimpl.c b/tools/libxl/xl_cmdimpl.c
> > >> index 37d4af6..0cc9f8b 100644
> > >> --- a/tools/libxl/xl_cmdimpl.c
> > >> +++ b/tools/libxl/xl_cmdimpl.c
> > >> @@ -663,10 +663,12 @@ static void trim(char_predicate_t predicate, const char *input, char **output)
> > >>          ;
> > >>  
> > >>      size_t len_nonnull = after - first;
> > >> +    char *result = xmalloc(len_nonnull + 1);
> > >>  
> > > Can you move the declaration of result to the beginning of this
> > > function?
> > 
> > I can, but why in particular?  It is adjacent to the declaration of
> > len_nonnull.
> > 
> 
> C90 forbids this. Not sure how much we care about that and I'm probably
> bicksheding too much.

We made an explicit exception for this in libxl, via the use of
-Wno-declaration-after-statement.

IIRC because some of the GC macros require it, but it has since become
allowed more generally (although not documented it seems).

In this particular case having result declared right after len_nonnull
makes sense.

I was about to Ack + apply but I see Ian beat me to it.

Ian.

^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2015-07-17 10:18 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-07-16 19:18 [PATCH] tools/xl: Fix trim() following c/s e316316 "xl: Rewrite trim()" Andrew Cooper
2015-07-16 20:47 ` Wei Liu
2015-07-16 21:53   ` Andrew Cooper
2015-07-16 22:30     ` Wei Liu
2015-07-17 10:04       ` Ian Jackson
2015-07-17 10:18       ` Ian Campbell
2015-07-17 10:04 ` Ian Jackson

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).