Bug 1249511 - Calling "PyList_Append" without checking return value
Calling "PyList_Append" without checking return value
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: libvirt-python (Show other bugs)
7.1
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: Jiri Denemark
Virtualization Bugs
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-08-03 04:24 EDT by Jiri Denemark
Modified: 2015-11-19 00:35 EST (History)
5 users (show)

See Also:
Fixed In Version: libvirt-python-1.2.17-2.el7
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-11-19 00:35:03 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jiri Denemark 2015-08-03 04:24:22 EDT
Description of problem:

Coverity is complaining that we do not check the return value of PyList_Append called from libvirt_virDomainGetSecurityLabelList while we do so in all other cases.

Version-Release number of selected component (if applicable):

libvirt-python-1.2.17-1.el7
Comment 1 Jiri Denemark 2015-08-03 04:39:41 EDT
Patch sent upstream for review: https://www.redhat.com/archives/libvir-list/2015-August/msg00026.html
Comment 4 Luyao Huang 2015-08-10 04:02:59 EDT
Verify this bug via check the code, and make sure the function works well:

1.
# rpm -q libvirt-python-debuginfo
libvirt-python-debuginfo-1.2.17-2.el7.x86_64

# rpm -q libvirt-python
libvirt-python-1.2.17-2.el7.x86_64

2.
check the debuginfo in /usr/src/debug/:

static PyObject *
libvirt_virDomainGetSecurityLabelList(PyObject *self ATTRIBUTE_UNUSED,
                                      PyObject *args)
{
    PyObject *py_retval;
    int c_retval;
    virDomainPtr dom;
    PyObject *pyobj_dom;
    virSecurityLabel *labels = NULL;
    size_t i;

    if (!PyArg_ParseTuple(args, (char *)"O:virDomainGetSecurityLabel", &pyobj_dom))
        return NULL;

    dom = (virDomainPtr) PyvirDomain_Get(pyobj_dom);

    LIBVIRT_BEGIN_ALLOW_THREADS;
    c_retval = virDomainGetSecurityLabelList(dom, &labels);
    LIBVIRT_END_ALLOW_THREADS;

    if (c_retval < 0)
        return VIR_PY_NONE;

    if (!(py_retval = PyList_New(0)))
        goto error;

    for (i = 0 ; i < c_retval ; i++) {
        PyObject *entry;
        PyObject *value;

        if (!(entry = PyList_New(2)) ||
            PyList_Append(py_retval, entry) < 0) {
            Py_XDECREF(entry);
            goto error;
        }

        if (!(value = libvirt_constcharPtrWrap(&labels[i].label[0])) ||
            PyList_SetItem(entry, 0, value) < 0) {
            Py_XDECREF(value);
            goto error;
        }

        if (!(value = libvirt_boolWrap(labels[i].enforcing)) ||
            PyList_SetItem(entry, 1, value) < 0) {
            Py_XDECREF(value);
            goto error;
        }
    }

 cleanup:
    VIR_FREE(labels);
    return py_retval;

 error:
    Py_XDECREF(py_retval);
    py_retval = NULL;
    goto cleanup;
}

3. test securityLabelList (but i don't think show not enforcing DAC is good):

# python
Python 2.7.5 (default, Sep  4 2014, 05:34:58) 
[GCC 4.8.2 20140120 (Red Hat 4.8.2-16)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import libvirt
>>> conn=libvirt.open()
>>> dom=conn.lookupByName("r7")
>>> dom.securityLabelList()
[]
>>> dom.create()
0
>>> dom.securityLabelList()
[['system_u:system_r:svirt_t:s0:c405,c951', True], ['+107:+107', False]]

# ps auxZ|grep r7
system_u:system_r:svirt_t:s0:c405,c951 qemu 8525 41.5  8.6 1741380 611760 ? ...

# cat /proc/8525/status |grep -A 1 Uid
Uid:	107	107	107	107
Gid:	107	107	107	107

# getenforce 
Enforcing
Comment 6 errata-xmlrpc 2015-11-19 00:35:03 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-2203.html

Note You need to log in before you can comment on or make changes to this bug.