1. 13 6月, 2011 8 次提交
  2. 10 6月, 2011 3 次提交
  3. 08 6月, 2011 24 次提交
    • E
      virt-aa-helper: add missing include · 7444f860
      Eric Blake 提交于
      Regression introduced in commit 02e86910.
      
      * src/security/virt-aa-helper.c (includes): Reflect move of virRun.
      7444f860
    • E
      daemon: plug memory leak · f17eeede
      Eric Blake 提交于
      Detected by Coverity.  Commit ef21beda was incomplete; it solved
      a leak one one path, but not on the other.
      
      * daemon/libvirtd.c (qemudSetLogging): Avoid leak on success.
      f17eeede
    • E
      build: break some long lines · d7814b21
      Eric Blake 提交于
      As long as I was already touching the function...
      
      * src/qemu/qemu_hotplug.c (qemuDomainChangeGraphics): Line wrap.
      d7814b21
    • E
      qemu: add missing break statement · ddc5b158
      Eric Blake 提交于
      Detected by Coverity.  Bug introduced in commit 9d73efdb (v0.8.8).
      
      * src/qemu/qemu_hotplug.c (qemuDomainChangeGraphics): Don't report
      error on success.
      ddc5b158
    • E
      build: silence coverity false positives · 1eca8c3e
      Eric Blake 提交于
      Coverity complained about these intentional fallthrough cases, but
      not about other cases that were explicitly marked with nice comments.
      
      For some reason, Coverity doesn't seem smart enough to parse the
      up-front English comment in virsh about intentional fallthrough :)
      
      * tools/virsh.c (cmdVolSize): Mark fallthrough in a more typical
      fashion.
      * src/conf/nwfilter_conf.c (virNWFilterRuleDefDetailsFormat)
      (virNWFilterRuleDetailsParse): Mark explicit fallthrough.
      1eca8c3e
    • E
      esx: avoid dead code · 657ae229
      Eric Blake 提交于
      Detected by Coverity.  The beginning of the function already filtered
      out NULL objectContentList as invalid.  Further investigation shows:
      
      esxVI_RetrieveProperties is generated and returns a list of objects
      that match the given propertyFilterSpec.
      esxVI_LookupObjectContentByType then tests whether the result
      corresponds to the expected occurrence and reports an error otherwise.
      This simplifies the callers of  esxVI_LookupObjectContentByType, but
      due to the missing dereference the check was never performed because
      the code thought that at least one item was obtained. NULL represents
      an empty list. This is a potential segfault fix because callers of
      esxVI_LookupObjectContentByType that specified "required" occurrence
      assume *objectContentList to be non-NULL when
      esxVI_LookupObjectContentByType succeeds.
      
      * src/esx/esx_vi.c (esxVI_LookupObjectContentByType): Check
      correct pointer.
      657ae229
    • E
      secret: drop dead code · ba4983da
      Eric Blake 提交于
      Detected by Coverity.  The only ways to get to the cleanup label
      were by an early abort (list still unassigned) or after successfully
      transferring list to dest, so there is no list to clean up.
      
      * src/secret/secret_driver.c (loadSecrets): Kill dead code.
      ba4983da
    • E
      qemu: reorder checks for safety · 4eb17d64
      Eric Blake 提交于
      Detected by Coverity.  All existing callers happen to be in
      range, so this isn't too serious.
      
      * src/qemu/qemu_cgroup.c (qemuCgroupControllerActive): Check
      bounds before dereference.
      4eb17d64
    • E
      uuid: annotate non-null requirements · 208a6756
      Eric Blake 提交于
      Coverity already saw through a NULL dereference without these
      annotations, and gcc is still too puny to do good NULL analysis.
      But clang still benefits (and is easier to run than coverity),
      not to mention that adding this bit of documentation to the code
      may help future developers remember the constraints.
      
      * src/util/uuid.h (virGetHostUUID, virUUIDFormat): Document
      restrictions, for improved static analysis.
      208a6756
    • E
      debug: avoid null dereference on uuid lookup api · 2ed0c94d
      Eric Blake 提交于
      Detected by Coverity.  Commit a98d8f0d tried to make uuid debugging
      more robust, but missed some APIs.  And on the APIs that it visited,
      the mere act of preparing the debug message ends up dereferencing
      uuid prior to the null check.  Which means the APIs which are supposed
      to gracefully reject NULL arguments now end up with SIGSEGV.
      
      * src/libvirt.c (VIR_UUID_DEBUG): New macro.
      (virDomainLookupByUUID, virDomainLookupByUUIDString)
      (virNetworkLookupByUUID, virNetworkLookupByUUIDString)
      (virStoragePoolLookupByUUID, virStoragePoolLookupByUUIDString)
      (virSecretLookupByUUID, virSecretLookupByUUIDString)
      (virNWFilterLookupByUUID, virNWFilterLookupByUUIDString): Avoid
      null dereference.
      2ed0c94d
    • E
      python: avoid unlikely sign extension bug · f73198df
      Eric Blake 提交于
      Detected by Coverity.  cpumap was allocated with a value of
      (unsigned short)*(int), which is an int computation, and then
      promotes to size_t.  On a 64-bit platform, this fails if bit
      32 of the product is set (because of sign extension giving
      a HUGE value to malloc), even though a naive programmer would
      assume that since the first value is unsigned, the product
      is also unsigned and at most 4GB would be allocated.
      
      Won't bite in practice (the product should never be that large),
      but worth using the right types to begin with, so that we are
      now computing (unsigned short)*(size_t).
      
      * python/libvirt-override.c (libvirt_virDomainGetVcpus): Use
      correct type.
      f73198df
    • E
      build: silence coverity false positive · f876c30c
      Eric Blake 提交于
      Similar in nature to commit fd21ecfd, which shut up valgrind.
      
      sigaction is apparently a nasty interface for analyzer tools,
      at least for how many false positives it generates.
      
      * src/util/command.c (virExecWithHook): Initialize entire var, since
      coverity gripes about the (unused and non-standard) sa_restorer.
      f876c30c
    • E
      storage: avoid mishandling backing store > 2GB · 54456cc0
      Eric Blake 提交于
      Detected by Coverity.  The code was doing math on shifted unsigned
      char (which promotes to int), then promoting that to unsigned long
      during assignment to size.  On 64-bit platforms, this risks sign
      extending values of size > 2GiB.  Bug present since commit
      489fd3 (v0.6.0).
      
      I'm not sure if a specially-crafted bogus qcow2 image could
      exploit this, although it's probably not possible, since we
      were already checking for the computed results being within
      range of our fixed-size buffer.
      
      * src/util/storage_file.c (qcowXGetBackingStore): Avoid sign
      extension.
      54456cc0
    • E
      build: detect Coverity 5.3.0 · 28ea3bf3
      Eric Blake 提交于
      Coverity 5.3.0 still outputs lots of COVERITY_* variables, but no
      longer modifies COVERITY_BUILD_COMMAND in the environment.  Pick
      one that seems likely to stay around.
      
      * configure.ac (STATIC_ANALYSIS): Detect newer Coverity.
      28ea3bf3
    • O
      build: Fix typos in configure.ac · 31967cff
      Osier Yang 提交于
      31967cff
    • O
      virsh: Expose virDomainMigrateSetMaxSpeed API to virsh · b73f1f8d
      Osier Yang 提交于
      API virDomainMigrateSetMaxSpeed was introduced since 0.9.0, but
      no command in virsh yet.
      b73f1f8d
    • C
      lxc: Ensure container <init> actually exists · f9e8d6a0
      Cole Robinson 提交于
      Since we can't really get useful error reporting from virCommandExec since
      it needs to be the last thing we do.
      f9e8d6a0
    • C
      lxc: Verify root fs exists before mounting · 4fb706a5
      Cole Robinson 提交于
      Otherwise the following virFileMakePath will create the directory for
      us and fail further ahead, which probably isn't intended.
      4fb706a5
    • C
      lxc: controller: Improve container error reporting · a7e2dd1c
      Cole Robinson 提交于
      Add a handshake with the cloned container process to try and detect
      if it fails to start.
      a7e2dd1c
    • C
      lxc: Improve guest startup error reporting · 965a957c
      Cole Robinson 提交于
      Add a simple handshake with the lxc_controller process so we can detect
      process startup failures. We do this by adding a new --handshake cli arg
      to lxc_controller for passing a file descriptor. If the process fails to
      launch, we scrape all output from the logfile and report it to the user.
      965a957c
    • C
      lxc: Refactor controller command building · af1e180f
      Cole Robinson 提交于
      Arranges things similar to the qemu driver. Will allow us to more easily
      report command error output.
      af1e180f
    • C
      lxc: Don't report error in Wait/SendContinue · 6973594c
      Cole Robinson 提交于
      We will reuse these shortly, and each use should have a different error
      message.
      6973594c
    • C
      lxc: Drop container stdio as late as possible · eee1763c
      Cole Robinson 提交于
      Makes it more likely we get useful error output in the logs
      eee1763c
    • C
      Move virRun, virExec*, virFork to util/command · 02e86910
      Cole Robinson 提交于
      Seems reasonable to have all command wrappers in the same place
      
      v2:
          Dont move SetInherit
      
      v3:
          Comment spelling fix
          Adjust WARN0 comment
          Remove spurious #include movement
          Don't include sys/types.h
          Combine virExec enums
      Signed-off-by: NCole Robinson <crobinso@redhat.com>
      02e86910
  4. 07 6月, 2011 5 次提交