From 5dc404b71d15d214926eb259a3700a8206dd2838 Mon Sep 17 00:00:00 2001 From: Eric Blake Date: Mon, 4 Jul 2011 10:41:38 +0800 Subject: [PATCH] storage: avoid crash on parse error Coverity detected that we could crash on bogus input. Meanwhile, strtok_r is rather heavy compared to strchr. * src/storage/storage_backend_iscsi.c (virStorageBackendIQNFound): Check for parse failure, and use lighter-weight functions. --- src/storage/storage_backend_iscsi.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/src/storage/storage_backend_iscsi.c b/src/storage/storage_backend_iscsi.c index 15b5862e64..72887e3c71 100644 --- a/src/storage/storage_backend_iscsi.c +++ b/src/storage/storage_backend_iscsi.c @@ -183,8 +183,7 @@ virStorageBackendIQNFound(const char *initiatoriqn, int ret = IQN_MISSING, fd = -1; char ebuf[64]; FILE *fp = NULL; - char *line = NULL, *newline = NULL, *iqn = NULL, *token = NULL, - *saveptr = NULL; + char *line = NULL, *newline = NULL, *iqn = NULL, *token = NULL; virCommandPtr cmd = virCommandNewArgList(ISCSIADM, "--mode", "iface", NULL); @@ -232,8 +231,15 @@ virStorageBackendIQNFound(const char *initiatoriqn, iqn++; if (STREQ(iqn, initiatoriqn)) { - token = strtok_r(line, " ", &saveptr); - *ifacename = strdup(token); + token = strchr(line, ' '); + if (!token) { + ret = IQN_ERROR; + virStorageReportError(VIR_ERR_INTERNAL_ERROR, + _("Missing space when parsing output " + "of '%s'"), ISCSIADM); + goto out; + } + *ifacename = strndup(line, token - line); if (*ifacename == NULL) { ret = IQN_ERROR; virReportOOMError();