qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v3 02/25] hw/core/loader-fit: fix freeing errp in fit_load_fd

From: Vladimir Sementsov-Ogievskiy
Subject: Re: [PATCH v3 02/25] hw/core/loader-fit: fix freeing errp in fit_load_fdt
Date: Wed, 25 Sep 2019 07:24:00 +0000 
24.09.2019 23:38, Eric Blake wrote:
> On 9/24/19 3:08 PM, Vladimir Sementsov-Ogievskiy wrote:
>> fit_load_fdt forget to zero errp. Fix it.
>>
>> Signed-off-by: Vladimir Sementsov-Ogievskiy <address@hidden>
>> Reviewed-by: Eric Blake <address@hidden>
>> ---
>>   hw/core/loader-fit.c | 1 +
>>   1 file changed, 1 insertion(+)
>>
>> diff --git a/hw/core/loader-fit.c b/hw/core/loader-fit.c
>> index 953b16bc82..11e4fad595 100644
>> --- a/hw/core/loader-fit.c
>> +++ b/hw/core/loader-fit.c
>> @@ -201,6 +201,7 @@ static int fit_load_fdt(const struct fit_loader *ldr, 
>> const void *itb,
>>       if (err == -ENOENT) {
>>           load_addr = ROUND_UP(kernel_end, 64 * KiB) + (10 * MiB);
>>           error_free(*errp);
>> +        *errp = NULL;
> 
> Actually, let's drop my R-b - I think we have a bigger bug here.  We are
> blindly dereferencing *errp even if the caller passed in NULL.  The
> correct way to write this function requires either the use of local_err
> or the addition of auto-propagation.
> 
> (In v2, you still had this bug - your addition of error_free_errp(errp)
> would still blindly dereference *errp, unless you tweak the
> implementation of error_free_errp to tolerate a NULL pointer input)
> 

Oops, you are right! Still, I think in this case we can

if (errp) {
   error_free(*errp);
   *errp = NULL;
}

-- 
Best regards,
Vladimir
reply via email to
[Prev in Thread] Current Thread [Next in Thread]