qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v3 02/25] hw/core/loader-fit: fix freeing errp in fit_load_fd

From: Vladimir Sementsov-Ogievskiy
Subject: Re: [PATCH v3 02/25] hw/core/loader-fit: fix freeing errp in fit_load_fdt
Date: Wed, 25 Sep 2019 07:45:40 +0000 
25.09.2019 10:23, Vladimir Sementsov-Ogievskiy wrote:
> 24.09.2019 23:38, Eric Blake wrote:
>> On 9/24/19 3:08 PM, Vladimir Sementsov-Ogievskiy wrote:
>>> fit_load_fdt forget to zero errp. Fix it.
>>>
>>> Signed-off-by: Vladimir Sementsov-Ogievskiy <address@hidden>
>>> Reviewed-by: Eric Blake <address@hidden>
>>> ---
>>>   hw/core/loader-fit.c | 1 +
>>>   1 file changed, 1 insertion(+)
>>>
>>> diff --git a/hw/core/loader-fit.c b/hw/core/loader-fit.c
>>> index 953b16bc82..11e4fad595 100644
>>> --- a/hw/core/loader-fit.c
>>> +++ b/hw/core/loader-fit.c
>>> @@ -201,6 +201,7 @@ static int fit_load_fdt(const struct fit_loader *ldr, 
>>> const void *itb,
>>>       if (err == -ENOENT) {
>>>           load_addr = ROUND_UP(kernel_end, 64 * KiB) + (10 * MiB);
>>>           error_free(*errp);
>>> +        *errp = NULL;
>>
>> Actually, let's drop my R-b - I think we have a bigger bug here.  We are
>> blindly dereferencing *errp even if the caller passed in NULL.  The
>> correct way to write this function requires either the use of local_err
>> or the addition of auto-propagation.
>>
>> (In v2, you still had this bug - your addition of error_free_errp(errp)
>> would still blindly dereference *errp, unless you tweak the
>> implementation of error_free_errp to tolerate a NULL pointer input)
>>
> 
> Oops, you are right! Still, I think in this case we can
> 
> if (errp) {
>    error_free(*errp);
>    *errp = NULL;
> }
> 

Hmm, possibly, it should be called not error_free_errp, but just error_unset, 
to be
correct pair to error_set.

-- 
Best regards,
Vladimir
reply via email to
[Prev in Thread] Current Thread [Next in Thread]