[Spice-devel] [PATCH vd_agent_linux] virtio-port: Avoid temporary buffers
Frediano Ziglio
fziglio at redhat.com
Wed Dec 19 13:23:43 UTC 2018
Modify directly the new_wbuf->buf buffer instead of writing into
a temporary buffer and then copy in the final one.
This also fixes Coverity warning:
| uninit_use_in_call: Using uninitialized value "message_header". Field
| "message_header.data" is uninitialized when calling "memcpy".
Signed-off-by: Frediano Ziglio <fziglio at redhat.com>
---
src/vdagentd/virtio-port.c | 30 ++++++++++++++----------------
1 file changed, 14 insertions(+), 16 deletions(-)
diff --git a/src/vdagentd/virtio-port.c b/src/vdagentd/virtio-port.c
index e48d107..c037603 100644
--- a/src/vdagentd/virtio-port.c
+++ b/src/vdagentd/virtio-port.c
@@ -197,29 +197,27 @@ void vdagent_virtio_port_write_start(
uint32_t data_size)
{
struct vdagent_virtio_port_buf *wbuf, *new_wbuf;
- VDIChunkHeader chunk_header;
- VDAgentMessage message_header;
+ VDIChunkHeader *chunk_header;
+ VDAgentMessage *message_header;
new_wbuf = g_new(struct vdagent_virtio_port_buf, 1);
new_wbuf->pos = 0;
new_wbuf->write_pos = 0;
- new_wbuf->size = sizeof(chunk_header) + sizeof(message_header) + data_size;
+ new_wbuf->size = sizeof(*chunk_header) + sizeof(*message_header) + data_size;
new_wbuf->next = NULL;
new_wbuf->buf = g_malloc(new_wbuf->size);
- chunk_header.port = GUINT32_TO_LE(port_nr);
- chunk_header.size = GUINT32_TO_LE(sizeof(message_header) + data_size);
- memcpy(new_wbuf->buf + new_wbuf->write_pos, &chunk_header,
- sizeof(chunk_header));
- new_wbuf->write_pos += sizeof(chunk_header);
-
- message_header.protocol = GUINT32_TO_LE(VD_AGENT_PROTOCOL);
- message_header.type = GUINT32_TO_LE(message_type);
- message_header.opaque = GUINT64_TO_LE(message_opaque);
- message_header.size = GUINT32_TO_LE(data_size);
- memcpy(new_wbuf->buf + new_wbuf->write_pos, &message_header,
- sizeof(message_header));
- new_wbuf->write_pos += sizeof(message_header);
+ chunk_header = (VDIChunkHeader *) (new_wbuf->buf + new_wbuf->write_pos);
+ chunk_header->port = GUINT32_TO_LE(port_nr);
+ chunk_header->size = GUINT32_TO_LE(sizeof(*message_header) + data_size);
+ new_wbuf->write_pos += sizeof(*chunk_header);
+
+ message_header = (VDAgentMessage *) (new_wbuf->buf + new_wbuf->write_pos);
+ message_header->protocol = GUINT32_TO_LE(VD_AGENT_PROTOCOL);
+ message_header->type = GUINT32_TO_LE(message_type);
+ message_header->opaque = GUINT64_TO_LE(message_opaque);
+ message_header->size = GUINT32_TO_LE(data_size);
+ new_wbuf->write_pos += sizeof(*message_header);
if (!vport->write_buf) {
vport->write_buf = new_wbuf;
--
2.17.2
More information about the Spice-devel
mailing list