[Spice-devel] [linux-agent v3 2/4] x11-randr: Improve argument check

Victor Toso victortoso at redhat.com
Wed Dec 19 15:10:46 UTC 2018 

Hi,

On Wed, Dec 19, 2018 at 09:47:14AM -0500, Frediano Ziglio wrote:
> > 
> > From: Victor Toso <me at victortoso.com>
> > 
> > In the current code, output should never be negative but the check
> > exists after we use the variable as index. Make the check earlier.
> > 
> > This patch also breaks the check in two in order to provide more
> > accurate error log.
> > 
> > Found by coverity:
> >   | check_after_sink: You might be using variable "output" before
> >   | verifying that it is >= 0.
> > 
> > Changes in v2:
> > - Move overflow check before accessing the arrays (Frediano)
> > 
> > Changes in v3:
> > - Move the whole check before accessing the arrays.
> > - Improve commit log.
> > 
> > Signed-off-by: Victor Toso <victortoso at redhat.com>
> > ---
> >  src/vdagent/x11-randr.c | 16 +++++++++++-----
> >  1 file changed, 11 insertions(+), 5 deletions(-)
> > 
> > diff --git a/src/vdagent/x11-randr.c b/src/vdagent/x11-randr.c
> > index c8e42c9..3a1eaac 100644
> > --- a/src/vdagent/x11-randr.c
> > +++ b/src/vdagent/x11-randr.c
> > @@ -347,14 +347,20 @@ static int xrandr_add_and_set(struct vdagent_x11 *x11,
> > int output, int x, int y,
> >      int xid;
> >      Status s;
> >      RROutput outputs[1];
> > -    int old_width  = x11->randr.monitor_sizes[output].width;
> > -    int old_height = x11->randr.monitor_sizes[output].height;
> > +    int old_width;
> > +    int old_height;
> >  
> > -    if (!x11->randr.res || output >= x11->randr.res->noutput || output < 0)
> > {
> > -        syslog(LOG_ERR, "%s: program error: missing RANDR or bad output",
> > -               __FUNCTION__);
> > +    if (!x11->randr.res) {
> > +        syslog(LOG_ERR, "%s: program error: missing RANDR", __FUNCTION__);
> > +        return 0;
> > +    } else if (output < 0 || output >= x11->randr.res->noutput) {
> 
> Why "else"? I remember some code callisthenics were suggesting to avoid the
> "else". In this case if the previous "if" is true this code won't be executed
> anyway.

Ok, I'll remove the else

> 
> > +        syslog(LOG_ERR, "%s: program error: bad output", __FUNCTION__);
> >          return 0;
> >      }
> > +
> > +    old_width  = x11->randr.monitor_sizes[output].width;
> > +    old_height = x11->randr.monitor_sizes[output].height;
> > +
> >      if (x11->set_crtc_config_not_functional) {
> >          /* fail, set_best_mode will find something close. */
> >          return 0;
> 
> Otherwise,
>   Acked-by: Frediano Ziglio <fziglio at redhat.com>

Thanks
> 
> Frediano
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.freedesktop.org/archives/spice-devel/attachments/20181219/1b62d23c/attachment.sig>

More information about the Spice-devel mailing list