Error reporting patches for 2020-04-04

-----BEGIN PGP SIGNATURE----- iQJGBAABCAAwFiEENUvIs9frKmtoZ05fOHC0AOuRhlMFAl6Ie1wSHGFybWJydUBy ZWRoYXQuY29tAAoJEDhwtADrkYZTXugQAIMTSWP+zbM11Ofnip3RR60k08PNCDAb IjUMjzmRYKzANy4R2nNP4tA+V2dD8kCSu8UrxQOpiBWsTJbRNSFUygPudjQvkSKR QarP0S1eKtq2+dqkOpVdbg6aI/GCtane3X18GwSesnuu9WmOREtnqw+GJkft17Hb OLGZwPWmnMRhwBPNS6xUscAdmTz003LEYrOeUIIuuZbi7aSdeDsGgWpVMbwKI1FI Z6p3yHzHLQQhR49Ezy+MglLYg+ecvlZxbf94qRqqKMzU8QYrtbjoahCSxCMRLIDO 3FLjtez+p/9gNS6exD9k4uj5MPFzkORumJn7xi1ehaNA+T0+t6Ku+fxR/n/mjm9L P8fDOLc2v/YPTKu3J/o8T41G8oBdujAyaxvMey1iGpLg5xlRIK8nPs9Sai2UAmxy Vv0DbSViviQA599rkDATjbes6E0ohINhlYa3+kDznriH3t336COn83xyoMuvEREu 4ZoYsa7xp6bHpooGXmda2uf9VC3a2+ftEQriXZkeAy4HZEm/mcFPl+aYu/bolCM+ ji/v5CpNtef5QRq9aZqK1qPw6f1xscQQmmQUtxLLxF+hXqlM6MwYNbEyRxvBgQ0+ 6vy90Pttdn/WnfuJI4OEtuifD3y/c4bqr0g2h9dVd4Kw4KAWVVW5MDNcCKMAdXbh NMYjuv1RCtbr =G7MR -----END PGP SIGNATURE----- Merge remote-tracking branch 'remotes/armbru/tags/pull-error-2020-04-04' into staging Error reporting patches for 2020-04-04 # gpg: Signature made Sat 04 Apr 2020 13:19:40 BST # gpg: using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653 # gpg: issuer "armbru@redhat.com" # gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full] # gpg: aka "Markus Armbruster <armbru@pond.sub.org>" [full] # Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653 * remotes/armbru/tags/pull-error-2020-04-04: qga/commands-posix: fix use after free of local_err dump/win_dump: fix use after free of err scripts/coccinelle: add error-use-after-free.cocci Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-04-05 18:28:17 +01:00 · 2020-04-05 18:28:17 +01:00 · 547522cd3d
parent 146aa0f104 6a4a38530e
commit 547522cd3d
4 changed files with 61 additions and 3 deletions
--- a/5
+++ b/5
@ -2053,6 +2053,11 @@ F: include/qemu/error-report.h
 F: qapi/error.json
 F: util/error.c
 F: util/qemu-error.c
+F: scripts/coccinelle/err-bad-newline.cocci
+F: scripts/coccinelle/error-use-after-free.cocci
+F: scripts/coccinelle/error_propagate_null.cocci
+F: scripts/coccinelle/remove_local_err.cocci
+F: scripts/coccinelle/use-error_fatal.cocci

 GDB stub
 M: Alex Bennée <alex.bennee@linaro.org>
--- a/dump/win_dump.c
+++ b/dump/win_dump.c
@ -304,13 +304,11 @@ static void restore_context(WinDumpHeader64 *h,
                            struct saved_context *saved_ctx)
 {
    int i;
-    Error *err = NULL;

    for (i = 0; i < h->NumberProcessors; i++) {
        if (cpu_memory_rw_debug(first_cpu, saved_ctx[i].addr,
                (uint8_t *)&saved_ctx[i].ctx, sizeof(WinContext), 1)) {
-            error_setg(&err, "win-dump: failed to restore CPU #%d context", i);
-            warn_report_err(err);
+            warn_report("win-dump: failed to restore CPU #%d context", i);
        }
    }
 }
--- a/qga/commands-posix.c
+++ b/qga/commands-posix.c
@ -1773,6 +1773,7 @@ static void guest_suspend(SuspendMode mode, Error **errp)
    }

    error_free(local_err);
+    local_err = NULL;

    if (pmutils_supports_mode(mode, &local_err)) {
        mode_supported = true;
@ -1784,6 +1785,7 @@ static void guest_suspend(SuspendMode mode, Error **errp)
    }

    error_free(local_err);
+    local_err = NULL;

    if (linux_sys_state_supports_mode(mode, &local_err)) {
        mode_supported = true;
@ -1791,6 +1793,7 @@ static void guest_suspend(SuspendMode mode, Error **errp)
    }

    if (!mode_supported) {
+        error_free(local_err);
        error_setg(errp,
                   "the requested suspend mode is not supported by the guest");
    } else {
--- a/scripts/coccinelle/error-use-after-free.cocci
+++ b/scripts/coccinelle/error-use-after-free.cocci
@ -0,0 +1,52 @@
+// Find and fix trivial use-after-free of Error objects
+//
+// Copyright (c) 2020 Virtuozzo International GmbH.
+//
+// This program is free software; you can redistribute it and/or
+// modify it under the terms of the GNU General Public License as
+// published by the Free Software Foundation; either version 2 of the
+// License, or (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with this program.  If not, see
+// <http://www.gnu.org/licenses/>.
+//
+// How to use:
+// spatch --sp-file scripts/coccinelle/error-use-after-free.cocci \
+//  --macro-file scripts/cocci-macro-file.h --in-place \
+//  --no-show-diff ( FILES... | --use-gitgrep . )
+
+@ exists@
+identifier fn, fn2;
+expression err;
+@@
+
+ fn(...)
+ {
+     <...
+(
+     error_free(err);
+    err = NULL;
+|
+     error_report_err(err);
+    err = NULL;
+|
+     error_reportf_err(err, ...);
+    err = NULL;
+|
+     warn_report_err(err);
+    err = NULL;
+|
+     warn_reportf_err(err, ...);
+    err = NULL;
+)
+     ... when != err = NULL
+         when != exit(...)
+     fn2(..., err, ...)
+     ...>
+ }