Carlos López 6cf13d9d01 libvhost-user: check for NULL when allocating a virtqueue element ... Check the return value for malloc(), avoiding a NULL pointer dereference, and propagate error in function callers. Found with GCC 13 and -fanalyzer: ../subprojects/libvhost-user/libvhost-user.c: In function ‘virtqueue_alloc_element’: ../subprojects/libvhost-user/libvhost-user.c:2556:19: error: dereference of possibly-NULL ‘elem’ [CWE-690] [-Werror=analyzer-possible-null-dereference] 2556 | elem->out_num = out_num; | ~~~~~~~~~~~~~~^~~~~~~~~ ‘virtqueue_alloc_element’: event 1 | | 2554 | assert(sz >= sizeof(VuVirtqElement)); | | ^~~~~~ | | | | | (1) following ‘true’ branch (when ‘sz > 31’)... | ‘virtqueue_alloc_element’: events 2-4 | | 2555 | elem = malloc(out_sg_end); | | ^~~~ ~~~~~~~~~~~~~~~~~~ | | | | | | | (3) this call could return NULL | | (2) ...to here | 2556 | elem->out_num = out_num; | | ~~~~~~~~~~~~~~~~~~~~~~~ | | | | | (4) ‘elem’ could be NULL: unchecked value from (3) | Signed-off-by: Carlos López <clopez@suse.de> Message-Id: <20230210112514.16858-1-clopez@suse.de> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> (cherry picked from commit 9c1916057a8b14411116106e5a5c0c33d551cfeb) Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>		2023-03-29 10:20:04 +03:00
..
libvduse	libvduse: Avoid warning about dangerous use of strncpy()	2022-11-12 09:15:59 -05:00
libvfio-user@0b28d20557	vfio-user: build library	2022-06-15 16:42:33 +01:00
libvhost-user	libvhost-user: check for NULL when allocating a virtqueue element	2023-03-29 10:20:04 +03:00