From: John Ferlan <jferlan@redhat.com>
Date: Thu, 11 Jul 2013 11:22:20 +0000 (-0400)
Subject: testutils: Resolve Coverity issues
X-Git-Tag: CVE-2013-4154~46
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8283ef9ea2f4ddf68a72430fdeaf3f10abfc3e7b;p=thirdparty%2Flibvirt.git

testutils: Resolve Coverity issues

Recent changes uncovered a NEGATIVE_RETURNS in the return from sysconf()
when processing a for loop in virtTestCaptureProgramExecChild() in
testutils.c

Code review uncovered 3 other code paths with the same condition that
weren't found by Covirity, so fixed those as well.
---

diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index 543e0d13c0..7434264d8e 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -247,6 +247,11 @@ static int lxcContainerSetStdio(int control, int ttyfd, int handshakefd)
     /* Just in case someone forget to set FD_CLOEXEC, explicitly
      * close all FDs before executing the container */
     open_max = sysconf(_SC_OPEN_MAX);
+    if (open_max < 0) {
+        virReportSystemError(errno, "%s",
+                             _("sysconf(_SC_OPEN_MAX) failed"));
+        goto cleanup;
+    }
     for (fd = 0; fd < open_max; fd++)
         if (fd != ttyfd && fd != control && fd != handshakefd) {
             int tmpfd = fd;
diff --git a/src/util/vircommand.c b/src/util/vircommand.c
index 3529f1a5d8..033b55b6ee 100644
--- a/src/util/vircommand.c
+++ b/src/util/vircommand.c
@@ -511,6 +511,11 @@ virExec(virCommandPtr cmd)
     }
 
     openmax = sysconf(_SC_OPEN_MAX);
+    if (openmax < 0) {
+        virReportSystemError(errno,  "%s",
+                             _("sysconf(_SC_OPEN_MAX) failed"));
+        goto fork_error;
+    }
     for (fd = 3; fd < openmax; fd++) {
         if (fd == childin || fd == childout || fd == childerr)
             continue;
diff --git a/tests/commandhelper.c b/tests/commandhelper.c
index 0c5aa82d15..296fbbb3d1 100644
--- a/tests/commandhelper.c
+++ b/tests/commandhelper.c
@@ -58,6 +58,7 @@ static int envsort(const void *a, const void *b) {
 
 int main(int argc, char **argv) {
     size_t i, n;
+    int open_max;
     char **origenv;
     char **newenv;
     char *cwd;
@@ -96,7 +97,10 @@ int main(int argc, char **argv) {
             fprintf(log, "ENV:%s\n", newenv[i]);
     }
 
-    for (i = 0; i < sysconf(_SC_OPEN_MAX); i++) {
+    open_max = sysconf(_SC_OPEN_MAX);
+    if (open_max < 0)
+        return EXIT_FAILURE;
+    for (i = 0; i < open_max; i++) {
         int f;
         int closed;
         if (i == fileno(log))
diff --git a/tests/testutils.c b/tests/testutils.c
index ec0fe529e0..2fdf7b8e7a 100644
--- a/tests/testutils.c
+++ b/tests/testutils.c
@@ -281,6 +281,9 @@ void virtTestCaptureProgramExecChild(const char *const argv[],
         goto cleanup;
 
     open_max = sysconf(_SC_OPEN_MAX);
+    if (open_max < 0)
+        goto cleanup;
+
     for (i = 0; i < open_max; i++) {
         if (i != stdinfd &&
             i != pipefd) {