From patchwork Sat Feb 4 23:08:33 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 93362 Delivered-To: patches@linaro.org Received: by 10.140.20.99 with SMTP id 90csp1166077qgi; Sat, 4 Feb 2017 15:08:37 -0800 (PST) X-Received: by 10.28.68.10 with SMTP id r10mr3267908wma.68.1486249717258; Sat, 04 Feb 2017 15:08:37 -0800 (PST) Return-Path: Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by mx.google.com with ESMTPS id c13si2700673wmi.71.2017.02.04.15.08.37 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 04 Feb 2017 15:08:37 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of pm215@archaic.org.uk designates 2001:8b0:1d0::2 as permitted sender) client-ip=2001:8b0:1d0::2; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of pm215@archaic.org.uk designates 2001:8b0:1d0::2 as permitted sender) smtp.mailfrom=pm215@archaic.org.uk; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from mnementh.archaic.org.uk ([81.2.115.146]) by orth.archaic.org.uk with esmtp (Exim 4.84_2) (envelope-from ) id 1ca9Rb-0003Uu-BW; Sat, 04 Feb 2017 23:08:35 +0000 Received: from pm215 by mnementh.archaic.org.uk with local (Exim 4.84_2) (envelope-from ) id 1ca9Rb-0001Rc-AQ; Sat, 04 Feb 2017 23:08:35 +0000 From: Peter Maydell To: qemu-devel@nongnu.org Cc: patches@linaro.org, Samuel Thibault , Jan Kiszka Subject: [PATCH 1/3] slirp: Check qemu_socket() return value in udp_listen() Date: Sat, 4 Feb 2017 23:08:33 +0000 Message-Id: <1486249715-5513-2-git-send-email-peter.maydell@linaro.org> X-Mailer: git-send-email 2.1.4 In-Reply-To: <1486249715-5513-1-git-send-email-peter.maydell@linaro.org> References: <1486249715-5513-1-git-send-email-peter.maydell@linaro.org> Check the return value from qemu_socket() rather than trying to pass it to bind() as an fd argument even if it's negative. This wouldn't have caused any negative consequences, because it won't be a valid fd number and the bind call will fail; but Coverity complains (CID 1005723). Signed-off-by: Peter Maydell --- slirp/udp.c | 4 ++++ 1 file changed, 4 insertions(+) -- 2.1.4 Reviewed-by: Philippe Mathieu-Daudé diff --git a/slirp/udp.c b/slirp/udp.c index 93d7224..227d779 100644 --- a/slirp/udp.c +++ b/slirp/udp.c @@ -335,6 +335,10 @@ udp_listen(Slirp *slirp, uint32_t haddr, u_int hport, uint32_t laddr, return NULL; } so->s = qemu_socket(AF_INET,SOCK_DGRAM,0); + if (so->s < 0) { + sofree(so); + return NULL; + } so->so_expire = curtime + SO_EXPIRE; insque(so, &slirp->udb);