linux: add some check for NULL pointers before accessing them #1949
Conversation
Summary of ChangesHello @giuseppe, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request focuses on enhancing the stability and robustness of the Highlights
🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console. Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request adds several necessary NULL checks for the def->linux pointer before it is dereferenced, which prevents potential crashes. This is a good improvement. However, in several places, the def pointer itself is not checked for NULL before being used to access linux. If def can be NULL, this would still lead to a segmentation fault. I've pointed out these locations and suggested adding checks for def as well. I also found a minor opportunity to simplify one of the new checks by removing a redundant condition.
src/libcrun/linux.c
Outdated
| if (! def->linux) | ||
| return 0; |
There was a problem hiding this comment.
The def pointer, which is likely initialized from container->container_def, is dereferenced without a NULL check. If def is NULL, this will cause a segmentation fault. Please add a NULL check for def as well.
if (!def || !def->linux)
return 0;
src/libcrun/linux.c
Outdated
| if (! def->linux) | ||
| return 0; |
There was a problem hiding this comment.
The def pointer is dereferenced without being checked for NULL. If container->container_def is NULL, this will lead to a segmentation fault. You should add a NULL check for def.
if (!def || !def->linux)
return 0;
src/libcrun/linux.c
Outdated
| if (! def->linux) | ||
| return 0; |
There was a problem hiding this comment.
The def pointer, initialized from container->container_def, is dereferenced without a NULL check. This could lead to a segmentation fault if container->container_def is NULL. Please add a check for def.
if (!def || !def->linux)
return 0;
src/libcrun/linux.c
Outdated
| if (! def->linux) | ||
| goto exit; |
There was a problem hiding this comment.
The def pointer, passed as an argument, could be NULL. Dereferencing it to check def->linux would cause a segmentation fault. You should check def for NULL first.
if (!def || !def->linux)
goto exit;
src/libcrun/linux.c
Outdated
| if (! mappings || len == 0) | ||
| goto exit; |
There was a problem hiding this comment.
The len == 0 check is redundant. The following for loop's condition (i < len) already handles the case where len is 0 by not executing the loop body. Removing this redundant check simplifies the code.
if (!mappings)
goto exit;
|
TMT tests failed. @containers/packit-build please check. |
giuseppe
force-pushed
the
add-NULL-checks
branch
from
6baf090 to
b1b8c34
Compare
Signed-off-by: Giuseppe Scrivano <[email protected]>
giuseppe
force-pushed
the
add-NULL-checks
branch
from
b1b8c34 to
dbb792c
Compare
|
/gemini review |
There was a problem hiding this comment.
Code Review
This pull request adds several NULL pointer checks before accessing members of the def and def->linux structs. These changes improve the robustness of the code by preventing potential segmentation faults. The added checks in create_missing_devs, do_masked_and_readonly_paths, libcrun_set_mounts, libcrun_set_usernamespace, and get_id_in_user_namespace are correct and necessary. I have one suggestion for a minor code simplification.
src/libcrun/linux.c
Outdated
| if (! mappings || len == 0) | ||
| goto exit; |
There was a problem hiding this comment.
The check for len == 0 is redundant. If len is 0, the subsequent for loop for (i = 0; i < len; i++) will not execute its body, and the function will proceed to the exit: label, which has the same effect as goto exit;. You can simplify the condition to only check if mappings is NULL.
if (! mappings)
goto exit;Signed-off-by: Giuseppe Scrivano <[email protected]>
giuseppe
force-pushed
the
add-NULL-checks
branch
from
dbb792c to
488f301
Compare
1 participant
No description provided.