From patchwork Sat Feb  2 21:19:39 2013
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Peter Maydell <peter.maydell@linaro.org>
X-Patchwork-Id: 14432
Return-Path: <patch+caf_=linaro-patchwork=canonical.com@linaro.org>
X-Original-To: patchwork@peony.canonical.com
Delivered-To: patchwork@peony.canonical.com
Received: from fiordland.canonical.com (fiordland.canonical.com
 [91.189.94.145])
 by peony.canonical.com (Postfix) with ESMTP id C6B1523F94
 for <patchwork@peony.canonical.com>;
 Sat,  2 Feb 2013 21:19:44 +0000 (UTC)
Received: from mail-vc0-f175.google.com (mail-vc0-f175.google.com
 [209.85.220.175])
 by fiordland.canonical.com (Postfix) with ESMTP id 67181A18F08
 for <linaro-patchwork@canonical.com>;
 Sat,  2 Feb 2013 21:19:44 +0000 (UTC)
Received: by mail-vc0-f175.google.com with SMTP id fw7so3136916vcb.20
 for <linaro-patchwork@canonical.com>;
 Sat, 02 Feb 2013 13:19:43 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=google.com; s=20120113;
 h=x-received:x-forwarded-to:x-forwarded-for:delivered-to:x-received
 :received-spf:from:to:cc:subject:date:message-id:x-mailer
 :x-gm-message-state;
 bh=btBZywa/lI28yX3EHOPXeUAvDhT4rJE/dUXjpKjqmL0=;
 b=Vo6PYvDkOKS523Ou7/cn43VvcJCfaiyaGp2DG6Ni/cehzSVIuQFbvscwA/b1jrLsj/
 lWsupZBB1BJ2mIqb3BcFNjHOiJ3b5HSKlCF4Cx+hJPRjPPMPHg5YNpr0gwgNaBWsayvc
 qiBMuwvsfzfA9/w6055sHMEXLbzHjJMI5Y1KReO8D1XM/8jldrJ8y8C0LIW/VKbz7TBW
 +CvIQj3EUJQ6a/YbbECLfCDoj78znoioojFF1F1RsA+p50I+HNyOdnAGnD/8Ob7juckO
 8Qqo7/nuHTnBX6pkYnDGawLOAJWoD4zSp8Dglhn0Uth8uZAQIQofqM8qFc8JtkaMDrrb
 sxew==
X-Received: by 10.58.48.231 with SMTP id p7mr11813454ven.11.1359839983856;
 Sat, 02 Feb 2013 13:19:43 -0800 (PST)
X-Forwarded-To: linaro-patchwork@canonical.com
X-Forwarded-For: patch@linaro.org linaro-patchwork@canonical.com
Delivered-To: patches@linaro.org
Received: by 10.58.252.8 with SMTP id zo8csp22919vec;
 Sat, 2 Feb 2013 13:19:43 -0800 (PST)
X-Received: by 10.194.77.13 with SMTP id o13mr27968641wjw.58.1359839982898; 
 Sat, 02 Feb 2013 13:19:42 -0800 (PST)
Received: from mnementh.archaic.org.uk
 (1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.d.1.0.0.b.8.0.1.0.0.2.ip6.arpa.
 [2001:8b0:1d0::1]) by mx.google.com with ESMTPS id
 dt6si1967216wib.55.2013.02.02.13.19.42
 (version=TLSv1 cipher=RC4-SHA bits=128/128);
 Sat, 02 Feb 2013 13:19:42 -0800 (PST)
Received-SPF: neutral (google.com: 2001:8b0:1d0::1 is neither permitted nor
 denied by best guess record for domain of
 pm215@archaic.org.uk) client-ip=2001:8b0:1d0::1; 
Authentication-Results: mx.google.com;
 spf=neutral (google.com: 2001:8b0:1d0::1 is neither permitted nor
 denied by best guess record for domain of
 pm215@archaic.org.uk) smtp.mail=pm215@archaic.org.uk
Received: from pm215 by mnementh.archaic.org.uk with local (Exim 4.72)
 (envelope-from <pm215@archaic.org.uk>)
 id 1U1kUt-0006zX-MO; Sat, 02 Feb 2013 21:19:39 +0000
From: Peter Maydell <peter.maydell@linaro.org>
To: qemu-devel@nongnu.org
Cc: patches@linaro.org, Blue Swirl <blauwirbel@gmail.com>,
 Kevin Wolf <kwolf@redhat.com>
Subject: [PATCH for-1.4] tests/test-string-input-visitor: Handle errors
 provoked by fuzz test
Date: Sat,  2 Feb 2013 21:19:39 +0000
Message-Id: <1359839979-26852-1-git-send-email-peter.maydell@linaro.org>
X-Mailer: git-send-email 1.7.2.5
X-Gm-Message-State: ALoCoQk+8kVmQ1s5CisQu1C1uulDi1F/nYc1C5geNowHqUwJKkhJCZ7sjZ/AWsh0oPebZ6lnpBw1

It's OK and expected for visitors to return errors when presented with
the fuzz test's random data. This means the test harness needs to
handle them; check for and free any error after each visitor call,
and only free the string returned by visit_type_str if visit_type_str
succeeded.

This fixes a problem where this test failed the MacOSX malloc()
consistency checks and might segfault on other platforms [due
to calling free() on an uninitialized pointer variable].

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 tests/test-string-input-visitor.c | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/tests/test-string-input-visitor.c b/tests/test-string-input-visitor.c
index f6b0093..793b334 100644
--- a/tests/test-string-input-visitor.c
+++ b/tests/test-string-input-visitor.c
@@ -194,20 +194,41 @@ static void test_visitor_in_fuzz(TestInputVisitorData *data,
 
         v = visitor_input_test_init(data, buf);
         visit_type_int(v, &ires, NULL, &errp);
+        if (error_is_set(&errp)) {
+            error_free(errp);
+            errp = NULL;
+        }
 
         v = visitor_input_test_init(data, buf);
         visit_type_bool(v, &bres, NULL, &errp);
+        if (error_is_set(&errp)) {
+            error_free(errp);
+            errp = NULL;
+        }
         visitor_input_teardown(data, NULL);
 
         v = visitor_input_test_init(data, buf);
         visit_type_number(v, &nres, NULL, &errp);
+        if (error_is_set(&errp)) {
+            error_free(errp);
+            errp = NULL;
+        }
 
         v = visitor_input_test_init(data, buf);
         visit_type_str(v, &sres, NULL, &errp);
-        g_free(sres);
+        if (error_is_set(&errp)) {
+            error_free(errp);
+            errp = NULL;
+        } else {
+            g_free(sres);
+        }
 
         v = visitor_input_test_init(data, buf);
         visit_type_EnumOne(v, &eres, NULL, &errp);
+        if (error_is_set(&errp)) {
+            error_free(errp);
+            errp = NULL;
+        }
         visitor_input_teardown(data, NULL);
     }
 }