From 8ce9aefcb31e8ae86747380813ac435e3c359c64 Mon Sep 17 00:00:00 2001 From: Sebastian Harl Date: Sun, 1 Feb 2009 23:24:54 +0100 Subject: [PATCH] dbi plugin: Fixed error handling in an inner loop. The macro BAIL_OUT_CONTINUE() is used inside the loop iterating over the result sets to clean up and continue with the next loop iteration. In two cases this was used in a loop iterating over the instances and values lists contained within that loop as well though. This would cause the memory that was currently written to (the two target lists) to be freed and thus cause a possible segfault. In any case it would leave behind inconsistent and most probably uninitialized data. The usage of that macro has now been pulled out of the inner loops. --- src/dbi.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/src/dbi.c b/src/dbi.c index fc1e6fcb..9e4f446f 100644 --- a/src/dbi.c +++ b/src/dbi.c @@ -938,7 +938,8 @@ static int cdbi_read_database_query (cdbi_database_t *db, /* {{{ */ "dbi_result_get_string (%s) failed: %s", db->name, q->name, r->instances[i], cdbi_strerror (db->connection, errbuf, sizeof (errbuf))); - BAIL_OUT_CONTINUE; + status = -1; + break; } sstrncpy (instances[i], (inst == NULL) ? "" : inst, DATA_MAX_NAME_LEN); @@ -947,13 +948,18 @@ static int cdbi_read_database_query (cdbi_database_t *db, /* {{{ */ db->name, q->name, i, instances[i]); } /* }}} for (i = 0; i < q->instances_num; i++) */ + if (status != 0) + { + BAIL_OUT_CONTINUE; + } + for (i = 0; i < r->values_num; i++) /* {{{ */ { status = cdbi_result_get_field (res, r->values[i], ds->ds[i].type, values + i); if (status != 0) { - BAIL_OUT_CONTINUE; + break; } if (ds->ds[i].type == DS_TYPE_COUNTER) @@ -968,6 +974,11 @@ static int cdbi_read_database_query (cdbi_database_t *db, /* {{{ */ } } /* }}} for (i = 0; i < q->values_num; i++) */ + if (status != 0) + { + BAIL_OUT_CONTINUE; + } + /* Dispatch this row to the daemon. */ cdbi_submit (db, r, instances, values); -- 2.30.2