svn commit: r319995 - head/usr.sbin/bhyve

[Marcelo Araujo]

Author: araujo
Date: Fri Jun 16 01:26:01 2017
New Revision: 319995
URL: https://svnweb.freebsd.org/changeset/base/319995

Log:
  Check if pthread_create(3) successfully created the thread prior to call
  pthread_join(3). The variable tid is not yet initialized in case
  the authentication fails at early stage, that would lead pthread_join be
  called with an uninitialized variable.
  
  CID:		1375950
  Reported by:	Coverity, cem
  Reviewed by:	cem
  MFC after:	3 weeks.
  Sponsored by:	iXsystems, Inc.
  Differential Revision:	https://reviews.freebsd.org/D11150

Modified:
  head/usr.sbin/bhyve/rfb.c

Modified: head/usr.sbin/bhyve/rfb.c
==============================================================================
--- head/usr.sbin/bhyve/rfb.c	Fri Jun 16 00:44:23 2017	(r319994)
+++ head/usr.sbin/bhyve/rfb.c	Fri Jun 16 01:26:01 2017	(r319995)
@@ -769,6 +769,7 @@ rfb_handle(struct rfb_softc *rc, int cfd)
 	pthread_t tid;
 	uint32_t sres = 0;
 	int len;
+	int perror = 1;
 
 	rc->cfd = cfd;
 
@@ -878,8 +879,9 @@ rfb_handle(struct rfb_softc *rc, int cfd)
 
 	rfb_send_screen(rc, cfd, 1);
 
-	pthread_create(&tid, NULL, rfb_wr_thr, rc);
-	pthread_set_name_np(tid, "rfbout");
+	perror = pthread_create(&tid, NULL, rfb_wr_thr, rc);
+	if (perror == 0)
+		pthread_set_name_np(tid, "rfbout");
 
         /* Now read in client requests. 1st byte identifies type */
 	for (;;) {
@@ -915,7 +917,8 @@ rfb_handle(struct rfb_softc *rc, int cfd)
 	}
 done:
 	rc->cfd = -1;
-	pthread_join(tid, NULL);
+	if (perror == 0)
+		pthread_join(tid, NULL);
 	if (rc->enc_zlib_ok)
 		deflateEnd(&rc->zstream);
 }