[libvirt] [PATCH 1/5] conf: avoid memleak on NULL path

Peter Krempa pkrempa at redhat.com
Mon Apr 7 08:22:05 UTC 2014 

On 04/06/14 05:32, Eric Blake wrote:
> I noticed that the apparmor code could request metadata even
> for a cdrom with no media, which would cause a memory leak of
> the hash table used to look for loops in the backing chain.
> But even before that, we blindly dereferenced the path for
> printing a debug statement, so it is just better to enforce
> that this is only used on non-NULL names.
> 
> * src/util/virstoragefile.c (virStorageFileGetMetadata): Assume
> non-NULL path.
> * src/util/virstoragefile.h: Annotate this.
> * src/security/virt-aa-helper.c (get_files): Fix caller.
> 
> Signed-off-by: Eric Blake <eblake at redhat.com>
> ---
>  src/security/virt-aa-helper.c | 5 ++++-
>  src/util/virstoragefile.c     | 4 ++--
>  src/util/virstoragefile.h     | 3 ++-
>  3 files changed, 8 insertions(+), 4 deletions(-)
> 
> diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
> index 64a382c..7bddb2c 100644
> --- a/src/security/virt-aa-helper.c
> +++ b/src/security/virt-aa-helper.c
> @@ -943,13 +943,16 @@ get_files(vahControl * ctl)
> 
>      for (i = 0; i < ctl->def->ndisks; i++) {
>          virDomainDiskDefPtr disk = ctl->def->disks[i];
> +        const char *src = virDomainDiskGetSource(disk);
> 
> +        if (!src)
> +            continue;
>          /* XXX - if we knew the qemu user:group here we could send it in
>           *        so that the open could be re-tried as that user:group.
>           */
>          if (!disk->backingChain) {
>              bool probe = ctl->allowDiskFormatProbing;
> -            disk->backingChain = virStorageFileGetMetadata(virDomainDiskGetSource(disk),
> +            disk->backingChain = virStorageFileGetMetadata(src,
>                                                             virDomainDiskGetFormat(disk),
>                                                             -1, -1, probe);
>          }
> diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c
> index 0e1461d..017717c 100644
> --- a/src/util/virstoragefile.c
> +++ b/src/util/virstoragefile.c
> @@ -1142,9 +1142,9 @@ virStorageFileGetMetadata(const char *path, int format,
>                path, format, (int)uid, (int)gid, allow_probe);
> 
>      virHashTablePtr cycle = virHashCreate(5, NULL);
> -    virStorageFileMetadataPtr ret;
> +    virStorageFileMetadataPtr ret = NULL;

This assignment will always be overwritten or unused.

> 
> -    if (!cycle || !path)
> +    if (!cycle)
>          return NULL;
> 
>      if (format <= VIR_STORAGE_FILE_NONE)

ACK,

Peter


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20140407/3e91375d/attachment-0001.sig>

More information about the libvir-list mailing list