[libvirt] [PATCH 3/7] Coverity: Fix resource leak in esx driver
Matthias Bolte
matthias.bolte at googlemail.com
Thu May 3 07:33:10 UTC 2012
2012/5/2 Osier Yang <jyang at redhat.com>:
> Error: RESOURCE_LEAK:
> /builddir/build/BUILD/libvirt-0.9.10/src/esx/esx_vi.c:1893: alloc_arg: Calling allocation function "esxVI_ObjectSpec_Alloc" on "objectSpec".
> /builddir/build/BUILD/libvirt-0.9.10/src/esx/esx_vi_types.generated.c:2065: alloc_arg: "esxVI_Alloc" allocates memory that is stored into "*ptrptr".
> /builddir/build/BUILD/libvirt-0.9.10/src/esx/esx_vi.c:1626: alloc_arg: "virAllocN" allocates memory that is stored into "*ptrptr".
> /builddir/build/BUILD/libvirt-0.9.10/src/util/memory.c:129: alloc_fn: Storage is returned from allocation function "calloc".
> /builddir/build/BUILD/libvirt-0.9.10/src/util/memory.c:129: var_assign: Assigning: "*((void **)ptrptr)" = "calloc(count, size)".
> /builddir/build/BUILD/libvirt-0.9.10/src/esx/esx_vi.c:2006: leaked_storage: Variable "objectSpec" going out of scope leaks the storage it points to.
>
> Error: RESOURCE_LEAK:
> /builddir/build/BUILD/libvirt-0.9.10/src/esx/esx_vi.c:1945: alloc_arg: Calling allocation function "esxVI_PropertySpec_Alloc" on "propertySpec".
> /builddir/build/BUILD/libvirt-0.9.10/src/esx/esx_vi_types.generated.c:2693: alloc_arg: "esxVI_Alloc" allocates memory that is stored into "*ptrptr".
> /builddir/build/BUILD/libvirt-0.9.10/src/esx/esx_vi.c:1626: alloc_arg: "virAllocN" allocates memory that is stored into "*ptrptr".
> /builddir/build/BUILD/libvirt-0.9.10/src/util/memory.c:129: alloc_fn: Storage is returned from allocation function "calloc".
> /builddir/build/BUILD/libvirt-0.9.10/src/util/memory.c:129: var_assign: Assigning: "*((void **)ptrptr)" = "calloc(count, size)".
> /builddir/build/BUILD/libvirt-0.9.10/src/esx/esx_vi.c:2006: leaked_storage: Variable "propertySpec" going out of scope leaks the storage it points to.
>
> Error: RESOURCE_LEAK:
> /builddir/build/BUILD/libvirt-0.9.10/src/esx/esx_vi.c:3913: alloc_arg: Calling allocation function "esxVI_ObjectSpec_Alloc" on "objectSpec".
> /builddir/build/BUILD/libvirt-0.9.10/src/esx/esx_vi_types.generated.c:2065: alloc_arg: "esxVI_Alloc" allocates memory that is stored into "*ptrptr".
> /builddir/build/BUILD/libvirt-0.9.10/src/esx/esx_vi.c:1626: alloc_arg: "virAllocN" allocates memory that is stored into "*ptrptr".
> /builddir/build/BUILD/libvirt-0.9.10/src/util/memory.c:129: alloc_fn: Storage is returned from allocation function "calloc".
> /builddir/build/BUILD/libvirt-0.9.10/src/util/memory.c:129: var_assign: Assigning: "*((void **)ptrptr)" = "calloc(count, size)".
> /builddir/build/BUILD/libvirt-0.9.10/src/esx/esx_vi.c:4075: leaked_storage: Variable "objectSpec" going out of scope leaks the storage it points to.
>
> Error: RESOURCE_LEAK:
> /builddir/build/BUILD/libvirt-0.9.10/src/esx/esx_vi.c:3920: alloc_arg: Calling allocation function "esxVI_PropertySpec_Alloc" on "propertySpec".
> /builddir/build/BUILD/libvirt-0.9.10/src/esx/esx_vi_types.generated.c:2693: alloc_arg: "esxVI_Alloc" allocates memory that is stored into "*ptrptr".
> /builddir/build/BUILD/libvirt-0.9.10/src/esx/esx_vi.c:1626: alloc_arg: "virAllocN" allocates memory that is stored into "*ptrptr".
> /builddir/build/BUILD/libvirt-0.9.10/src/util/memory.c:129: alloc_fn: Storage is returned from allocation function "calloc".
> /builddir/build/BUILD/libvirt-0.9.10/src/util/memory.c:129: var_assign: Assigning: "*((void **)ptrptr)" = "calloc(count, size)".
> /builddir/build/BUILD/libvirt-0.9.10/src/esx/esx_vi.c:4075: leaked_storage: Variable "propertySpec" going out of scope leaks the storage it points to.
> ---
> src/esx/esx_vi.c | 4 ++++
> 1 files changed, 4 insertions(+), 0 deletions(-)
>
> diff --git a/src/esx/esx_vi.c b/src/esx/esx_vi.c
> index 42e0976..1c30e5a 100644
> --- a/src/esx/esx_vi.c
> +++ b/src/esx/esx_vi.c
> @@ -2001,6 +2001,8 @@ esxVI_LookupObjectContentByType(esxVI_Context *ctx,
> propertySpec->pathSet = NULL;
> }
>
> + esxVI_ObjectSpec_Free(&objectSpec);
> + esxVI_PropertySpec_Free(&propertySpec);
> esxVI_PropertyFilterSpec_Free(&propertyFilterSpec);
>
> return result;
> @@ -4066,6 +4068,8 @@ esxVI_WaitForTaskCompletion(esxVI_Context *ctx,
> propertySpec->type = NULL;
> }
>
> + esxVI_ObjectSpec_Free(&objectSpec);
> + esxVI_PropertySpec_Free(&propertySpec);
> esxVI_PropertyFilterSpec_Free(&propertyFilterSpec);
> esxVI_ManagedObjectReference_Free(&propertyFilter);
> VIR_FREE(version);
NACK, Coverity is wrong here.
The following lines in esxVI_LookupObjectContentByType and
esxVI_WaitForTaskCompletion thransfer ownership of the objects to
another one that will free them.
esxVI_PropertySpec_AppendToList(&propertyFilterSpec->propSet, propertySpec)
esxVI_ObjectSpec_AppendToList(&propertyFilterSpec->objectSet, objectSpec)
So there is no leak in the common case here. Yes there is a
possibility in a certain error path to leak them, but your patch
creates a double-free in the common case. I'll post a patch later on
to fix the possible leak in the special error path.
--
Matthias Bolte
http://photron.blogspot.com
More information about the libvir-list
mailing list