[libvirt] [PATCH 02/14] esx: Address resource leak found by Coverity
Matthias Bolte
matthias.bolte at googlemail.com
Thu Jan 10 21:55:26 UTC 2013
2013/1/10 John Ferlan <jferlan at redhat.com>:
> On 01/10/2013 10:49 AM, Matthias Bolte wrote:
>> 2013/1/10 Eric Blake <eblake at redhat.com>:
>>> On 01/09/2013 07:54 AM, John Ferlan wrote:
>>>> Because result was used to determine whether or not to free 'priv'
>>>> resources Coverity tagged the code as having a resource leak. This
>>>> change addresses that concern.
>>>> ---
>>>> src/esx/esx_driver.c | 8 ++++----
>>>> 1 file changed, 4 insertions(+), 4 deletions(-)
>>>>
>>>> diff --git a/src/esx/esx_driver.c b/src/esx/esx_driver.c
>>>> index 1366c81..9befa38 100644
>>>> --- a/src/esx/esx_driver.c
>>>> +++ b/src/esx/esx_driver.c
>>>> @@ -998,6 +998,7 @@ esxOpen(virConnectPtr conn, virConnectAuthPtr auth,
>>>> virReportOOMError();
>>>> goto cleanup;
>>>> }
>>>> + conn->privateData = priv;
>>>>
>>>> if (esxUtil_ParseUri(&priv->parsedUri, conn->uri) < 0) {
>>>> goto cleanup;
>>>
>>> I
>>>
>>>> @@ -1008,8 +1009,6 @@ esxOpen(virConnectPtr conn, virConnectAuthPtr auth,
>>>> priv->supportsLongMode = esxVI_Boolean_Undefined;
>>>> priv->usedCpuTimeCounterId = -1;
>>>>
>>>> - conn->privateData = priv;
>>>> -
>>>> /*
>>>> * Set the port dependent on the transport protocol if no port is
>>>> * specified. This allows us to rely on the port parameter being
>>>> @@ -1104,9 +1103,10 @@ esxOpen(virConnectPtr conn, virConnectAuthPtr auth,
>>>> result = VIR_DRV_OPEN_SUCCESS;
>>>>
>>>> cleanup:
>>>> - if (result == VIR_DRV_OPEN_ERROR) {
>>>> + if (result == VIR_DRV_OPEN_ERROR)
>>>> + conn->privateData = NULL;
>>>> + if (priv && !conn->privateData)
>>>> esxFreePrivate(&priv);
>>>> - }
>>>
>>> This feels a bit complex;
>>
>> I agree.
>>
>
> +1... for a reason though...
>
>>> I had to go read esxFreePrivate() to make sure
>>> it would behave if called on a partial object. Would it be any easier
>>> to delay the assignment to conn->privateData, and use transfer of
>>> ownership semantics, so that the cleanup is unconditional?
>>>
>>> conn->privateData = priv;
>>> priv = NULL;
>>> result = VIR_DRV_OPEN_SUCCESS;
>>> cleanup:
>>> esxFreePrivate(&priv);
>>
>> No! This cannot be done that easily, see commit
>> b126715a48cd0cbe32ec6468c267cd8cf2961c55 "esx: Fix segfault in
>> esxConnectToHost".
>>
>
> And this is why... It is a "false positive" and possibly could be dealt
> with by adding a /* coverity[leaked_storage] */ in the right place as
> well. Although I've had some issues trying to do that for another set
> of changes because the going out of scope happens on the return and
> putting a coverity commit prior to a return hasn't done what I'd expect.
Well, you're commit message didn't state this as a false positive, so
I looked carefully at esxOpen whether or not Coverity was right here,
but couldn't find anything.
Anyway, I'd like to simplify the logic in esxOpen a bit the way Eric
suggested. Here's a patch that does this:
https://www.redhat.com/archives/libvir-list/2013-January/msg00657.html
--
Matthias Bolte
http://photron.blogspot.com
More information about the libvir-list
mailing list