[libvirt] [PATCH 06/19] qemu_agent: Resolve Coverity RESOURCE_LEAK
Ján Tomko
jtomko at redhat.com
Thu Aug 28 09:03:20 UTC 2014
On 08/28/2014 04:40 AM, Wang Rui wrote:
> On 2014/8/28 4:54, John Ferlan wrote:
>> Coverity found that on error paths, the 'arg' value wasn't be cleaned
>> up. Followed the example in qemuAgentSetVCPUs() where upon successful call
>> to qemuAgentCommand() the 'cpus' is set to NULL; otherwise, when cleanup
>> occurs the free the memory for 'arg'
>>
>> Signed-off-by: John Ferlan <jferlan at redhat.com>
>> ---
>> src/qemu/qemu_agent.c | 6 ++++--
>> 1 file changed, 4 insertions(+), 2 deletions(-)
>>
>> diff --git a/src/qemu/qemu_agent.c b/src/qemu/qemu_agent.c
>> index a10954a..fe38f6d 100644
>> --- a/src/qemu/qemu_agent.c
>> +++ b/src/qemu/qemu_agent.c
>> @@ -1328,7 +1328,7 @@ int qemuAgentFSFreeze(qemuAgentPtr mon, const char **mountpoints,
>> unsigned int nmountpoints)
>> {
>> int ret = -1;
>> - virJSONValuePtr cmd, arg;
>> + virJSONValuePtr cmd, arg = NULL;
>> virJSONValuePtr reply = NULL;
>>
>> if (mountpoints && nmountpoints) {
>> @@ -1343,7 +1343,8 @@ int qemuAgentFSFreeze(qemuAgentPtr mon, const char **mountpoints,
>> }
>>
>> if (!cmd)
>> - return -1;
>> + goto cleanup;
>> + arg = NULL;
>
> Setting arg to NULL can also lead to memory leak.
> It makes virJSONValueFree(arg) below invalid.
If qemuAgentMakeCommand succeeds, the 'arg' array is now owned by 'cmd' and we
need to set it to NULL here to prevent double free.
ACK to the patch as-is.
Jan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20140828/5d09a3d4/attachment-0001.sig>
More information about the libvir-list
mailing list