[libvirt] [PATCH 1/2] security: Resolve Coverity RESOURCE_LEAK
Pavel Hrdina
phrdina at redhat.com
Sat Feb 14 07:45:33 UTC 2015
On Fri, Feb 13, 2015 at 03:21:39PM -0500, John Ferlan wrote:
> Introduced by commit id 'c3d9d3bb' - return from virSecurityManagerCheckModel
> wasn't VIR_FREE()'ing the virSecurityManagerGetNested allocated memory.
>
> Signed-off-by: John Ferlan <jferlan at redhat.com>
> ---
> src/security/security_manager.c | 17 ++++++++++++-----
> 1 file changed, 12 insertions(+), 5 deletions(-)
>
> diff --git a/src/security/security_manager.c b/src/security/security_manager.c
> index f2a32bc..12663ad 100644
> --- a/src/security/security_manager.c
> +++ b/src/security/security_manager.c
> @@ -688,24 +688,31 @@ virSecurityManagerReleaseLabel(virSecurityManagerPtr mgr,
> static int virSecurityManagerCheckModel(virSecurityManagerPtr mgr,
> char *secmodel)
> {
> + int ret = -1;
> size_t i;
> virSecurityManagerPtr *sec_managers = NULL;
>
> if ((sec_managers = virSecurityManagerGetNested(mgr)) == NULL)
> return -1;
>
> - if (STREQ_NULLABLE(secmodel, "none"))
> - return 0;
> + if (STREQ_NULLABLE(secmodel, "none")) {
> + ret = 0;
> + goto cleanup;
> + }
I would move the check for secmodel == "none" before
virSecurityManagerCheckModel(). We don't need to get security managers if the
secmodel is "none" and you can safely return 0.
>
> for (i = 0; sec_managers[i]; i++) {
> - if (STREQ_NULLABLE(secmodel, sec_managers[i]->drv->name))
> - return 0;
> + if (STREQ_NULLABLE(secmodel, sec_managers[i]->drv->name)) {
> + ret = 0;
> + goto cleanup;
> + }
> }
>
> virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
> _("Unable to find security driver for model %s"),
> secmodel);
> - return -1;
> + cleanup:
> + VIR_FREE(sec_managers);
> + return ret;
> }
>
>
> --
> 2.1.0
>
ACK with the change suggested above.
Pavel
> --
> libvir-list mailing list
> libvir-list at redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list
More information about the libvir-list
mailing list