[PULL 3/3] hw/mips/boston: Fix memory leak in boston_fdt_filter() error-handling paths

Philippe Mathieu-Daudé f4bug at amsat.org
Sun Nov 8 23:42:34 UTC 2020


From: Peter Maydell <peter.maydell at linaro.org>

Coverity points out that the error-handling paths in the
boston_fdt_filter() function don't free the fdt that was allocated.
Fix the leak by using g_autofree.

Fixes: Coverity CID 1432275

Signed-off-by: Peter Maydell <peter.maydell at linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug at amsat.org>
Message-Id: <20201106175823.1650-1-peter.maydell at linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug at amsat.org>
---
 hw/mips/boston.c | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/hw/mips/boston.c b/hw/mips/boston.c
index 3356d7a6814..3d40867dc4c 100644
--- a/hw/mips/boston.c
+++ b/hw/mips/boston.c
@@ -349,11 +349,9 @@ static const void *boston_fdt_filter(void *opaque, const void *fdt_orig,
     MachineState *machine = s->mach;
     const char *cmdline;
     int err;
-    void *fdt;
-    size_t fdt_sz, ram_low_sz, ram_high_sz;
-
-    fdt_sz = fdt_totalsize(fdt_orig) * 2;
-    fdt = g_malloc0(fdt_sz);
+    size_t ram_low_sz, ram_high_sz;
+    size_t fdt_sz = fdt_totalsize(fdt_orig) * 2;
+    g_autofree void *fdt = g_malloc0(fdt_sz);
 
     err = fdt_open_into(fdt_orig, fdt, fdt_sz);
     if (err) {
@@ -380,7 +378,7 @@ static const void *boston_fdt_filter(void *opaque, const void *fdt_orig,
 
     s->fdt_base = *load_addr;
 
-    return fdt;
+    return g_steal_pointer(&fdt);
 }
 
 static const void *boston_kernel_filter(void *opaque, const void *kernel,
-- 
2.26.2




More information about the libvir-list mailing list