[PATCH 2/3] qemu: fix memory leak in qemu_driver.c

Peng Liang tcx4c70 at gmail.com
Fri Sep 9 13:37:44 UTC 2022 


On 09/09/2022 14:10, Jiacheng Jiang wrote:
> From: jiangjiacheng <jiangjiacheng at huawei.com>
> 
> Function virTypedParamsAddString may return -1

I don't think `virTypedParamsAddString` will return -1 in the code paths 
you touched. The only case where `virTypedParamsAddString` returns -1 is 
that the `name` you pass to it is too long (>=80), however, in the code 
path you touched `name`s are hard-coded and the lengths of them are <80.

> and the clean path
> doesn't free the memory of eventParams, which will lead to potential
> memory leak.
> 
> Signed-off-by: jiangjiacheng <jiangjiacheng at huawei.com>
> ---
>   src/qemu/qemu_driver.c | 12 ++++++++++++
>   1 file changed, 12 insertions(+)
> 
> diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
> index 707f4cc1bb..c43bc4070e 100644
> --- a/src/qemu/qemu_driver.c
> +++ b/src/qemu/qemu_driver.c
> @@ -4474,11 +4474,15 @@ qemuDomainPinVcpuLive(virDomainObj *vm,
>           goto cleanup;
>   
>       event = virDomainEventTunableNewFromObj(vm, eventParams, eventNparams);
> +    eventParams = NULL;
> +    eventNparams = 0;
>   
>       ret = 0;
>   
>    cleanup:
>       virObjectEventStateQueue(driver->domainEventState, event);
> +    if (eventParams)
> +        virTypedParamsFree(eventParams, eventNparams);
>       return ret;
>   }
>   
> @@ -4683,6 +4687,8 @@ qemuDomainPinEmulator(virDomainPtr dom,
>               goto endjob;
>   
>           event = virDomainEventTunableNewFromDom(dom, eventParams, eventNparams);
> +        eventParams = NULL;
> +        eventNparams = 0;
>       }
>   
>       if (persistentDef) {
> @@ -4699,6 +4705,8 @@ qemuDomainPinEmulator(virDomainPtr dom,
>       qemuDomainObjEndJob(vm);
>   
>    cleanup:
> +    if (eventParams)
> +        virTypedParamsFree(eventParams, eventNparams);
>       virObjectEventStateQueue(driver->domainEventState, event);
>       virDomainObjEndAPI(&vm);
>       return ret;
> @@ -5080,6 +5088,8 @@ qemuDomainPinIOThread(virDomainPtr dom,
>               goto endjob;
>   
>           event = virDomainEventTunableNewFromDom(dom, eventParams, eventNparams);
> +        eventParams = NULL;
> +        eventNparams = 0;
>       }
>   
>       if (persistentDef) {
> @@ -5105,6 +5115,8 @@ qemuDomainPinIOThread(virDomainPtr dom,
>       qemuDomainObjEndJob(vm);
>   
>    cleanup:
> +    if (eventParams)
> +        virTypedParamsFree(eventParams, eventNparams);
>       virObjectEventStateQueue(driver->domainEventState, event);
>       virDomainObjEndAPI(&vm);
>       return ret;

More information about the libvir-list mailing list