[Libvirt-cim] [PATCH 1 of 4] VSSD: validate client given object path
Heidi Eckhart
heidieck at linux.vnet.ibm.com
Mon Feb 25 09:59:46 UTC 2008
Dan Smith wrote:
> HE> + if (dom == NULL) {
> HE> + cu_statusf(broker, &s,
> HE> + CMPI_RC_ERR_NOT_FOUND,
> HE> + "No such instance (%s)",
> HE> + name);
> HE> + goto out;
>
> I think you leak dom here, since you moved the virDomainFree before
> the out target:
>
Mhh, I think not. If dom==NULL we "goto out". If dom is there, then
_get_vssd() is called and virDomainFree right after. So there is no
"goto out" jump in between these steps.
> HE> + }
> HE> +
> HE> + *_inst = _get_vssd(broker, reference, conn, dom, &s);
> HE> +
> HE> + virDomainFree(dom);
> HE> +
> HE> out:
> HE> virConnectClose(conn);
> HE> +
> HE> + return s;
> HE> +}
>
> ...
>
> HE> +CMPIStatus get_vssd_by_ref(const CMPIBroker *broker,
> HE> + const CMPIObjectPath *reference,
> HE> + CMPIInstance **_inst)
> HE> +{
> HE> + CMPIStatus s = {CMPI_RC_OK, NULL};
> HE> + char *name = NULL;
> HE> +
> HE> + if (!parse_instanceid(reference, NULL, &name)) {
> HE> + cu_statusf(broker, &s,
> HE> + CMPI_RC_ERR_NOT_FOUND,
> HE> + "No such instance (InstanceID)");
> HE> + goto out;
> HE> + }
> HE> +
> HE> + s = get_vssd_by_name(broker, reference, name, _inst);
> HE> + if (s.rc != CMPI_RC_OK)
> HE> + goto out;
>
> You leak name here because the free is before the out:
>
Good catch ... will fix this. Thanks :).
--
Regards
Heidi Eckhart
Software Engineer
IBM Linux Technology Center - Open Hypervisor
More information about the Libvirt-cim
mailing list