From nobody Tue Oct 28 02:10:45 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1516113842856556.5752418032628; Tue, 16 Jan 2018 06:44:02 -0800 (PST) Received: from localhost ([::1]:39365 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ebST3-0007JU-UF for importer@patchew.org; Tue, 16 Jan 2018 09:44:02 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50349) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ebS43-00031a-Nt for qemu-devel@nongnu.org; Tue, 16 Jan 2018 09:18:17 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ebS3z-0004dt-Bz for qemu-devel@nongnu.org; Tue, 16 Jan 2018 09:18:11 -0500 Received: from mail-wr0-x234.google.com ([2a00:1450:400c:c0c::234]:44280) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1ebS3z-0004da-4Z for qemu-devel@nongnu.org; Tue, 16 Jan 2018 09:18:07 -0500 Received: by mail-wr0-x234.google.com with SMTP id w50so15321962wrc.11 for ; Tue, 16 Jan 2018 06:18:07 -0800 (PST) Received: from 640k.lan (dynamic-adsl-78-12-229-84.clienti.tiscali.it. [78.12.229.84]) by smtp.gmail.com with ESMTPSA id u10sm1537758wrg.6.2018.01.16.06.18.04 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 16 Jan 2018 06:18:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=u/XEinF2UPj6vJ+xaHPulxx9JcoWOEooHQwRQ8Cr5DU=; b=UWkXY7CNFV9vVYlRpSyhFgQ5/fk8Tq/tG8wrTW5AsF/iLLB5poMwH3gEpv70Su3rOr kGmbskuKvuh0imxNNy4ZVnh1Dvalng6HPzUNt4uJ6BG4ltMzr8iFwnTQAvHvAZ65s1oo BJmeHQu3p1ItGN5x7pgO40AzAdnR5OjbgW5joob9Eg9EJhM/3cmEpl7JhzyX8C162PUs AW0ji9ApFKxpnhHt4oWm3Uf2dgRPd/fZQG0bNVVRvK9t8FDMUk9DrXpWSjRjiKZ6HeFQ QTbLrMH26FLSabPnCM5zNA5EYWEUisPSev6CR4sPSpMQJwAOnwQO5xI1oqp/RLvlKPj4 bpOg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=u/XEinF2UPj6vJ+xaHPulxx9JcoWOEooHQwRQ8Cr5DU=; b=H2TO0K/eef49++OZKecrAAmLRdV8DWWZOlCOh3QCjwBA9evRoLbYpAZ+IkiAPqemkq hQ1M9BeHNGOz7SK5l+p0GiqLLGYR0H3c5NlYtebuoHD/DdhxJ51BA02j2NO6edOSquTE YwkAVBFIcvAgF4AhUPFoyqml8eCI49szYk/r0MHT/Q19oRMF+d+A+iyM0UDMkhw3EbIM N65Do3xF8kGt2WNKwLPvI0OeZTwx6BzOq5jGbPUbRlowSz+7zd4tKbhgIoqZjvj7ONAR gQkqQKL7jR5aId0nMhsy4lYcOOp2XL6rWqnuJXmhG0GIGu07BUtJDNpBeBjb/L5WTDSy P3wg== X-Gm-Message-State: AKwxytcMMIc+w3XYiWL/Txz7xAbbF9WZ7OoCRWGpB6VDMSa0YQcgWX1G m/+NlBd4cw3S8Ll/KJBeYqS7Tggw X-Google-Smtp-Source: ACJfBosCDNxy3O1Cu1Cu+1CI5IJVTDUWrzjBxoIXtfuF96zaRENb+orFwxGXmmD43p7GWOkoMblFgg== X-Received: by 10.223.164.22 with SMTP id d22mr16826240wra.186.1516112285702; Tue, 16 Jan 2018 06:18:05 -0800 (PST) From: Paolo Bonzini To: qemu-devel@nongnu.org Date: Tue, 16 Jan 2018 15:17:02 +0100 Message-Id: <1516112253-14480-21-git-send-email-pbonzini@redhat.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1516112253-14480-1-git-send-email-pbonzini@redhat.com> References: <1516112253-14480-1-git-send-email-pbonzini@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:400c:c0c::234 Subject: [Qemu-devel] [PULL 20/51] qemu-config: fix leak in query-command-line-options X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 From: Marc-Andr=C3=A9 Lureau Direct leak of 160 byte(s) in 4 object(s) allocated from: #0 0x55ed7678cda8 in calloc (/home/elmarco/src/qq/build/x86_64-softmmu/= qemu-system-x86_64+0x797da8) #1 0x7f3f5e725f75 in g_malloc0 /home/elmarco/src/gnome/glib/builddir/..= /glib/gmem.c:124 #2 0x55ed778aa3a7 in query_option_descs /home/elmarco/src/qq/util/qemu-= config.c:60:16 #3 0x55ed778aa307 in get_drive_infolist /home/elmarco/src/qq/util/qemu-= config.c:140:19 #4 0x55ed778a9f40 in qmp_query_command_line_options /home/elmarco/src/q= q/util/qemu-config.c:254:36 #5 0x55ed76d4868c in qmp_marshal_query_command_line_options /home/elmar= co/src/qq/build/qmp-marshal.c:3078:14 #6 0x55ed77855dd5 in do_qmp_dispatch /home/elmarco/src/qq/qapi/qmp-disp= atch.c:104:5 #7 0x55ed778558cc in qmp_dispatch /home/elmarco/src/qq/qapi/qmp-dispatc= h.c:131:11 #8 0x55ed768b592f in handle_qmp_command /home/elmarco/src/qq/monitor.c:= 3840:11 #9 0x55ed7786ccfe in json_message_process_token /home/elmarco/src/qq/qo= bject/json-streamer.c:105:5 #10 0x55ed778fe37c in json_lexer_feed_char /home/elmarco/src/qq/qobject= /json-lexer.c:323:13 #11 0x55ed778fdde6 in json_lexer_feed /home/elmarco/src/qq/qobject/json= -lexer.c:373:15 #12 0x55ed7786cd83 in json_message_parser_feed /home/elmarco/src/qq/qob= ject/json-streamer.c:124:12 #13 0x55ed768b559e in monitor_qmp_read /home/elmarco/src/qq/monitor.c:3= 882:5 #14 0x55ed77714f29 in qemu_chr_be_write_impl /home/elmarco/src/qq/chard= ev/char.c:167:9 #15 0x55ed77714fde in qemu_chr_be_write /home/elmarco/src/qq/chardev/ch= ar.c:179:9 #16 0x55ed7772ffad in tcp_chr_read /home/elmarco/src/qq/chardev/char-so= cket.c:440:13 #17 0x55ed7777113b in qio_channel_fd_source_dispatch /home/elmarco/src/= qq/io/channel-watch.c:84:12 #18 0x7f3f5e71d90b in g_main_dispatch /home/elmarco/src/gnome/glib/buil= ddir/../glib/gmain.c:3182 #19 0x7f3f5e71e7ac in g_main_context_dispatch /home/elmarco/src/gnome/g= lib/builddir/../glib/gmain.c:3847 #20 0x55ed77886ffc in glib_pollfds_poll /home/elmarco/src/qq/util/main-= loop.c:214:9 #21 0x55ed778865fd in os_host_main_loop_wait /home/elmarco/src/qq/util/= main-loop.c:261:5 #22 0x55ed77886222 in main_loop_wait /home/elmarco/src/qq/util/main-loo= p.c:515:11 #23 0x55ed76d2a4df in main_loop /home/elmarco/src/qq/vl.c:1995:9 #24 0x55ed76d1cb4a in main /home/elmarco/src/qq/vl.c:4914:5 #25 0x7f3f555f6039 in __libc_start_main (/lib64/libc.so.6+0x21039) Signed-off-by: Marc-Andr=C3=A9 Lureau Reviewed-by: Eric Blake Message-Id: <20180104160523.22995-14-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini --- util/qemu-config.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/util/qemu-config.c b/util/qemu-config.c index 99b0e46..029fec5 100644 --- a/util/qemu-config.c +++ b/util/qemu-config.c @@ -105,7 +105,8 @@ static void cleanup_infolist(CommandLineParameterInfoLi= st *head) if (!strcmp(pre_entry->value->name, cur->next->value->name)) { del_entry =3D cur->next; cur->next =3D cur->next->next; - g_free(del_entry); + del_entry->next =3D NULL; + qapi_free_CommandLineParameterInfoList(del_entry); break; } pre_entry =3D pre_entry->next; --=20 1.8.3.1