| 1 | The following changes since commit 64175afc695c0672876fbbfc31b299c86d562cb4: | 1 | The following changes since commit 786fd793b81410fb2a28914315e2f05d2ff6733b: |
|---|---|---|---|
| 2 | 2 | ||
| 3 | arm_gicv3: Fix ICC_BPR1 reset value when EL3 not implemented (2017-06-07 17:21:44 +0100) | 3 | Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging (2024-04-03 12:52:03 +0100) |
| 4 | 4 | ||
| 5 | are available in the git repository at: | 5 | are available in the Git repository at: |
| 6 | 6 | ||
| 7 | git://github.com/codyprime/qemu-kvm-jtc.git tags/block-pull-request | 7 | https://gitlab.com/stefanha/qemu.git tags/block-pull-request |
| 8 | 8 | ||
| 9 | for you to fetch changes up to 56faeb9bb6872b3f926b3b3e0452a70beea10af2: | 9 | for you to fetch changes up to bbdf9023665f409113cb07b463732861af63fb47: |
| 10 | 10 | ||
| 11 | block/gluster.c: Handle qdict_array_entries() failure (2017-06-09 08:41:29 -0400) | 11 | block/virtio-blk: Fix memory leak from virtio_blk_zone_report (2024-04-04 09:29:42 -0400) |
| 12 | 12 | ||
| 13 | ---------------------------------------------------------------- | 13 | ---------------------------------------------------------------- |
| 14 | Gluster patch | 14 | Pull request |
| 15 | |||
| 16 | Fix a memory leak in virtio-blk zone report emulation code when the request is | ||
| 17 | invalid. | ||
| 18 | |||
| 15 | ---------------------------------------------------------------- | 19 | ---------------------------------------------------------------- |
| 16 | 20 | ||
| 17 | Peter Maydell (1): | 21 | Zheyu Ma (1): |
| 18 | block/gluster.c: Handle qdict_array_entries() failure | 22 | block/virtio-blk: Fix memory leak from virtio_blk_zone_report |
| 19 | 23 | ||
| 20 | block/gluster.c | 3 +-- | 24 | hw/block/virtio-blk.c | 3 ++- |
| 21 | 1 file changed, 1 insertion(+), 2 deletions(-) | 25 | 1 file changed, 2 insertions(+), 1 deletion(-) |
| 22 | 26 | ||
| 23 | -- | 27 | -- |
| 24 | 2.9.3 | 28 | 2.44.0 |
| 25 | |||
| 26 | diff view generated by jsdifflib |
| 1 | From: Peter Maydell <peter.maydell@linaro.org> | 1 | From: Zheyu Ma <zheyuma97@gmail.com> |
|---|---|---|---|
| 2 | 2 | ||
| 3 | In qemu_gluster_parse_json(), the call to qdict_array_entries() | 3 | This modification ensures that in scenarios where the buffer size is |
| 4 | could return a negative error code, which we were ignoring | 4 | insufficient for a zone report, the function will now properly set an |
| 5 | because we assigned the result to an unsigned variable. | 5 | error status and proceed to a cleanup label, instead of merely |
| 6 | Fix this by using the 'int' type instead, which matches the | 6 | returning. |
| 7 | return type of qdict_array_entries() and also the type | ||
| 8 | we use for the loop enumeration variable 'i'. | ||
| 9 | 7 | ||
| 10 | (Spotted by Coverity, CID 1360960.) | 8 | The following ASAN log reveals it: |
| 11 | 9 | ||
| 12 | Signed-off-by: Peter Maydell <peter.maydell@linaro.org> | 10 | ==1767400==ERROR: LeakSanitizer: detected memory leaks |
| 13 | Reviewed-by: Eric Blake <eblake@redhat.com> | 11 | Direct leak of 312 byte(s) in 1 object(s) allocated from: |
| 14 | Reviewed-by: Jeff Cody <jcody@redhat.com> | 12 | #0 0x64ac7b3280cd in malloc llvm/compiler-rt/lib/asan/asan_malloc_linux.cpp:129:3 |
| 15 | Message-id: 1496682098-1540-1-git-send-email-peter.maydell@linaro.org | 13 | #1 0x735b02fb9738 in g_malloc (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x5e738) |
| 16 | Signed-off-by: Jeff Cody <jcody@redhat.com> | 14 | #2 0x64ac7d23be96 in virtqueue_split_pop hw/virtio/virtio.c:1612:12 |
| 15 | #3 0x64ac7d23728a in virtqueue_pop hw/virtio/virtio.c:1783:16 | ||
| 16 | #4 0x64ac7cfcaacd in virtio_blk_get_request hw/block/virtio-blk.c:228:27 | ||
| 17 | #5 0x64ac7cfca7c7 in virtio_blk_handle_vq hw/block/virtio-blk.c:1123:23 | ||
| 18 | #6 0x64ac7cfecb95 in virtio_blk_handle_output hw/block/virtio-blk.c:1157:5 | ||
| 19 | |||
| 20 | Signed-off-by: Zheyu Ma <zheyuma97@gmail.com> | ||
| 21 | Message-id: 20240404120040.1951466-1-zheyuma97@gmail.com | ||
| 22 | Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> | ||
| 17 | --- | 23 | --- |
| 18 | block/gluster.c | 3 +-- | 24 | hw/block/virtio-blk.c | 3 ++- |
| 19 | 1 file changed, 1 insertion(+), 2 deletions(-) | 25 | 1 file changed, 2 insertions(+), 1 deletion(-) |
| 20 | 26 | ||
| 21 | diff --git a/block/gluster.c b/block/gluster.c | 27 | diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c |
| 22 | index XXXXXXX..XXXXXXX 100644 | 28 | index XXXXXXX..XXXXXXX 100644 |
| 23 | --- a/block/gluster.c | 29 | --- a/hw/block/virtio-blk.c |
| 24 | +++ b/block/gluster.c | 30 | +++ b/hw/block/virtio-blk.c |
| 25 | @@ -XXX,XX +XXX,XX @@ static int qemu_gluster_parse_json(BlockdevOptionsGluster *gconf, | 31 | @@ -XXX,XX +XXX,XX @@ static void virtio_blk_handle_zone_report(VirtIOBlockReq *req, |
| 26 | Error *local_err = NULL; | 32 | sizeof(struct virtio_blk_zone_report) + |
| 27 | char *str = NULL; | 33 | sizeof(struct virtio_blk_zone_descriptor)) { |
| 28 | const char *ptr; | 34 | virtio_error(vdev, "in buffer too small for zone report"); |
| 29 | - size_t num_servers; | 35 | - return; |
| 30 | - int i, type; | 36 | + err_status = VIRTIO_BLK_S_ZONE_INVALID_CMD; |
| 31 | + int i, type, num_servers; | 37 | + goto out; |
| 32 | 38 | } | |
| 33 | /* create opts info from runtime_json_opts list */ | 39 | |
| 34 | opts = qemu_opts_create(&runtime_json_opts, NULL, 0, &error_abort); | 40 | /* start byte offset of the zone report */ |
| 35 | -- | 41 | -- |
| 36 | 2.9.3 | 42 | 2.44.0 |
| 37 | |||
| 38 | diff view generated by jsdifflib |