Don't leak 'cluster' in the mapping == NULL case. Found by Coverity
(CID 1055918).
Fixes: 8d9401c2791ee2d2805b741b1ee3006041edcd3e
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block/vvfat.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/block/vvfat.c b/block/vvfat.c
index 1de5de1db4..b7b61ea8b7 100644
--- a/block/vvfat.c
+++ b/block/vvfat.c
@@ -2510,7 +2510,7 @@ static int commit_one_file(BDRVVVFATState* s,
uint32_t first_cluster = c;
mapping_t* mapping = find_mapping_for_cluster(s, c);
uint32_t size = filesize_of_direntry(direntry);
- char* cluster = g_malloc(s->cluster_size);
+ char *cluster;
uint32_t i;
int fd = 0;
@@ -2528,17 +2528,17 @@ static int commit_one_file(BDRVVVFATState* s,
if (fd < 0) {
fprintf(stderr, "Could not open %s... (%s, %d)\n", mapping->path,
strerror(errno), errno);
- g_free(cluster);
return fd;
}
if (offset > 0) {
if (lseek(fd, offset, SEEK_SET) != offset) {
qemu_close(fd);
- g_free(cluster);
return -3;
}
}
+ cluster = g_malloc(s->cluster_size);
+
while (offset < size) {
uint32_t c1;
int rest_size = (size - offset > s->cluster_size ?
--
2.19.1
On 14/11/18 13:55, Kevin Wolf wrote:
> Don't leak 'cluster' in the mapping == NULL case. Found by Coverity
> (CID 1055918).
>
> Fixes: 8d9401c2791ee2d2805b741b1ee3006041edcd3e
> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
> ---
> block/vvfat.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/block/vvfat.c b/block/vvfat.c
> index 1de5de1db4..b7b61ea8b7 100644
> --- a/block/vvfat.c
> +++ b/block/vvfat.c
> @@ -2510,7 +2510,7 @@ static int commit_one_file(BDRVVVFATState* s,
> uint32_t first_cluster = c;
> mapping_t* mapping = find_mapping_for_cluster(s, c);
> uint32_t size = filesize_of_direntry(direntry);
> - char* cluster = g_malloc(s->cluster_size);
> + char *cluster;
> uint32_t i;
> int fd = 0;
>
> @@ -2528,17 +2528,17 @@ static int commit_one_file(BDRVVVFATState* s,
> if (fd < 0) {
> fprintf(stderr, "Could not open %s... (%s, %d)\n", mapping->path,
> strerror(errno), errno);
> - g_free(cluster);
> return fd;
> }
> if (offset > 0) {
> if (lseek(fd, offset, SEEK_SET) != offset) {
> qemu_close(fd);
> - g_free(cluster);
> return -3;
> }
> }
>
> + cluster = g_malloc(s->cluster_size);
> +
> while (offset < size) {
> uint32_t c1;
> int rest_size = (size - offset > s->cluster_size ?
>
On 14/11/2018 12:55, Kevin Wolf wrote:
> Don't leak 'cluster' in the mapping == NULL case. Found by Coverity
> (CID 1055918).
>
> Fixes: 8d9401c2791ee2d2805b741b1ee3006041edcd3e
> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Liam Merwick <liam.merwick@oracle.com>
Thanks.
> ---
> block/vvfat.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/block/vvfat.c b/block/vvfat.c
> index 1de5de1db4..b7b61ea8b7 100644
> --- a/block/vvfat.c
> +++ b/block/vvfat.c
> @@ -2510,7 +2510,7 @@ static int commit_one_file(BDRVVVFATState* s,
> uint32_t first_cluster = c;
> mapping_t* mapping = find_mapping_for_cluster(s, c);
> uint32_t size = filesize_of_direntry(direntry);
> - char* cluster = g_malloc(s->cluster_size);
> + char *cluster;
> uint32_t i;
> int fd = 0;
>
> @@ -2528,17 +2528,17 @@ static int commit_one_file(BDRVVVFATState* s,
> if (fd < 0) {
> fprintf(stderr, "Could not open %s... (%s, %d)\n", mapping->path,
> strerror(errno), errno);
> - g_free(cluster);
> return fd;
> }
> if (offset > 0) {
> if (lseek(fd, offset, SEEK_SET) != offset) {
> qemu_close(fd);
> - g_free(cluster);
> return -3;
> }
> }
>
> + cluster = g_malloc(s->cluster_size);
> +
> while (offset < size) {
> uint32_t c1;
> int rest_size = (size - offset > s->cluster_size ?
>
© 2016 - 2025 Red Hat, Inc.