In microvm_fix_kernel_cmdline(), fw_cfg_modify_string() is duplicating
cmdline instead of taking ownership of it. Free it afterwards to avoid
leaking it.

Reported-by: Coverity (CID 1407218)
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Sergio Lopez <slp@redhat.com>
---
 hw/i386/microvm.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/hw/i386/microvm.c b/hw/i386/microvm.c
index 8aacd6c8d1..def37e60f7 100644
--- a/hw/i386/microvm.c
+++ b/hw/i386/microvm.c
@@ -331,6 +331,8 @@ static void microvm_fix_kernel_cmdline(MachineState *machine)
 
     fw_cfg_modify_i32(x86ms->fw_cfg, FW_CFG_CMDLINE_SIZE, strlen(cmdline) + 1);
     fw_cfg_modify_string(x86ms->fw_cfg, FW_CFG_CMDLINE_DATA, cmdline);
+
+    g_free(cmdline);
 }
 
 static void microvm_machine_state_init(MachineState *machine)
-- 
2.23.0

On 12/11/19 17:34, Sergio Lopez wrote:
> In microvm_fix_kernel_cmdline(), fw_cfg_modify_string() is duplicating
> cmdline instead of taking ownership of it. Free it afterwards to avoid
> leaking it.
> 
> Reported-by: Coverity (CID 1407218)
> Suggested-by: Peter Maydell <peter.maydell@linaro.org>
> Signed-off-by: Sergio Lopez <slp@redhat.com>
> ---
>  hw/i386/microvm.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/hw/i386/microvm.c b/hw/i386/microvm.c
> index 8aacd6c8d1..def37e60f7 100644
> --- a/hw/i386/microvm.c
> +++ b/hw/i386/microvm.c
> @@ -331,6 +331,8 @@ static void microvm_fix_kernel_cmdline(MachineState *machine)
>  
>      fw_cfg_modify_i32(x86ms->fw_cfg, FW_CFG_CMDLINE_SIZE, strlen(cmdline) + 1);
>      fw_cfg_modify_string(x86ms->fw_cfg, FW_CFG_CMDLINE_DATA, cmdline);
> +
> +    g_free(cmdline);
>  }
>  
>  static void microvm_machine_state_init(MachineState *machine)
> 

Queued, thanks.

Paolo