[v2] vhost-user-scsi: Fix memleaks in vus_proc_req()

[PATCH v2] vhost-user-scsi: Fix memleaks in vus_proc_req()

Alex Chen posted 1 patch 3 years, 5 months ago

Diff against v1 v3
Download mbox

Test checkpatch passed

Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20201125012543.109997-1-alex.chen@huawei.com

Maintainers: Raphael Norwitz <raphael.norwitz@nutanix.com>, "Michael S. Tsirkin" <mst@redhat.com>

There is a newer version of this series

contrib/vhost-user-scsi/vhost-user-scsi.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

Expand all Fold all

[PATCH v2] vhost-user-scsi: Fix memleaks in vus_proc_req()

Posted by Alex Chen 3 years, 5 months ago

The 'elem' is allocated memory in vu_queue_pop(), and its memory should be
freed in all error branches after vu_queue_pop().
In addition, in order to free the 'elem' memory outside of while(1) loop, move
the definition of 'elem' to the beginning of vus_proc_req().

Reported-by: Euler Robot <euler.robot@huawei.com>
Signed-off-by: Alex Chen <alex.chen@huawei.com>
---
 contrib/vhost-user-scsi/vhost-user-scsi.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/contrib/vhost-user-scsi/vhost-user-scsi.c b/contrib/vhost-user-scsi/vhost-user-scsi.c
index 0f9ba4b2a2..4639440a70 100644
--- a/contrib/vhost-user-scsi/vhost-user-scsi.c
+++ b/contrib/vhost-user-scsi/vhost-user-scsi.c
@@ -232,6 +232,7 @@ static void vus_proc_req(VuDev *vu_dev, int idx)
     VugDev *gdev;
     VusDev *vdev_scsi;
     VuVirtq *vq;
+    VuVirtqElement *elem = NULL;
 
     assert(vu_dev);
 
@@ -248,7 +249,6 @@ static void vus_proc_req(VuDev *vu_dev, int idx)
     g_debug("Got kicked on vq[%d]@%p", idx, vq);
 
     while (1) {
-        VuVirtqElement *elem;
         VirtIOSCSICmdReq *req;
         VirtIOSCSICmdResp *rsp;
 
@@ -288,6 +288,7 @@ static void vus_proc_req(VuDev *vu_dev, int idx)
 
         free(elem);
     }
+    free(elem);
 }
 
 static void vus_queue_set_started(VuDev *vu_dev, int idx, bool started)
-- 
2.19.1

Re: [PATCH v2] vhost-user-scsi: Fix memleaks in vus_proc_req()

Posted by Alex Chen 3 years, 5 months ago

Sorry, I forgot to add the Reviewed-by information, I will send patch v3.

On 2020/11/25 9:25, Alex Chen wrote:
> The 'elem' is allocated memory in vu_queue_pop(), and its memory should be
> freed in all error branches after vu_queue_pop().
> In addition, in order to free the 'elem' memory outside of while(1) loop, move
> the definition of 'elem' to the beginning of vus_proc_req().
> 
> Reported-by: Euler Robot <euler.robot@huawei.com>
> Signed-off-by: Alex Chen <alex.chen@huawei.com>
> ---
>  contrib/vhost-user-scsi/vhost-user-scsi.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/contrib/vhost-user-scsi/vhost-user-scsi.c b/contrib/vhost-user-scsi/vhost-user-scsi.c
> index 0f9ba4b2a2..4639440a70 100644
> --- a/contrib/vhost-user-scsi/vhost-user-scsi.c
> +++ b/contrib/vhost-user-scsi/vhost-user-scsi.c
> @@ -232,6 +232,7 @@ static void vus_proc_req(VuDev *vu_dev, int idx)
>      VugDev *gdev;
>      VusDev *vdev_scsi;
>      VuVirtq *vq;
> +    VuVirtqElement *elem = NULL;
>  
>      assert(vu_dev);
>  
> @@ -248,7 +249,6 @@ static void vus_proc_req(VuDev *vu_dev, int idx)
>      g_debug("Got kicked on vq[%d]@%p", idx, vq);
>  
>      while (1) {
> -        VuVirtqElement *elem;
>          VirtIOSCSICmdReq *req;
>          VirtIOSCSICmdResp *rsp;
>  
> @@ -288,6 +288,7 @@ static void vus_proc_req(VuDev *vu_dev, int idx)
>  
>          free(elem);
>      }
> +    free(elem);
>  }
>  
>  static void vus_queue_set_started(VuDev *vu_dev, int idx, bool started)
>