1. Patchew
  2. QEMU
  3. View series

[PATCH] qga: fix leak of base64 decoded data on command error

Daniel P. Berrangé posted 1 patch 2 years, 9 months ago
Test checkpatch passed
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20210809131029.3759267-1-berrange@redhat.com
qga/commands.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
[PATCH] qga: fix leak of base64 decoded data on command error
Posted by Daniel P. Berrangé 2 years, 9 months ago 
If the guest command fails to be spawned, then we would leak the decoded
base64 input used for the command's stdin feed.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
 qga/commands.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/qga/commands.c b/qga/commands.c
index a6491d2cf8..80501e4a73 100644
--- a/qga/commands.c
+++ b/qga/commands.c
@@ -402,7 +402,7 @@ GuestExec *qmp_guest_exec(const char *path,
     GIOChannel *in_ch, *out_ch, *err_ch;
     GSpawnFlags flags;
     bool has_output = (has_capture_output && capture_output);
-    uint8_t *input = NULL;
+    g_autofree uint8_t *input = NULL;
     size_t ninput = 0;
 
     arglist.value = (char *)path;
@@ -441,7 +441,7 @@ GuestExec *qmp_guest_exec(const char *path,
     g_child_watch_add(pid, guest_exec_child_watch, gei);
 
     if (has_input_data) {
-        gei->in.data = input;
+        gei->in.data = g_steal_pointer(&input);
         gei->in.size = ninput;
 #ifdef G_OS_WIN32
         in_ch = g_io_channel_win32_new_fd(in_fd);
-- 
2.31.1
Re: [PATCH] qga: fix leak of base64 decoded data on command error
Posted by Marc-André Lureau 2 years, 9 months ago 
On Mon, Aug 9, 2021 at 5:11 PM Daniel P. Berrangé <berrange@redhat.com>
wrote:

> If the guest command fails to be spawned, then we would leak the decoded
> base64 input used for the command's stdin feed.
>
> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
>

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>

---
>  qga/commands.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/qga/commands.c b/qga/commands.c
> index a6491d2cf8..80501e4a73 100644
> --- a/qga/commands.c
> +++ b/qga/commands.c
> @@ -402,7 +402,7 @@ GuestExec *qmp_guest_exec(const char *path,
>      GIOChannel *in_ch, *out_ch, *err_ch;
>      GSpawnFlags flags;
>      bool has_output = (has_capture_output && capture_output);
> -    uint8_t *input = NULL;
> +    g_autofree uint8_t *input = NULL;
>      size_t ninput = 0;
>
>      arglist.value = (char *)path;
> @@ -441,7 +441,7 @@ GuestExec *qmp_guest_exec(const char *path,
>      g_child_watch_add(pid, guest_exec_child_watch, gei);
>
>      if (has_input_data) {
> -        gei->in.data = input;
> +        gei->in.data = g_steal_pointer(&input);
>          gei->in.size = ninput;
>  #ifdef G_OS_WIN32
>          in_ch = g_io_channel_win32_new_fd(in_fd);
> --
> 2.31.1
>
>
>

-- 
Marc-André Lureau

Patchew 2.1-devel-0870f84

© 2016 - 2024 Red Hat, Inc.