hw/block/xen-block.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-)
From: Anthony PERARD <anthony.perard@citrix.com>
Commit 189829399070 ("xen-block: Use specific blockdev driver")
introduced a new error path, without taking care of allocated
resources.
So only allocate the qdicts after the error check, and free both
`filename` and `driver` when we are about to return and thus taking
care of both success and error path.
Coverity only spotted the leak of qdicts (*_layer variables).
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Fixes: Coverity CID 1508722, 1398649
Fixes: 189829399070 ("xen-block: Use specific blockdev driver")
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
---
hw/block/xen-block.c | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/hw/block/xen-block.c b/hw/block/xen-block.c
index f099914831..3906b9058b 100644
--- a/hw/block/xen-block.c
+++ b/hw/block/xen-block.c
@@ -781,14 +781,15 @@ static XenBlockDrive *xen_block_drive_create(const char *id,
drive = g_new0(XenBlockDrive, 1);
drive->id = g_strdup(id);
- file_layer = qdict_new();
- driver_layer = qdict_new();
-
rc = stat(filename, &st);
if (rc) {
error_setg_errno(errp, errno, "Could not stat file '%s'", filename);
goto done;
}
+
+ file_layer = qdict_new();
+ driver_layer = qdict_new();
+
if (S_ISBLK(st.st_mode)) {
qdict_put_str(file_layer, "driver", "host_device");
} else {
@@ -796,7 +797,6 @@ static XenBlockDrive *xen_block_drive_create(const char *id,
}
qdict_put_str(file_layer, "filename", filename);
- g_free(filename);
if (mode && *mode != 'w') {
qdict_put_bool(file_layer, "read-only", true);
@@ -831,7 +831,6 @@ static XenBlockDrive *xen_block_drive_create(const char *id,
qdict_put_str(file_layer, "locking", "off");
qdict_put_str(driver_layer, "driver", driver);
- g_free(driver);
qdict_put(driver_layer, "file", file_layer);
@@ -842,6 +841,8 @@ static XenBlockDrive *xen_block_drive_create(const char *id,
qobject_unref(driver_layer);
done:
+ g_free(filename);
+ g_free(driver);
if (*errp) {
xen_block_drive_destroy(drive, NULL);
return NULL;
--
Anthony PERARD
On 04/07/2023 18:18, Anthony PERARD wrote: > From: Anthony PERARD <anthony.perard@citrix.com> > > Commit 189829399070 ("xen-block: Use specific blockdev driver") > introduced a new error path, without taking care of allocated > resources. > > So only allocate the qdicts after the error check, and free both > `filename` and `driver` when we are about to return and thus taking > care of both success and error path. > > Coverity only spotted the leak of qdicts (*_layer variables). > > Reported-by: Peter Maydell <peter.maydell@linaro.org> > Fixes: Coverity CID 1508722, 1398649 > Fixes: 189829399070 ("xen-block: Use specific blockdev driver") > Signed-off-by: Anthony PERARD <anthony.perard@citrix.com> > --- > hw/block/xen-block.c | 11 ++++++----- > 1 file changed, 6 insertions(+), 5 deletions(-) > Reviewed-by: Paul Durrant <paul@xen.org>
On Tue, 4 Jul 2023 at 18:19, Anthony PERARD <anthony.perard@citrix.com> wrote: > > From: Anthony PERARD <anthony.perard@citrix.com> > > Commit 189829399070 ("xen-block: Use specific blockdev driver") > introduced a new error path, without taking care of allocated > resources. > > So only allocate the qdicts after the error check, and free both > `filename` and `driver` when we are about to return and thus taking > care of both success and error path. > > Coverity only spotted the leak of qdicts (*_layer variables). > > Reported-by: Peter Maydell <peter.maydell@linaro.org> > Fixes: Coverity CID 1508722, 1398649 > Fixes: 189829399070 ("xen-block: Use specific blockdev driver") > Signed-off-by: Anthony PERARD <anthony.perard@citrix.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> thanks -- PMM
© 2016 - 2024 Red Hat, Inc.