[PATCH] fix leaks found wtih fuzzing

Dmitry Frolov posted 1 patch 1 year, 3 months ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20230825115818.1091936-1-frolov@swemel.ru
Maintainers: Gerd Hoffmann <kraxel@redhat.com>, "Marc-André Lureau" <marcandre.lureau@redhat.com>
ui/gtk.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
[PATCH] fix leaks found wtih fuzzing
Posted by Dmitry Frolov 1 year, 3 months ago
It is true, that there is no problem during runtime
from the first sight, because the memory is lost just
before qemu exits. Nevertheless, this change is necessary,
because AddressSanitizer is not able to recognize this
situation and produces crash-report (which is
false-positive in fact). Lots of False-Positive warnings
are davaluing problems, found with fuzzing, and thus the
whole methodology of dynamic analysis.
This patch eliminates such False-Positive reports,
and makes every problem, found with fuzzing, more valuable.

Fixes: 060ab76356 ("gtk: don't exit early in case gtk init fails")

Signed-off-by: Dmitry Frolov <frolov@swemel.ru>
---
v2: Moved declarations in the beginning.
v3: Fixed errors in v2.

 ui/gtk.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/ui/gtk.c b/ui/gtk.c
index 8ba41c8f13..7db972732b 100644
--- a/ui/gtk.c
+++ b/ui/gtk.c
@@ -2360,7 +2360,7 @@ static void gtk_display_init(DisplayState *ds, DisplayOptions *opts)
 {
     VirtualConsole *vc;
 
-    GtkDisplayState *s = g_malloc0(sizeof(*s));
+    GtkDisplayState *s;
     GdkDisplay *window_display;
     GtkIconTheme *theme;
     char *dir;
@@ -2370,6 +2370,7 @@ static void gtk_display_init(DisplayState *ds, DisplayOptions *opts)
         exit(1);
     }
     assert(opts->type == DISPLAY_TYPE_GTK);
+    s = g_malloc0(sizeof(*s));
     s->opts = opts;
 
     theme = gtk_icon_theme_get_default();
-- 
2.34.1
Re: [PATCH] fix leaks found wtih fuzzing
Posted by Michael Tokarev 1 year, 3 months ago
25.08.2023 14:58, Dmitry Frolov wrote:
> It is true, that there is no problem during runtime
> from the first sight, because the memory is lost just
> before qemu exits. Nevertheless, this change is necessary,
> because AddressSanitizer is not able to recognize this
> situation and produces crash-report (which is
> false-positive in fact). Lots of False-Positive warnings
> are davaluing problems, found with fuzzing, and thus the
> whole methodology of dynamic analysis.
> This patch eliminates such False-Positive reports,
> and makes every problem, found with fuzzing, more valuable.
> 
> Fixes: 060ab76356 ("gtk: don't exit early in case gtk init fails")
> 
> Signed-off-by: Dmitry Frolov <frolov@swemel.ru>

A nitpkck: I'm suggesting subject prefix to be "ui/gtk:".

With that fixed (can be done at apply time),

Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>

/mjt