[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v2 1/2] vfio-ccw: fix memory leaks in vfio_ccw_r
|
From: |
Cornelia Huck |
|
Subject: |
Re: [Qemu-devel] [PATCH v2 1/2] vfio-ccw: fix memory leaks in vfio_ccw_realize() |
|
Date: |
Mon, 9 Apr 2018 10:00:01 +0200 |
On Sat, 07 Apr 2018 16:43:46 +0200
Greg Kurz <address@hidden> wrote:
> If the subchannel is already attached or if vfio_get_device() fails, the
> code jumps to the 'out_device_err' label and doesn't free the string it
> has just allocated.
>
> The code should be reworked so that vcdev->vdev.name only gets set when
> the device has been attached, and freed when it is about to be detached.
> This could be achieved with the addition of a vfio_ccw_get_device()
> function that would be the counterpart of vfio_put_device(). But this is
> a more elaborate cleanup that should be done in a follow-up. For now,
> let's just add calls to g_free() on the buggy error paths.
>
> Signed-off-by: Greg Kurz <address@hidden>
> ---
> hw/vfio/ccw.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/hw/vfio/ccw.c b/hw/vfio/ccw.c
> index 4e5855741a64..fe34b507699f 100644
> --- a/hw/vfio/ccw.c
> +++ b/hw/vfio/ccw.c
> @@ -357,11 +357,13 @@ static void vfio_ccw_realize(DeviceState *dev, Error
> **errp)
> if (strcmp(vbasedev->name, vcdev->vdev.name) == 0) {
> error_setg(&err, "vfio: subchannel %s has already been attached",
> vcdev->vdev.name);
> + g_free(vcdev->vdev.name);
> goto out_device_err;
> }
> }
>
> if (vfio_get_device(group, cdev->mdevid, &vcdev->vdev, &err)) {
> + g_free(vcdev->vdev.name);
> goto out_device_err;
> }
>
>
Thanks, applied to s390-fixes.