[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] 9pfs: fix potential host memory leak in v9fs_re
From: |
Greg Kurz |
Subject: |
Re: [Qemu-devel] [PATCH] 9pfs: fix potential host memory leak in v9fs_read |
Date: |
Tue, 27 Sep 2016 10:14:10 +0200 |
On Mon, 26 Sep 2016 21:42:26 -0700
Li Qiang <address@hidden> wrote:
> From: Li Qiang <address@hidden>
>
> In 9pfs read dispatch function, it doesn't free two QEMUIOVector
> object thus causing potential memory leak. This patch avoid this.
>
Good catch for the leak, but I'd prefer another fix. See below.
> Signed-off-by: Li Qiang <address@hidden>
> ---
> hw/9pfs/9p.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
> index d960a2e..b1ff8e7 100644
> --- a/hw/9pfs/9p.c
> +++ b/hw/9pfs/9p.c
> @@ -1830,12 +1830,16 @@ static void v9fs_read(void *opaque)
> } while (len == -EINTR && !pdu->cancelled);
> if (len < 0) {
> /* IO error return the error */
> + qemu_iovec_destroy(&qiov);
> + qemu_iovec_destroy(&qiov_full);
We already have these lines at the end of the code block for
type P9_FID_FILE.
Let's introduce an out_free_iovec: label and...
> err = len;
> goto out;
goto out_free_iovec;
> }
> } while (count < max_count && len > 0);
> err = pdu_marshal(pdu, offset, "d", count);
> if (err < 0) {
> + qemu_iovec_destroy(&qiov);
> + qemu_iovec_destroy(&qiov_full);
> goto out;
Same here.
> }
> err += offset + count;
As a valuable side effect, the error will be traced :)
Cheers.
--
Greg