|
From: | Jason Wang |
Subject: | Re: [Qemu-devel] [PATCH V2] net/colo-compare.c: Fix memory leak and code style issue. |
Date: | Thu, 11 Jul 2019 17:17:57 +0800 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.7.2 |
On 2019/7/10 下午3:50, Zhang, Chen wrote:
-----Original Message----- From: Jason Wang [mailto:address@hidden] Sent: Tuesday, July 9, 2019 10:48 PM To: Zhang, Chen <address@hidden>; Li Zhijian <address@hidden>; Peter Maydell <address@hidden>; qemu-dev <qemu- address@hidden> Cc: Zhang Chen <address@hidden> Subject: Re: [Qemu-devel] [PATCH V2] net/colo-compare.c: Fix memory leak and code style issue. On 2019/7/4 下午4:36, Zhang Chen wrote:From: Zhang Chen <address@hidden> This patch to fix the origin "char *data" menory leak, code style issue and add necessary check here. Reported-by: Coverity (CID 1402785) Signed-off-by: Zhang Chen <address@hidden> --- net/colo-compare.c | 28 +++++++++++++++++++++------- 1 file changed, 21 insertions(+), 7 deletions(-) diff --git a/net/colo-compare.c b/net/colo-compare.c index 909dd6c6eb..ed349f5f6a 100644 --- a/net/colo-compare.c +++ b/net/colo-compare.c @@ -127,6 +127,17 @@ static int compare_chr_send(CompareState *s, uint32_t vnet_hdr_len, bool notify_remote_frame); +static bool packet_matches_str(const char *str, + uint8_t *buf, + uint32_t packet_len) { + if (packet_len <= strlen(str)) { + return false; + } + + return !memcmp(str, buf, strlen(str) + 1);This assumes buf is NULL terminated (you pass notify_rs->buf) which is not correct I think?Yes, you are right. How about this: static bool packet_matches_str(const char *str, uint8_t *buf, uint32_t packet_len) { if (packet_len != strlen(str) || !buf) { return false; }
When can we hit !buf? Thanks
return !memcmp(str, buf, strlen(str)); } Thanks Zhang ChenThanks+} + static void notify_remote_frame(CompareState *s) { char msg[] = "DO_CHECKPOINT"; @@ -1008,21 +1019,24 @@ static voidcompare_notify_rs_finalize(SocketReadState *notify_rs){ CompareState *s = container_of(notify_rs, CompareState, notify_rs); - /* Get Xen colo-frame's notify and handle the message */ - char *data = g_memdup(notify_rs->buf, notify_rs->packet_len); - char msg[] = "COLO_COMPARE_GET_XEN_INIT"; + const char msg[] = "COLO_COMPARE_GET_XEN_INIT"; int ret; - if (!strcmp(data, "COLO_USERSPACE_PROXY_INIT")) { + if (packet_matches_str("COLO_USERSPACE_PROXY_INIT", + notify_rs->buf, + notify_rs->packet_len)) { ret = compare_chr_send(s, (uint8_t *)msg, strlen(msg), 0, true); if (ret < 0) { error_report("Notify Xen COLO-frame INIT failed"); } - } - - if (!strcmp(data, "COLO_CHECKPOINT")) { + } else if (packet_matches_str("COLO_CHECKPOINT", + notify_rs->buf, + notify_rs->packet_len)) { /* colo-compare do checkpoint, flush pri packet and remove sec packet*/g_queue_foreach(&s->conn_list, colo_flush_packets, s); + } else { + error_report("COLO compare got unsupported instruction '%s'", + (char *)notify_rs->buf); } }
[Prev in Thread] | Current Thread | [Next in Thread] |