[Libvirt-cim] [PATCH] acl_parsing: Fixing potential leaks
Eduardo Lima (Etrunko)
eblima at linux.vnet.ibm.com
Wed Aug 10 19:53:49 UTC 2011
# HG changeset patch
# User Eduardo Lima (Etrunko) <eblima at br.ibm.com>
# Date 1313005735 10800
# Node ID 2b1b79a72ab0288d649399118dffce26fd05e066
# Parent 8759e60c17c42101118f914215d071138340c70f
acl_parsing: Fixing potential leaks
Also adds missing checks for errors in some function calls.
As reported in https://bugzilla.redhat.com/show_bug.cgi?id=728245
line 144 - Function cleanup_filter does not free its parameter filter (this
causes a lot of Coverity Resource leak warnings).
line 397 - Dynamically allocated variable rule is not freed in function
parse_acl_filter as a result of line #399.
line 630 - Function "malloc" without NULL check.
line 659 - Function "malloc" without NULL check.
Signed-off-by: Eduardo Lima (Etrunko) <eblima at br.ibm.com>
diff --git a/libxkutil/acl_parsing.c b/libxkutil/acl_parsing.c
--- a/libxkutil/acl_parsing.c
+++ b/libxkutil/acl_parsing.c
@@ -139,6 +139,7 @@
};
rule->type = UNKNOWN_RULE;
+ free(rule);
}
void cleanup_filter(struct acl_filter *filter)
@@ -152,10 +153,8 @@
free(filter->name);
free(filter->chain);
- for (i = 0; i < filter->rule_ct; i++) {
+ for (i = 0; i < filter->rule_ct; i++)
cleanup_rule(filter->rules[i]);
- free(filter->rules[i]);
- }
free(filter->rules);
filter->rule_ct = 0;
@@ -401,14 +400,16 @@
if (parse_acl_rule(child, rule) == 0)
goto err;
- append_filter_rule(filter, rule);
+ if (append_filter_rule(filter, rule) == 0)
+ goto err;
}
else if (XSTREQ(child->name, "filterref")) {
filter_ref = get_attr_value(child, "filter");
if (filter_ref == NULL)
goto err;
- append_filter_ref(filter, filter_ref);
+ if (append_filter_ref(filter, filter_ref) == 0)
+ goto err;
}
}
@@ -440,14 +441,15 @@
if (xmldoc == NULL)
goto err;
- *filter = malloc(sizeof(**filter));
+ *filter = calloc(1, sizeof(**filter));
if (*filter == NULL)
goto err;
- memset(*filter, 0, sizeof(**filter));
- parse_acl_filter(xmldoc->children, *filter);
-
- ret = 1;
+ ret = parse_acl_filter(xmldoc->children, *filter);
+ if (ret == 0) {
+ free(*filter);
+ *filter = NULL;
+ }
err:
xmlSetGenericErrorFunc(NULL, NULL);
@@ -508,9 +510,7 @@
if (xml == NULL)
return 0;
- get_filter_from_xml(xml, filter);
-
- return 1;
+ return get_filter_from_xml(xml, filter);
#else
return 0;
#endif
@@ -534,7 +534,8 @@
virConnectListNWFilters(conn, names, count);
- filters = malloc(count * sizeof(struct acl_filter));
+ filters = calloc(count, sizeof(*filters));
+
if (filters == NULL)
goto err;
@@ -542,7 +543,8 @@
{
struct acl_filter *filter = NULL;
- get_filter_by_name(conn, names[i], &filter);
+ if (get_filter_by_name(conn, names[i], &filter) == 0)
+ break;
memcpy(&filters[i], filter, sizeof(*filter));
}
@@ -630,6 +632,12 @@
filter->rules =
malloc((filter->rule_ct + 1) * sizeof(struct acl_rule *));
+ if (filter->rules == NULL) {
+ CU_DEBUG("Failed to allocate memory for new rule");
+ filter->rules = old_rules;
+ return 0;
+ }
+
memcpy(filter->rules,
old_rules,
filter->rule_ct * sizeof(struct acl_rule *));
@@ -657,6 +665,13 @@
old_refs = filter->refs;
filter->refs = malloc((filter->ref_ct + 1) * sizeof(char *));
+
+ if (filter->refs == NULL) {
+ CU_DEBUG("Failed to allocate memory for new ref");
+ filter->refs = old_refs;
+ return 0;
+ }
+
memcpy(filter->refs, old_refs, filter->ref_ct * sizeof(char *));
filter->refs[filter->ref_ct] = name;
@@ -682,8 +697,9 @@
if (STREQC(old_refs[i], name)) {
free(old_refs[i]);
}
- else
- append_filter_ref(filter, old_refs[i]);
+ else if(append_filter_ref(filter, old_refs[i]) == 0) {
+ return 0;
+ }
}
return 1;
More information about the Libvirt-cim
mailing list