qemu/scripts
Luiz Capitulino 8f91ad8a1b qapi: qapi-commands: fix possible leaks on visitor dealloc
In qmp-marshal.c the dealloc visitor calls use the same errp
pointer of the input visitor calls. This means that if any of
the input visitor calls fails, then the dealloc visitor will
return early, before freeing the object's memory.

Here's an example, consider this code:

int qmp_marshal_input_block_passwd(Monitor *mon, const QDict *qdict, QObject **ret)
{
	[...]

    char * device = NULL;
    char * password = NULL;

    mi = qmp_input_visitor_new_strict(QOBJECT(args));
    v = qmp_input_get_visitor(mi);
    visit_type_str(v, &device, "device", errp);
    visit_type_str(v, &password, "password", errp);
    qmp_input_visitor_cleanup(mi);

    if (error_is_set(errp)) {
        goto out;
    }
    qmp_block_passwd(device, password, errp);

out:
    md = qapi_dealloc_visitor_new();
    v = qapi_dealloc_get_visitor(md);
    visit_type_str(v, &device, "device", errp);
    visit_type_str(v, &password, "password", errp);
    qapi_dealloc_visitor_cleanup(md);

	[...]

    return 0;
}

Consider errp != NULL when the out label is reached, we're going
to leak device and password.

This patch fixes this by always passing errp=NULL for dealloc
visitors, meaning that we always try to free them regardless of
any previous failure. The above example would then be:

out:
    md = qapi_dealloc_visitor_new();
    v = qapi_dealloc_get_visitor(md);
    visit_type_str(v, &device, "device", NULL);
    visit_type_str(v, &password, "password", NULL);
    qapi_dealloc_visitor_cleanup(md);

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com>
2013-07-16 09:15:06 -04:00
..
kvm vmxcap: Update according to SDM of January 2013 2013-04-17 23:27:24 -03:00
qemu-guest-agent qemu-ga: sample fsfreeze hooks 2013-01-08 16:38:12 -06:00
tracetool trace: Add ftrace tracing backend 2013-05-03 13:58:09 +02:00
analyse-9p-simpletrace.py
check-qerror.sh
checkpatch.pl CHECKPATCH: Add warning for single else statement. 2012-09-05 19:17:49 +00:00
create_config main: use TARGET_ARCH only for the target-specific #define 2013-06-14 15:33:11 +01:00
feature_to_c.sh exec: move include files to include/exec/ 2012-12-19 08:31:31 +01:00
get_maintainer.pl get_maintainer.pl: update from linix 3.8 2012-12-12 23:41:03 +02:00
gtester-cat
hxtool
make_device_config.sh make_device_config.sh: Emit dependency file to directory where included 2013-03-09 12:00:03 +00:00
make-release build: add make dist target (v2) 2012-07-17 15:43:16 -05:00
ordereddict.py
qapi-commands.py qapi: qapi-commands: fix possible leaks on visitor dealloc 2013-07-16 09:15:06 -04:00
qapi-types.py qapi: pad GenericList value fields to 64 bits 2013-05-30 09:08:38 -04:00
qapi-visit.py qapi: qapi-visit.py, native list support 2013-05-23 09:44:20 -04:00
qapi.py qapi.py: Allow top-level type reference for command definitions 2013-07-10 13:39:37 -04:00
qemu-binfmt-conf.sh
qemu-gdb.py
qtest
refresh-pxe-roms.sh
signrom.py
simpletrace.py trace: Fix "Qemu" -> "QEMU" 2012-08-15 15:18:54 +01:00
texi2pod.pl
tracetool.py build: do not use TARGET_ARCH 2013-06-14 15:33:10 +01:00
update-linux-headers.sh powerpc: linux header sync script includes epapr_hcalls.h 2013-01-07 17:37:09 +01:00