Patchwork [1/3] rbd: fix leak in failure path

login
register
mail settings
Submitter Sage Weil
Date Aug. 23, 2011, 4:28 p.m.
Message ID <1314116912-28685-1-git-send-email-sage@newdream.net>
Download mbox | patch
Permalink /patch/111146/
State New
Headers show

Comments

Sage Weil - Aug. 23, 2011, 4:28 p.m.
Fix leak of s->snap when rados_create fails.

Reported-by: Stefan Hajnoczi <stefanha@gmail.com>
Signed-off-by: Sage Weil <sage@newdream.net>
---
 block/rbd.c |    9 +++++----
 1 files changed, 5 insertions(+), 4 deletions(-)
Stefan Hajnoczi - Sept. 2, 2011, 2:10 p.m.
On Tue, Aug 23, 2011 at 5:28 PM, Sage Weil <sage@newdream.net> wrote:
> Fix leak of s->snap when rados_create fails.
>
> Reported-by: Stefan Hajnoczi <stefanha@gmail.com>
> Signed-off-by: Sage Weil <sage@newdream.net>
> ---
>  block/rbd.c |    9 +++++----
>  1 files changed, 5 insertions(+), 4 deletions(-)
>
> diff --git a/block/rbd.c b/block/rbd.c
> index d5659cd..52b79fa 100644
> --- a/block/rbd.c
> +++ b/block/rbd.c
> @@ -393,10 +393,6 @@ static int qemu_rbd_open(BlockDriverState *bs, const char *filename, int flags)
>                            conf, sizeof(conf)) < 0) {
>         return -EINVAL;
>     }
> -    s->snap = NULL;
> -    if (snap_buf[0] != '\0') {
> -        s->snap = qemu_strdup(snap_buf);
> -    }
>
>     r = rados_create(&s->cluster, NULL);
>     if (r < 0) {
> @@ -404,6 +400,11 @@ static int qemu_rbd_open(BlockDriverState *bs, const char *filename, int flags)
>         return r;
>     }
>
> +    s->snap = NULL;
> +    if (snap_buf[0] != '\0') {
> +        s->snap = qemu_strdup(snap_buf);
> +    }
> +
>     if (strstr(conf, "conf=") == NULL) {
>         r = rados_conf_read_file(s->cluster, NULL);
>         if (r < 0) {

I think s->snap is still leaked when any other error return in this
function is taken.

Stefan

Patch

diff --git a/block/rbd.c b/block/rbd.c
index d5659cd..52b79fa 100644
--- a/block/rbd.c
+++ b/block/rbd.c
@@ -393,10 +393,6 @@  static int qemu_rbd_open(BlockDriverState *bs, const char *filename, int flags)
                            conf, sizeof(conf)) < 0) {
         return -EINVAL;
     }
-    s->snap = NULL;
-    if (snap_buf[0] != '\0') {
-        s->snap = qemu_strdup(snap_buf);
-    }
 
     r = rados_create(&s->cluster, NULL);
     if (r < 0) {
@@ -404,6 +400,11 @@  static int qemu_rbd_open(BlockDriverState *bs, const char *filename, int flags)
         return r;
     }
 
+    s->snap = NULL;
+    if (snap_buf[0] != '\0') {
+        s->snap = qemu_strdup(snap_buf);
+    }
+
     if (strstr(conf, "conf=") == NULL) {
         r = rados_conf_read_file(s->cluster, NULL);
         if (r < 0) {