Message ID | 1401154805-11980-6-git-send-email-arei.gonglei@huawei.com |
---|---|
State | New |
Headers | show |
On Tue, May 27, 2014 at 09:40:02AM +0800, arei.gonglei@huawei.com wrote: > From: Gonglei <arei.gonglei@huawei.com> > > Signed-off-by: Gonglei <arei.gonglei@huawei.com> > --- > qemu-bridge-helper.c | 7 ++++++- > 1 file changed, 6 insertions(+), 1 deletion(-) > > diff --git a/qemu-bridge-helper.c b/qemu-bridge-helper.c > index 6a0974e..dce5abc 100644 > --- a/qemu-bridge-helper.c > +++ b/qemu-bridge-helper.c > @@ -436,7 +436,12 @@ int main(int argc, char **argv) > /* profit! */ > > cleanup: > - > + if (fd >= 0) { > + close(fd); > + } > + if (ctlfd >= 0) { > + close(ctlfd); > + } fd and ctlfd are uninitialized: int fd, ctlfd, unixfd = -1; This patch introduces a read of uninitialized memory and could close a random file descriptor. There wasn't a real leak since this is the main() function and the kernel frees resources when the process terminates. Please either drop this patch or fix it carefully.
> -----Original Message----- > From: Stefan Hajnoczi [mailto:stefanha@redhat.com] > Sent: Tuesday, May 27, 2014 7:32 PM > To: Gonglei (Arei) > Cc: qemu-devel@nongnu.org; av1474@comtv.ru; kraxel@redhat.com; > lcapitulino@redhat.com; lersek@redhat.com; qiaonuohan@cn.fujitsu.com; > afaerber@suse.de; eblake@redhat.com; pbonzini@redhat.com; > mst@redhat.com; Huangweidong (C); peter.crosthwaite@xilinx.com; > kwolf@redhat.com; crobinso@redhat.com; aliguori@amazon.com; > armbru@redhat.com; Luonengjun > Subject: Re: [PATCH 5/8] qemu-bridge-helper: Fix fd leak in main() > > On Tue, May 27, 2014 at 09:40:02AM +0800, arei.gonglei@huawei.com wrote: > > From: Gonglei <arei.gonglei@huawei.com> > > > > Signed-off-by: Gonglei <arei.gonglei@huawei.com> > > --- > > qemu-bridge-helper.c | 7 ++++++- > > 1 file changed, 6 insertions(+), 1 deletion(-) > > > > diff --git a/qemu-bridge-helper.c b/qemu-bridge-helper.c > > index 6a0974e..dce5abc 100644 > > --- a/qemu-bridge-helper.c > > +++ b/qemu-bridge-helper.c > > @@ -436,7 +436,12 @@ int main(int argc, char **argv) > > /* profit! */ > > > > cleanup: > > - > > + if (fd >= 0) { > > + close(fd); > > + } > > + if (ctlfd >= 0) { > > + close(ctlfd); > > + } > > fd and ctlfd are uninitialized: > > int fd, ctlfd, unixfd = -1; > > This patch introduces a read of uninitialized memory and could close a > random file descriptor. > > There wasn't a real leak since this is the main() function and the > kernel frees resources when the process terminates. > > Please either drop this patch or fix it carefully. OK, Thanks. Best regards, -Gonglei
diff --git a/qemu-bridge-helper.c b/qemu-bridge-helper.c index 6a0974e..dce5abc 100644 --- a/qemu-bridge-helper.c +++ b/qemu-bridge-helper.c @@ -436,7 +436,12 @@ int main(int argc, char **argv) /* profit! */ cleanup: - + if (fd >= 0) { + close(fd); + } + if (ctlfd >= 0) { + close(ctlfd); + } while ((acl_rule = QSIMPLEQ_FIRST(&acl_list)) != NULL) { QSIMPLEQ_REMOVE_HEAD(&acl_list, entry); g_free(acl_rule);