| Message ID | 57ea5f06.821e6b0a.4ee38.31ea@mx.google.com |
|---|---|
| State | New |
| Headers | show |
On Tue, 27 Sep 2016 04:58:46 -0700 Li Qiang <liq3ea@gmail.com> wrote: > From: Li Qiang <liqiang6-s@360.cn> > > In 9pfs read dispatch function, it doesn't free two QEMUIOVector > object thus causing potential memory leak. This patch avoid this. > > Signed-off-by: Li Qiang <liqiang6-s@360.cn> > --- When you post an updated version of a patch, you should: - add a version in the subject [PATCH v2] 9pfs: fix potential host memory leak in v9fs_read - list the changes since the previous version under the --- after your Signed-off-by Anyway, the change is ok, I'll push this to my tree. Thanks. -- Greg > hw/9pfs/9p.c | 5 +++-- > 1 file changed, 3 insertions(+), 2 deletions(-) > > diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c > index 119ee58..543a791 100644 > --- a/hw/9pfs/9p.c > +++ b/hw/9pfs/9p.c > @@ -1826,14 +1826,15 @@ static void v9fs_read(void *opaque) > if (len < 0) { > /* IO error return the error */ > err = len; > - goto out; > + goto out_free_iovec; > } > } while (count < max_count && len > 0); > err = pdu_marshal(pdu, offset, "d", count); > if (err < 0) { > - goto out; > + goto out_free_iovec; > } > err += offset + count; > +out_free_iovec: > qemu_iovec_destroy(&qiov); > qemu_iovec_destroy(&qiov_full); > } else if (fidp->fid_type == P9_FID_XATTR) {
On Tue, 27 Sep 2016 04:58:46 -0700 Li Qiang <liq3ea@gmail.com> wrote: > From: Li Qiang <liqiang6-s@360.cn> > > In 9pfs read dispatch function, it doesn't free two QEMUIOVector > object thus causing potential memory leak. This patch avoid this. > > Signed-off-by: Li Qiang <liqiang6-s@360.cn> > --- Reviewed-by: Greg Kurz <groug@kaod.org> > hw/9pfs/9p.c | 5 +++-- > 1 file changed, 3 insertions(+), 2 deletions(-) > > diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c > index 119ee58..543a791 100644 > --- a/hw/9pfs/9p.c > +++ b/hw/9pfs/9p.c > @@ -1826,14 +1826,15 @@ static void v9fs_read(void *opaque) > if (len < 0) { > /* IO error return the error */ > err = len; > - goto out; > + goto out_free_iovec; > } > } while (count < max_count && len > 0); > err = pdu_marshal(pdu, offset, "d", count); > if (err < 0) { > - goto out; > + goto out_free_iovec; > } > err += offset + count; > +out_free_iovec: > qemu_iovec_destroy(&qiov); > qemu_iovec_destroy(&qiov_full); > } else if (fidp->fid_type == P9_FID_XATTR) {
diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c index 119ee58..543a791 100644 --- a/hw/9pfs/9p.c +++ b/hw/9pfs/9p.c @@ -1826,14 +1826,15 @@ static void v9fs_read(void *opaque) if (len < 0) { /* IO error return the error */ err = len; - goto out; + goto out_free_iovec; } } while (count < max_count && len > 0); err = pdu_marshal(pdu, offset, "d", count); if (err < 0) { - goto out; + goto out_free_iovec; } err += offset + count; +out_free_iovec: qemu_iovec_destroy(&qiov); qemu_iovec_destroy(&qiov_full); } else if (fidp->fid_type == P9_FID_XATTR) {