| Message ID | 54C21610.7090808@sunrus.com.cn |
|---|---|
| State | New |
| Headers | show |
On 1/23/15 17:36, Chen Gang S wrote: > When failure occurs during allocating vec[i], also need free all > allocated vec[i] in failure processing code block before return. > > If error is EFAULT when "i == 0", vec[i].iov_base is NULL, then can just > skip it, so can still use "while (--i >= 0)" for the free looping. > > Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com> > --- > linux-user/syscall.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/linux-user/syscall.c b/linux-user/syscall.c > index 290fdea..e6a8e49 100644 > --- a/linux-user/syscall.c > +++ b/linux-user/syscall.c > @@ -1873,6 +1873,11 @@ static struct iovec *lock_iovec(int type, abi_ulong target_addr, > return vec; > > fail: > + while (--i >= 0) { > + if (tswapal(vec[i].iov_len) > 0) { > + unlock_user(vec[i].iov_base, base, 0); Oh, sorry, base is undefined here. I shall send patch v2 for it. > + } > + } > unlock_user(target_vec, target_addr, 0); > fail2: > free(vec); >
diff --git a/linux-user/syscall.c b/linux-user/syscall.c index 290fdea..e6a8e49 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -1873,6 +1873,11 @@ static struct iovec *lock_iovec(int type, abi_ulong target_addr, return vec; fail: + while (--i >= 0) { + if (tswapal(vec[i].iov_len) > 0) { + unlock_user(vec[i].iov_base, base, 0); + } + } unlock_user(target_vec, target_addr, 0); fail2: free(vec);
When failure occurs during allocating vec[i], also need free all allocated vec[i] in failure processing code block before return. If error is EFAULT when "i == 0", vec[i].iov_base is NULL, then can just skip it, so can still use "while (--i >= 0)" for the free looping. Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com> --- linux-user/syscall.c | 5 +++++ 1 file changed, 5 insertions(+)