From: Mark McLoughlin <markmc@redhat.com>
To: qemu-devel@nongnu.org
Cc: Mark McLoughlin <markmc@redhat.com>, Glauber Costa <glommer@redhat.com>
Subject: [Qemu-devel] [PATCH 04/24] Correctly free nd structure
Date: Wed, 23 Sep 2009 11:24:03 +0100 [thread overview]
Message-ID: <1253701463-3134-5-git-send-email-markmc@redhat.com> (raw)
In-Reply-To: <1253701463-3134-1-git-send-email-markmc@redhat.com>
From: Glauber Costa <glommer@redhat.com>
When we "free" a NICInfo structure, we can leak pointers, since we don't do
much more than setting used = 0.
We free() the model parameter, but we don't set it to NULL. This means that
a new user of this structure will see garbage in there. It was not noticed
before because reusing a NICInfo is not that common, but it can be, for
users of device pci hotplug.
A user hit it, described at https://bugzilla.redhat.com/524022
This patch memset's the whole structure, guaranteeing that anyone reusing it
will see a fresh NICinfo. Also, we free some other strings that are currently
leaking.
This codebase is quite old, so this patch should feed all stable trees.
Signed-off-by: Glauber Costa <glommer@redhat.com>
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
---
net.c | 8 +++++++-
1 files changed, 7 insertions(+), 1 deletions(-)
diff --git a/net.c b/net.c
index d04b6bd..422ef4c 100644
--- a/net.c
+++ b/net.c
@@ -2434,6 +2434,7 @@ int net_client_init(Monitor *mon, const char *device, const char *p)
goto out;
}
nd = &nd_table[idx];
+ memset(nd, 0, sizeof(*nd));
macaddr = nd->macaddr;
macaddr[0] = 0x52;
macaddr[1] = 0x54;
@@ -2803,8 +2804,13 @@ void net_client_uninit(NICInfo *nd)
{
nd->vlan->nb_guest_devs--;
nb_nics--;
- nd->used = 0;
+
qemu_free(nd->model);
+ qemu_free(nd->name);
+ qemu_free(nd->devaddr);
+ qemu_free(nd->id);
+
+ nd->used = 0;
}
static int net_host_check_device(const char *device)
--
1.6.2.5
next prev parent reply other threads:[~2009-09-23 10:25 UTC|newest]
Thread overview: 58+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-09-23 10:23 [Qemu-devel] [PATCH 00/19 v2] Port -net to QemuOpts Mark McLoughlin
2009-09-23 10:24 ` [Qemu-devel] [PATCH 01/24] Use qemu_strdup() for NICInfo string fields Mark McLoughlin
2009-09-23 10:24 ` [Qemu-devel] [PATCH 02/24] Don't assign a static string to NICInfo::model Mark McLoughlin
2009-09-23 10:24 ` [Qemu-devel] [PATCH 03/24] Make NICInfo string fields non-const Mark McLoughlin
2009-09-23 10:24 ` Mark McLoughlin [this message]
2009-09-23 10:24 ` [Qemu-devel] [PATCH 05/24] Use qemu_strdup() for VLANClientState string fields Mark McLoughlin
2009-09-23 10:24 ` [Qemu-devel] [PATCH 06/24] Fix coding style issue Mark McLoughlin
2009-09-23 10:24 ` [Qemu-devel] [PATCH 07/24] Remove bogus error message from qemu_opts_set() Mark McLoughlin
2009-09-23 10:24 ` [Qemu-devel] [PATCH 08/24] Remove double error message in qemu_option_set() Mark McLoughlin
2009-09-23 10:24 ` [Qemu-devel] [PATCH 09/24] Remove double error message for -device option parsing Mark McLoughlin
2009-09-23 10:24 ` [Qemu-devel] [PATCH 10/24] Make qemu_opts_parse() handle empty strings Mark McLoughlin
2009-09-23 10:24 ` [Qemu-devel] [PATCH 11/24] Add qemu_opts_validate() for post parsing validation Mark McLoughlin
2009-09-23 10:24 ` [Qemu-devel] [PATCH 12/24] Never overwrite a QemuOpt Mark McLoughlin
2009-09-23 10:24 ` [Qemu-devel] [PATCH 13/24] Add qemu_net_opts Mark McLoughlin
2009-09-23 10:24 ` [Qemu-devel] [PATCH 14/24] Port -net none and -net nic to QemuOpts Mark McLoughlin
2009-09-23 10:24 ` [Qemu-devel] [PATCH 15/24] Port -net user " Mark McLoughlin
2009-09-23 10:24 ` [Qemu-devel] [PATCH 16/24] Port -net tap " Mark McLoughlin
2009-09-30 19:41 ` Anthony Liguori
2009-10-01 6:43 ` Mark McLoughlin
2009-09-23 10:24 ` [Qemu-devel] [PATCH 17/24] Port -net socket " Mark McLoughlin
2009-09-23 10:24 ` [Qemu-devel] [PATCH 18/24] Port -net vde " Mark McLoughlin
2009-09-23 10:24 ` [Qemu-devel] [PATCH 19/24] Port -net dump " Mark McLoughlin
2009-09-23 10:24 ` [Qemu-devel] [PATCH 20/24] Clean up legacy code in net_client_init() Mark McLoughlin
2009-09-23 10:24 ` [Qemu-devel] [PATCH 21/24] Port host_net_add monitor command to QemuOpts Mark McLoughlin
2009-09-23 10:24 ` [Qemu-devel] [PATCH 22/24] Port usb net " Mark McLoughlin
2009-09-23 10:24 ` [Qemu-devel] [PATCH 23/24] Port PCI NIC hotplug " Mark McLoughlin
2009-09-23 10:24 ` [Qemu-devel] [PATCH 24/24] Final net cleanup after conversion " Mark McLoughlin
2009-09-23 15:58 ` [Qemu-devel] [PATCH 00/19 v2] Port -net " Mark McLoughlin
2009-09-30 10:33 ` Mark McLoughlin
2009-10-06 11:16 ` [Qemu-devel] [PATCH 00/19 v3] " Mark McLoughlin
2009-10-06 11:16 ` [Qemu-devel] [PATCH] Register rtc options for -set Mark McLoughlin
2009-10-06 11:16 ` [Qemu-devel] [PATCH] Use qemu_strdup() for NICInfo string fields Mark McLoughlin
2009-10-06 11:16 ` [Qemu-devel] [PATCH] Don't assign a static string to NICInfo::model Mark McLoughlin
2009-10-06 11:16 ` [Qemu-devel] [PATCH] Make NICInfo string fields non-const Mark McLoughlin
2009-10-06 19:19 ` Anthony Liguori
2009-10-06 11:16 ` [Qemu-devel] [PATCH] Move memset() from net_client_uninit() to net_client_init() Mark McLoughlin
2009-10-06 11:16 ` [Qemu-devel] [PATCH] Use qemu_strdup() for VLANClientState string fields Mark McLoughlin
2009-10-06 11:16 ` [Qemu-devel] [PATCH] Make net_client_init() consume slirp_configs even on error Mark McLoughlin
2009-10-06 11:16 ` [Qemu-devel] [PATCH] Don't exit() in config_error() Mark McLoughlin
2009-10-06 11:16 ` [Qemu-devel] [PATCH] Drop config_error(), use qemu_error() instead Mark McLoughlin
2009-10-06 11:16 ` [Qemu-devel] [PATCH] Remove bogus error message from qemu_opts_set() Mark McLoughlin
2009-10-06 11:17 ` [Qemu-devel] [PATCH] Remove double error message in qemu_option_set() Mark McLoughlin
2009-10-06 11:17 ` [Qemu-devel] [PATCH] Remove double error message for -device option parsing Mark McLoughlin
2009-10-06 11:17 ` [Qemu-devel] [PATCH] Make qemu_opts_parse() handle empty strings Mark McLoughlin
2009-10-06 11:17 ` [Qemu-devel] [PATCH] Add qemu_opts_validate() for post parsing validation Mark McLoughlin
2009-10-06 11:17 ` [Qemu-devel] [PATCH] Never overwrite a QemuOpt Mark McLoughlin
2009-10-06 11:17 ` [Qemu-devel] [PATCH] Add qemu_net_opts Mark McLoughlin
2009-10-06 11:17 ` [Qemu-devel] [PATCH] Port -net none and -net nic to QemuOpts Mark McLoughlin
2009-10-06 11:17 ` [Qemu-devel] [PATCH] Port -net user " Mark McLoughlin
2009-10-06 11:17 ` [Qemu-devel] [PATCH] Port -net tap " Mark McLoughlin
2009-10-06 11:17 ` [Qemu-devel] [PATCH] Port -net socket " Mark McLoughlin
2009-10-06 11:17 ` [Qemu-devel] [PATCH] Port -net vde " Mark McLoughlin
2009-10-06 11:17 ` [Qemu-devel] [PATCH] Port -net dump " Mark McLoughlin
2009-10-06 11:17 ` [Qemu-devel] [PATCH] Clean up legacy code in net_client_init() Mark McLoughlin
2009-10-06 11:17 ` [Qemu-devel] [PATCH] Port host_net_add monitor command to QemuOpts Mark McLoughlin
2009-10-06 11:17 ` [Qemu-devel] [PATCH] Port usb net " Mark McLoughlin
2009-10-06 11:17 ` [Qemu-devel] [PATCH] Port PCI NIC hotplug " Mark McLoughlin
2009-10-06 11:17 ` [Qemu-devel] [PATCH] Final net cleanup after conversion " Mark McLoughlin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1253701463-3134-5-git-send-email-markmc@redhat.com \
--to=markmc@redhat.com \
--cc=glommer@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.