From: Ian Campbell <ian.campbell@citrix.com>
To: "Roger Pau Monné" <roger.pau@citrix.com>
Cc: xen-devel <xen-devel@lists.xen.org>
Subject: Leak in xc_dom_load_hvm_kernel() (Was; Re: New Defects reported by Coverity Scan for XenProject)
Date: Wed, 3 Feb 2016 10:39:11 +0000 [thread overview]
Message-ID: <1454495951.25207.52.camel@citrix.com> (raw)
In-Reply-To: <56b180c017d5f_214fb5b3143623f@ss1435.mail>
Roger,
On Tue, 2016-02-02 at 20:23 -0800, scan-admin@coverity.com wrote:
> ** CID 1351227: (RESOURCE_LEAK)
> /tools/libxc/xc_dom_hvmloader.c: 260 in xc_dom_load_hvm_kernel()
> /tools/libxc/xc_dom_hvmloader.c: 270 in xc_dom_load_hvm_kernel()
> /tools/libxc/xc_dom_hvmloader.c: 277 in xc_dom_load_hvm_kernel()
Looks like this came from ad787bafcd2a3058f0f37f2fe84931bd5136bde9?
> ________________________________________________________________________________________________________
> *** CID 1351227: (RESOURCE_LEAK)
> /tools/libxc/xc_dom_hvmloader.c: 260 in xc_dom_load_hvm_kernel()
> 254 elf->dest_size = pages * XC_DOM_PAGE_SIZE(dom);
> 255
> 256 rc = elf_load_binary(elf);
> 257 if ( rc < 0 )
> 258 {
> 259 DOMPRINTF("%s: failed to load elf binary", __func__);
> >>> CID 1351227: (RESOURCE_LEAK)
> >>> Variable "entries" going out of scope leaks the storage it points to.
> 260 return rc;
> 261 }
> 262
> 263 munmap(elf->dest_base, elf->dest_size);
> 264
> 265 rc = modules_init(dom, dom->total_pages << PAGE_SHIFT, elf, &m_start,
> /tools/libxc/xc_dom_hvmloader.c: 270 in xc_dom_load_hvm_kernel()
> 264
> 265 rc = modules_init(dom, dom->total_pages << PAGE_SHIFT, elf, &m_start,
> 266 &m_end);
> 267 if ( rc != 0 )
> 268 {
> 269 DOMPRINTF("%s: insufficient space to load modules.", __func__);
> >>> CID 1351227: (RESOURCE_LEAK)
> >>> Variable "entries" going out of scope leaks the storage it points to.
> 270 return rc;
> 271 }
> 272
> 273 rc = loadmodules(dom, m_start, m_end, dom->guest_domid);
> 274 if ( rc != 0 )
> 275 {
> /tools/libxc/xc_dom_hvmloader.c: 277 in xc_dom_load_hvm_kernel()
> 271 }
> 272
> 273 rc = loadmodules(dom, m_start, m_end, dom->guest_domid);
> 274 if ( rc != 0 )
> 275 {
> 276 DOMPRINTF("%s: unable to load modules.", __func__);
> >>> CID 1351227: (RESOURCE_LEAK)
> >>> Variable "entries" going out of scope leaks the storage it points to.
> 277 return rc;
> 278 }
> 279
> 280 dom->parms.phys_entry = elf_uval(elf, elf->ehdr, e_entry);
> 281
> 282 free(entries);
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
next prev parent reply other threads:[~2016-02-03 10:39 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <56b180c017d5f_214fb5b3143623f@ss1435.mail>
2016-02-03 10:37 ` Leaks in xc_tbuf_get_size() (Was: Re: New Defects reported by Coverity Scan for XenProject) Ian Campbell
2016-02-03 10:42 ` Andrew Cooper
2016-02-03 10:54 ` Ian Campbell
2016-02-03 14:21 ` George Dunlap
2016-02-03 10:39 ` Ian Campbell [this message]
2016-02-03 10:59 ` [PATCH] libxc: fix leak in xc_dom_load_hvm_kernel error path Roger Pau Monne
2016-02-03 11:49 ` Ian Campbell
2016-02-03 10:45 ` missing lock in percpu_rwlock? (Was: Re: New Defects reported by Coverity Scan for XenProject) Ian Campbell
2016-02-03 10:47 ` Ian Campbell
2016-02-03 10:50 ` Andrew Cooper
2016-02-03 11:00 ` Ian Campbell
2016-02-03 12:21 ` Andrew Cooper
2016-02-03 12:24 ` Andrew Cooper
2016-02-03 12:32 ` Ian Campbell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1454495951.25207.52.camel@citrix.com \
--to=ian.campbell@citrix.com \
--cc=roger.pau@citrix.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.