All of lore.kernel.org
 help / color / mirror / Atom feed
* [Qemu-trivial] [PATCH] hw/bt/sdp: Fix resource leak detect by coverity
@ 2015-03-14  3:42 ` Shannon Zhao
  0 siblings, 0 replies; 8+ messages in thread
From: Shannon Zhao @ 2015-03-14  3:42 UTC (permalink / raw)
  To: qemu-devel
  Cc: peter.maydell, hangaohuai, qemu-trivial, mjt, peter.huangpeng,
	shannon.zhao, pbonzini

Free data in function sdp_attr_write after use.

Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
---
 hw/bt/sdp.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/hw/bt/sdp.c b/hw/bt/sdp.c
index 218e075..8e6d5e3 100644
--- a/hw/bt/sdp.c
+++ b/hw/bt/sdp.c
@@ -735,6 +735,7 @@ static void sdp_service_record_build(struct sdp_service_record_s *record,
         record->attribute_list[record->attributes ++].len = len;
         data += len;
     }
+    g_free(data);
 
     /* Sort the attribute list by the AttributeID */
     qsort(record->attribute_list, record->attributes,
-- 
1.8.3.1




^ permalink raw reply related	[flat|nested] 8+ messages in thread
* [Qemu-devel] [PATCH] hw/bt/sdp: Fix resource leak detect by coverity
@ 2015-03-14  3:42 ` Shannon Zhao
  0 siblings, 0 replies; 8+ messages in thread
From: Shannon Zhao @ 2015-03-14  3:42 UTC (permalink / raw)
  To: qemu-devel
  Cc: peter.maydell, hangaohuai, qemu-trivial, mjt, peter.huangpeng,
	shannon.zhao, pbonzini

Free data in function sdp_attr_write after use.

Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
---
 hw/bt/sdp.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/hw/bt/sdp.c b/hw/bt/sdp.c
index 218e075..8e6d5e3 100644
--- a/hw/bt/sdp.c
+++ b/hw/bt/sdp.c
@@ -735,6 +735,7 @@ static void sdp_service_record_build(struct sdp_service_record_s *record,
         record->attribute_list[record->attributes ++].len = len;
         data += len;
     }
+    g_free(data);
 
     /* Sort the attribute list by the AttributeID */
     qsort(record->attribute_list, record->attributes,
-- 
1.8.3.1

^ permalink raw reply related	[flat|nested] 8+ messages in thread
* Re: [Qemu-trivial] [Qemu-devel] [PATCH] hw/bt/sdp: Fix resource leak detect by coverity
  2015-03-14  3:42 ` [Qemu-devel] " Shannon Zhao
@ 2015-03-14  6:57   ` Stefan Weil
  -1 siblings, 0 replies; 8+ messages in thread
From: Stefan Weil @ 2015-03-14  6:57 UTC (permalink / raw)
  To: Shannon Zhao, qemu-devel
  Cc: peter.maydell, hangaohuai, qemu-trivial, mjt, peter.huangpeng,
	shannon.zhao, pbonzini

Am 14.03.2015 um 04:42 schrieb Shannon Zhao:
> Free data in function sdp_attr_write after use.
>
> Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
> Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
> ---
>   hw/bt/sdp.c | 1 +
>   1 file changed, 1 insertion(+)
>
> diff --git a/hw/bt/sdp.c b/hw/bt/sdp.c
> index 218e075..8e6d5e3 100644
> --- a/hw/bt/sdp.c
> +++ b/hw/bt/sdp.c
> @@ -735,6 +735,7 @@ static void sdp_service_record_build(struct sdp_service_record_s *record,
>           record->attribute_list[record->attributes ++].len = len;
>           data += len;
>       }
> +    g_free(data);

No, here more work is needed. data is no longer the original data,
because two lines above it is modified.

>   
>       /* Sort the attribute list by the AttributeID */
>       qsort(record->attribute_list, record->attributes,



^ permalink raw reply	[flat|nested] 8+ messages in thread
* Re: [Qemu-devel] [PATCH] hw/bt/sdp: Fix resource leak detect by coverity
@ 2015-03-14  6:57   ` Stefan Weil
  0 siblings, 0 replies; 8+ messages in thread
From: Stefan Weil @ 2015-03-14  6:57 UTC (permalink / raw)
  To: Shannon Zhao, qemu-devel
  Cc: peter.maydell, hangaohuai, qemu-trivial, mjt, peter.huangpeng,
	shannon.zhao, pbonzini

Am 14.03.2015 um 04:42 schrieb Shannon Zhao:
> Free data in function sdp_attr_write after use.
>
> Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
> Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
> ---
>   hw/bt/sdp.c | 1 +
>   1 file changed, 1 insertion(+)
>
> diff --git a/hw/bt/sdp.c b/hw/bt/sdp.c
> index 218e075..8e6d5e3 100644
> --- a/hw/bt/sdp.c
> +++ b/hw/bt/sdp.c
> @@ -735,6 +735,7 @@ static void sdp_service_record_build(struct sdp_service_record_s *record,
>           record->attribute_list[record->attributes ++].len = len;
>           data += len;
>       }
> +    g_free(data);

No, here more work is needed. data is no longer the original data,
because two lines above it is modified.

>   
>       /* Sort the attribute list by the AttributeID */
>       qsort(record->attribute_list, record->attributes,

^ permalink raw reply	[flat|nested] 8+ messages in thread
* Re: [Qemu-trivial] [Qemu-devel] [PATCH] hw/bt/sdp: Fix resource leak detect by coverity
  2015-03-14  6:57   ` Stefan Weil
@ 2015-03-14  9:15     ` Shannon Zhao
  -1 siblings, 0 replies; 8+ messages in thread
From: Shannon Zhao @ 2015-03-14  9:15 UTC (permalink / raw)
  To: Stefan Weil, qemu-devel
  Cc: peter.maydell, hangaohuai, qemu-trivial, mjt, peter.huangpeng,
	shannon.zhao, pbonzini

On 2015/3/14 14:57, Stefan Weil wrote:
> Am 14.03.2015 um 04:42 schrieb Shannon Zhao:
>> Free data in function sdp_attr_write after use.
>>
>> Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
>> Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
>> ---
>>   hw/bt/sdp.c | 1 +
>>   1 file changed, 1 insertion(+)
>>
>> diff --git a/hw/bt/sdp.c b/hw/bt/sdp.c
>> index 218e075..8e6d5e3 100644
>> --- a/hw/bt/sdp.c
>> +++ b/hw/bt/sdp.c
>> @@ -735,6 +735,7 @@ static void sdp_service_record_build(struct sdp_service_record_s *record,
>>           record->attribute_list[record->attributes ++].len = len;
>>           data += len;
>>       }
>> +    g_free(data);
> 
> No, here more work is needed. data is no longer the original data,
> because two lines above it is modified.

Thanks for pointing out.

> 
>>         /* Sort the attribute list by the AttributeID */
>>       qsort(record->attribute_list, record->attributes,
> 
> 
> .
> 



^ permalink raw reply	[flat|nested] 8+ messages in thread
* Re: [Qemu-devel] [PATCH] hw/bt/sdp: Fix resource leak detect by coverity
@ 2015-03-14  9:15     ` Shannon Zhao
  0 siblings, 0 replies; 8+ messages in thread
From: Shannon Zhao @ 2015-03-14  9:15 UTC (permalink / raw)
  To: Stefan Weil, qemu-devel
  Cc: peter.maydell, hangaohuai, qemu-trivial, mjt, peter.huangpeng,
	shannon.zhao, pbonzini

On 2015/3/14 14:57, Stefan Weil wrote:
> Am 14.03.2015 um 04:42 schrieb Shannon Zhao:
>> Free data in function sdp_attr_write after use.
>>
>> Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
>> Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
>> ---
>>   hw/bt/sdp.c | 1 +
>>   1 file changed, 1 insertion(+)
>>
>> diff --git a/hw/bt/sdp.c b/hw/bt/sdp.c
>> index 218e075..8e6d5e3 100644
>> --- a/hw/bt/sdp.c
>> +++ b/hw/bt/sdp.c
>> @@ -735,6 +735,7 @@ static void sdp_service_record_build(struct sdp_service_record_s *record,
>>           record->attribute_list[record->attributes ++].len = len;
>>           data += len;
>>       }
>> +    g_free(data);
> 
> No, here more work is needed. data is no longer the original data,
> because two lines above it is modified.

Thanks for pointing out.

> 
>>         /* Sort the attribute list by the AttributeID */
>>       qsort(record->attribute_list, record->attributes,
> 
> 
> .
> 

^ permalink raw reply	[flat|nested] 8+ messages in thread
* Re: [Qemu-trivial] [Qemu-devel] [PATCH] hw/bt/sdp: Fix resource leak detect by coverity
  2015-03-14  9:47 [Qemu-trivial] " Shannon Zhao
@ 2015-03-14 10:07 ` Stefan Weil
  2015-03-15  9:21   ` [Qemu-trivial] " Paolo Bonzini
  0 siblings, 1 reply; 8+ messages in thread
From: Stefan Weil @ 2015-03-14 10:07 UTC (permalink / raw)
  To: Shannon Zhao, qemu-devel
  Cc: peter.maydell, hangaohuai, qemu-trivial, mjt, peter.huangpeng,
	shannon.zhao, pbonzini

Am 14.03.2015 um 10:47 schrieb Shannon Zhao:
> Free data in function sdp_attr_write after use.
>
> Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
> Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
> ---
>      For minimum modification, just add a variable to record the data.
> ---
>   hw/bt/sdp.c | 5 +++--
>   1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/hw/bt/sdp.c b/hw/bt/sdp.c
> index 218e075..8be0d14 100644
> --- a/hw/bt/sdp.c
> +++ b/hw/bt/sdp.c
> @@ -698,7 +698,7 @@ static void sdp_service_record_build(struct sdp_service_record_s *record,
>                   struct sdp_def_service_s *def, int handle)
>   {
>       int len = 0;
> -    uint8_t *data;
> +    uint8_t *data, *pt;
>       int *uuid;
>   
>       record->uuids = 0;
> @@ -712,7 +712,7 @@ static void sdp_service_record_build(struct sdp_service_record_s *record,
>               g_malloc0(record->attributes * sizeof(*record->attribute_list));
>       record->uuid =
>               g_malloc0(record->uuids * sizeof(*record->uuid));
> -    data = g_malloc(len);
> +    pt = data = g_malloc(len);
>   
>       record->attributes = 0;
>       uuid = record->uuid;
> @@ -735,6 +735,7 @@ static void sdp_service_record_build(struct sdp_service_record_s *record,
>           record->attribute_list[record->attributes ++].len = len;
>           data += len;
>       }
> +    g_free(pt);
>   
>       /* Sort the attribute list by the AttributeID */
>       qsort(record->attribute_list, record->attributes,

This fixes the memory leak, but I still don't understand what is done here.
data is allocated, then filled with values, now it is also deallocated. 
But I'm
missing the part where all those data is used.

Stefan


^ permalink raw reply	[flat|nested] 8+ messages in thread
* Re: [Qemu-trivial] [Qemu-devel] [PATCH] hw/bt/sdp: Fix resource leak detect by coverity
  2015-03-15 14:11       ` Paolo Bonzini
@ 2015-03-16  7:29         ` Markus Armbruster
  0 siblings, 0 replies; 8+ messages in thread
From: Markus Armbruster @ 2015-03-16  7:29 UTC (permalink / raw)
  To: Paolo Bonzini
  Cc: peter.maydell, hangaohuai, qemu-trivial, Stefan Weil,
	Michael Tokarev, qemu-devel, peter.huangpeng, shannon.zhao,
	Shannon Zhao

Paolo Bonzini <pbonzini@redhat.com> writes:

> On 15/03/2015 11:23, Michael Tokarev wrote:
>> Or, alternatively, to keep this `data' pointer in sdp to use it in
>> bt_l2cap_sdp_close_ch().
>
> Yes.
>
>>> > In any case, it seems simpler to just leave this code aside.
>> How many times this code is called?
>> 
>> We have many many places in qemu where resources are allocated once
>> at startup and never freed just because there's no need to.
>
> Well, in this case the bug in bt_l2cap_sdp_close_ch is much worse than a
> resource leak.  But bluetooth is not the utmost priority in QEMU
> development...

To put it more bluntly: it's rotting in peace.

Occasional drive-by fixes won't stop the rot, a dedicated maintener
could.


^ permalink raw reply	[flat|nested] 8+ messages in thread
end of thread, other threads:[~2015-03-16  7:30 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-03-14  3:42 [Qemu-trivial] [PATCH] hw/bt/sdp: Fix resource leak detect by coverity Shannon Zhao
2015-03-14  3:42 ` [Qemu-devel] " Shannon Zhao
2015-03-14  6:57 ` [Qemu-trivial] " Stefan Weil
2015-03-14  6:57   ` Stefan Weil
2015-03-14  9:15   ` [Qemu-trivial] " Shannon Zhao
2015-03-14  9:15     ` Shannon Zhao
  -- strict thread matches above, loose matches on Subject: below --
2015-03-14  9:47 [Qemu-trivial] " Shannon Zhao
2015-03-14 10:07 ` [Qemu-trivial] [Qemu-devel] " Stefan Weil
2015-03-15  9:21   ` [Qemu-trivial] " Paolo Bonzini
2015-03-15 10:23     ` Michael Tokarev
2015-03-15 14:11       ` Paolo Bonzini
2015-03-16  7:29         ` [Qemu-trivial] [Qemu-devel] " Markus Armbruster

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.