From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:35531) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WPTFG-0003F2-Qb for qemu-devel@nongnu.org; Mon, 17 Mar 2014 04:50:12 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1WPTFA-0002S6-RA for qemu-devel@nongnu.org; Mon, 17 Mar 2014 04:50:06 -0400 Received: from mx1.redhat.com ([209.132.183.28]:6997) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WPTFA-0002S2-IA for qemu-devel@nongnu.org; Mon, 17 Mar 2014 04:50:00 -0400 Received: from int-mx11.intmail.prod.int.phx2.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id s2H8nxcv011186 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Mon, 17 Mar 2014 04:49:59 -0400 From: Markus Armbruster References: <1394817667-2207-1-git-send-email-pbonzini@redhat.com> Date: Mon, 17 Mar 2014 09:49:56 +0100 In-Reply-To: <1394817667-2207-1-git-send-email-pbonzini@redhat.com> (Paolo Bonzini's message of "Fri, 14 Mar 2014 18:21:07 +0100") Message-ID: <87ppllfbuz.fsf@blackfin.pond.sub.org> MIME-Version: 1.0 Content-Type: text/plain Subject: Re: [Qemu-devel] [PATCH] qemu-nbd: Fix coverity issues List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Paolo Bonzini Cc: qemu-devel@nongnu.org Paolo Bonzini writes: > There are two issues in qemu-nbd: a missing return value check after > calling accept(), and file descriptor leaks in nbd_client_thread. > > Signed-off-by: Paolo Bonzini > --- > qemu-nbd.c | 17 +++++++++++++---- > 1 file changed, 13 insertions(+), 4 deletions(-) > > diff --git a/qemu-nbd.c b/qemu-nbd.c > index bdac1f3..899e67c 100644 > --- a/qemu-nbd.c > +++ b/qemu-nbd.c > @@ -288,19 +288,19 @@ static void *nbd_client_thread(void *arg) > ret = nbd_receive_negotiate(sock, NULL, &nbdflags, > &size, &blocksize); > if (ret < 0) { > - goto out; > + goto out_socket; > } > > fd = open(device, O_RDWR); > if (fd < 0) { > /* Linux-only, we can use %m in printf. */ > fprintf(stderr, "Failed to open %s: %m", device); > - goto out; > + goto out_socket; > } > > ret = nbd_init(fd, sock, nbdflags, size, blocksize); > if (ret < 0) { > - goto out; > + goto out_fd; > } > > /* update partition table */ > @@ -316,12 +316,16 @@ static void *nbd_client_thread(void *arg) > > ret = nbd_client(fd); > if (ret) { > - goto out; > + goto out_fd; > } > close(fd); > kill(getpid(), SIGTERM); > return (void *) EXIT_SUCCESS; > > +out_fd: > + close(fd); > +out_socket: > + closesocket(sock); > out: > kill(getpid(), SIGTERM); > return (void *) EXIT_FAILURE; The return values are disgusting, but that's not your fault. Hmm, actually it is: commit a517e88b. > @@ -355,6 +359,11 @@ static void nbd_accept(void *opaque) > socklen_t addr_len = sizeof(addr); > > int fd = accept(server_fd, (struct sockaddr *)&addr, &addr_len); > + if (fd < 0) { > + perror("accept"); > + return; > + } > + > if (state >= TERMINATE) { > close(fd); > return; Reviewed-by: Markus Armbruster