From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:53845)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <groug@kaod.org>) id 1btYZ7-0006jR-H1
	for qemu-devel@nongnu.org; Mon, 10 Oct 2016 07:16:18 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <groug@kaod.org>) id 1btYZ1-0005nu-BV
	for qemu-devel@nongnu.org; Mon, 10 Oct 2016 07:16:16 -0400
Received: from 8.mo6.mail-out.ovh.net ([178.33.42.204]:35381)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <groug@kaod.org>) id 1btYZ1-0005na-5p
	for qemu-devel@nongnu.org; Mon, 10 Oct 2016 07:16:11 -0400
Received: from player738.ha.ovh.net (b7.ovh.net [213.186.33.57])
	by mo6.mail-out.ovh.net (Postfix) with ESMTP id 5A10E3D341
	for <qemu-devel@nongnu.org>; Mon, 10 Oct 2016 13:16:10 +0200 (CEST)
Date: Mon, 10 Oct 2016 13:16:04 +0200
From: Greg Kurz <groug@kaod.org>
Message-ID: <20161010131604.0c31cfc4@bahia>
In-Reply-To: <57ea5f06.821e6b0a.4ee38.31ea@mx.google.com>
References: <57ea5f06.821e6b0a.4ee38.31ea@mx.google.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH] 9pfs: fix potential host memory leak in
 v9fs_read
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Li Qiang <liq3ea@gmail.com>
Cc: aneesh.kumar@linux.vnet.ibm.com, qemu-devel@nongnu.org, Li Qiang <liqiang6-s@360.cn>

On Tue, 27 Sep 2016 04:58:46 -0700
Li Qiang <liq3ea@gmail.com> wrote:

> From: Li Qiang <liqiang6-s@360.cn>
> 
> In 9pfs read dispatch function, it doesn't free two QEMUIOVector
> object thus causing potential memory leak. This patch avoid this.
> 
> Signed-off-by: Li Qiang <liqiang6-s@360.cn>
> ---

Reviewed-by: Greg Kurz <groug@kaod.org>

>  hw/9pfs/9p.c | 5 +++--
>  1 file changed, 3 insertions(+), 2 deletions(-)
> 
> diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
> index 119ee58..543a791 100644
> --- a/hw/9pfs/9p.c
> +++ b/hw/9pfs/9p.c
> @@ -1826,14 +1826,15 @@ static void v9fs_read(void *opaque)
>              if (len < 0) {
>                  /* IO error return the error */
>                  err = len;
> -                goto out;
> +                goto out_free_iovec;
>              }
>          } while (count < max_count && len > 0);
>          err = pdu_marshal(pdu, offset, "d", count);
>          if (err < 0) {
> -            goto out;
> +            goto out_free_iovec;
>          }
>          err += offset + count;
> +out_free_iovec:
>          qemu_iovec_destroy(&qiov);
>          qemu_iovec_destroy(&qiov_full);
>      } else if (fidp->fid_type == P9_FID_XATTR) {