From: Laszlo Ersek <lersek@redhat.com>
To: "Gabriel L. Somlo" <somlo@cmu.edu>, qemu-devel@nongnu.org
Cc: matt.fleming@intel.com, rjones@redhat.com,
jordan.l.justen@intel.com, gleb@cloudius-systems.com,
mdroth@linux.vnet.ibm.com, gsomlo@gmail.com, kraxel@redhat.com,
pbonzini@redhat.com
Subject: Re: [Qemu-devel] [PATCH 3/6] fw_cfg: assertion to detect memory leak when adding new data blob
Date: Mon, 16 Mar 2015 20:12:34 +0100 [thread overview]
Message-ID: <55072B22.4070509@redhat.com> (raw)
In-Reply-To: <1426515305-17766-4-git-send-email-somlo@cmu.edu>
On 03/16/15 15:15, Gabriel L. Somlo wrote:
> Currently, fw_cfg_add_bytes_read_callback() does not deal with
> the possibility that the data pointer at the requested key position
> has previously been set, and assumes it will be called exactly once
> for each key value.
>
> This patch introduces an assertion to codify this assumption, and
> insure the data pointer about to be set is NULL at the time the
> function is called, which will prevent the inadvertent leaking of
> data blobs by erroneous multiple calls using the same key value.
>
> Signed-off-by: Gabriel Somlo <somlo@cmu.edu>
> ---
> hw/nvram/fw_cfg.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/hw/nvram/fw_cfg.c b/hw/nvram/fw_cfg.c
> index 86090f3..5501a97 100644
> --- a/hw/nvram/fw_cfg.c
> +++ b/hw/nvram/fw_cfg.c
> @@ -399,6 +399,7 @@ static void fw_cfg_add_bytes_read_callback(FWCfgState *s, uint16_t key,
> key &= FW_CFG_ENTRY_MASK;
>
> assert(key < FW_CFG_MAX_ENTRY && len < UINT32_MAX);
> + assert(s->entries[arch][key].data == NULL); /* prevent memory leak */
>
> s->entries[arch][key].data = data;
> s->entries[arch][key].len = (uint32_t)len;
>
I think I agree with the patch (the assert itself), but the comment
could be more precise. I'd simply say "avoid selector key conflict" or
some such. The predicate we want to assert here primarily is "single
assignment of selector key", right? Calling
fw_cfg_add_bytes_read_callback() with the same key is an error
regardless of any leaks (you could call it with a pointer to a static
storage duration object, and it would remain an error just the same).
Thanks
Laszlo
next prev parent reply other threads:[~2015-03-16 19:12 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-16 14:14 [Qemu-devel] [PATCH 0/6] fw-cfg: documentation, cleanup, and proposed feature Gabriel L. Somlo
2015-03-16 14:15 ` [Qemu-devel] [PATCH 1/6] fw_cfg: add documentation file (docs/specs/fw_cfg.txt) Gabriel L. Somlo
2015-03-16 16:30 ` Laszlo Ersek
2015-03-16 14:15 ` [Qemu-devel] [PATCH 2/6] fw_cfg: remove support for guest-side data writes Gabriel L. Somlo
2015-03-16 17:02 ` Laszlo Ersek
2015-03-16 18:41 ` Gabriel L. Somlo
2015-03-17 7:46 ` Gerd Hoffmann
2015-03-16 14:15 ` [Qemu-devel] [PATCH 3/6] fw_cfg: assertion to detect memory leak when adding new data blob Gabriel L. Somlo
2015-03-16 19:12 ` Laszlo Ersek [this message]
2015-03-16 14:15 ` [Qemu-devel] [PATCH 4/6] fw_cfg: exit with error when dupe fw_cfg file name inserted Gabriel L. Somlo
2015-03-16 19:26 ` Laszlo Ersek
2015-03-16 14:15 ` [Qemu-devel] [PATCH 5/6] fw_cfg: insert fw_cfg file blobs via qemu cmdline Gabriel L. Somlo
2015-03-17 10:07 ` Gerd Hoffmann
2015-03-17 10:55 ` Matt Fleming
2015-03-17 14:09 ` Gabriel L. Somlo
2015-03-17 11:28 ` Laszlo Ersek
2015-03-17 11:49 ` Gerd Hoffmann
2015-03-18 20:06 ` Gabriel L. Somlo
2015-03-19 10:43 ` Laszlo Ersek
2015-03-18 20:27 ` Gabriel L. Somlo
2015-03-19 7:34 ` Gerd Hoffmann
2015-03-19 8:41 ` [Qemu-devel] How to emit errors with nice location information (was: [PATCH 5/6] fw_cfg: insert fw_cfg file blobs via qemu cmdline) Markus Armbruster
2015-03-16 14:15 ` [Qemu-devel] [PATCH 6/6] qga: RFC: guest-side retrieval of fw_cfg file Gabriel L. Somlo
2015-03-17 12:38 ` Laszlo Ersek
2015-03-17 14:28 ` Gabriel L. Somlo
2015-03-19 18:27 ` Kevin O'Connor
2015-03-19 18:44 ` Laszlo Ersek
2015-03-16 14:26 ` [Qemu-devel] [PATCH 0/6] fw-cfg: documentation, cleanup, and proposed feature Patchew Tool
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55072B22.4070509@redhat.com \
--to=lersek@redhat.com \
--cc=gleb@cloudius-systems.com \
--cc=gsomlo@gmail.com \
--cc=jordan.l.justen@intel.com \
--cc=kraxel@redhat.com \
--cc=matt.fleming@intel.com \
--cc=mdroth@linux.vnet.ibm.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=rjones@redhat.com \
--cc=somlo@cmu.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).