On 07/16/2013 08:14 PM, Ján Tomko wrote:
Even if getline doesn't read any characters it allocates a
buffer.
==404== 120 bytes in 1 blocks are definitely lost in loss record 1,344 of 1,671
==404== at 0x4C2C71B: malloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==404== by 0x906F862: getdelim (iogetdelim.c:68)
==404== by 0x52A48FB: virCgroupPartitionNeedsEscaping (vircgroup.c:1136)
==404== by 0x52A0FB4: virCgroupPartitionEscape (vircgroup.c:1171)
==404== by 0x52A0EA4: virCgroupNewDomainPartition (vircgroup.c:1450)
Introduced by f366273.
---
Can STRPREFIX(path, line) be possibly true if tmp is NULL?
path[NULL - line] would be accessed in that case.
src/util/vircgroup.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/util/vircgroup.c b/src/util/vircgroup.c
index 5a98393..2419d80 100644
--- a/src/util/vircgroup.c
+++ b/src/util/vircgroup.c
@@ -1136,38 +1136,38 @@ static int virCgroupPartitionNeedsEscaping(const char *path)
while (getline(&line, &len, fp) > 0) {
if (STRPREFIX(line, "#subsys_name")) {
VIR_FREE(line);
continue;
}
char *tmp = strchr(line, ' ');
if (tmp)
*tmp = '\0';
len = tmp - line;
if (STRPREFIX(path, line) &&
path[len] == '.') {
ret = 1;
- VIR_FREE(line);
goto cleanup;
}
VIR_FREE(line);
}
if (ferror(fp)) {
ret = -EIO;
goto cleanup;
}
cleanup:
+ VIR_FREE(line);
VIR_FORCE_FCLOSE(fp);
return ret;
}
static int virCgroupPartitionEscape(char **path)
{
size_t len = strlen(*path) + 1;
int rc;
char escape = '_';
if ((rc = virCgroupPartitionNeedsEscaping(*path)) <= 0)
return rc;
ACK, I can reproduce the memory leak.