In this function, static virNWFilterDefPtr virNWFilterDefParseXML(xmlXPathContextPtr ctxt) { we allocate space for the result we expect to return: if (VIR_ALLOC(ret) < 0) { virReportOOMError(); return NULL; } and later, ... if (VIR_REALLOC_N(ret->filterEntries, ret->nentries+1) < 0) { VIR_FREE(entry); virReportOOMError(); goto cleanup; } Hence, the lack of anything to free "ret" when this function returns NULL constitutes a leak. Here's the patch:

From 4c13990a15b33f03595d58b46b6e34e03bfffa65 Mon Sep 17 00:00:00 2001 From: Jim Meyering <meyering@redhat.com> Date: Tue, 18 May 2010 12:05:53 +0200 Subject: [PATCH] virNWFilterDefParseXML: avoid leak on error paths

* src/conf/nwfilter_conf.c (virNWFilterDefParseXML): Also free "ret" via cleanup. --- src/conf/nwfilter_conf.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/src/conf/nwfilter_conf.c b/src/conf/nwfilter_conf.c index ea73a33..fc6d461 100644 --- a/src/conf/nwfilter_conf.c +++ b/src/conf/nwfilter_conf.c @@ -1767,6 +1767,7 @@ virNWFilterDefParseXML(xmlXPathContextPtr ctxt) { return ret; cleanup: + virNWFilterDefFree(ret); VIR_FREE(chain); VIR_FREE(uuid); return NULL; -- 1.7.1.250.g7d1e8