Re: [libvirt] [PATCH v3 2/3] conf: add check if migration_host is a localhost address
This patch has triggered a Coverity RESOURCE_LEAK (3 actually)
On 10/08/2014 09:54 PM, Chen, Fan wrote:
On Wed, 2014-10-08 at 12:33 +0200, Ján Tomko wrote:
> On 10/07/2014 06:07 AM, Chen Fan wrote:
>> Signed-off-by: Chen Fan <chen.fan.fnst(a)cn.fujitsu.com>
> diff --git a/src/util/virsocketaddr.c b/src/util/virsocketaddr.c
> index 6d36689..a19e3af 100644
> --- a/src/util/virsocketaddr.c
> +++ b/src/util/virsocketaddr.c
> @@ -889,15 +889,24 @@ virSocketAddrNumericFamily(const char *address)
> * false otherwise
> */
> bool
> -virSocketAddrIsNumericLocalhost(const virSocketAddr *addr)
> +virSocketAddrIsNumericLocalhost(const char *addr)
> {
> + struct addrinfo *res;
> struct in_addr tmp = { .s_addr = htonl(INADDR_LOOPBACK) };
> - switch (addr->data.stor.ss_family) {
> + struct sockaddr_in *inet4;
> + struct sockaddr_in6 *inet6;
> +
> + if (virSocketAddrParseInternal(&res, addr, AF_UNSPEC, false) < 0)
> + return false;
> +
'res' allocates something that must be free'd
> + switch (res->ai_addr->sa_family) {
> case AF_INET:
> - return memcmp(&addr->data.inet4.sin_addr.s_addr, &tmp.s_addr,
> - sizeof(addr->data.inet4.sin_addr.s_addr)) == 0;
> + inet4 = (struct sockaddr_in*) res->ai_addr;
Leak #1
> + return memcmp(&inet4->sin_addr.s_addr,
&tmp.s_addr,
> + sizeof(inet4->sin_addr.s_addr)) == 0;
> case AF_INET6:
> - return IN6_IS_ADDR_LOOPBACK(&addr->data.inet6.sin6_addr);
> + inet6 = (struct sockaddr_in6*) res->ai_addr;
Leak #2
> + return
IN6_IS_ADDR_LOOPBACK(&(inet6->sin6_addr));
> }
Leak #3
> return false;
>
Other callers will call 'freeaddrinfo(res);'
In order to resolve - you probably need to create a local ret = false,
then assign ret = to either memcmp/IN6_IS_ADDR_LOOPBACK return, then
call freeaddrinfo() before return ret
John