Re: [PATCH 2/3] qemu: fix memory leak in qemu_driver.c

On 09/09/2022 14:10, Jiacheng Jiang wrote:

From: jiangjiacheng <jiangjiacheng@huawei.com>

Function virTypedParamsAddString may return -1

I don't think `virTypedParamsAddString` will return -1 in the code paths you touched. The only case where `virTypedParamsAddString` returns -1 is that the `name` you pass to it is too long (>=80), however, in the code path you touched `name`s are hard-coded and the lengths of them are <80.

and the clean path doesn't free the memory of eventParams, which will lead to potential memory leak.

Signed-off-by: jiangjiacheng <jiangjiacheng@huawei.com> --- src/qemu/qemu_driver.c | 12 ++++++++++++ 1 file changed, 12 insertions(+)

diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 707f4cc1bb..c43bc4070e 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -4474,11 +4474,15 @@ qemuDomainPinVcpuLive(virDomainObj *vm, goto cleanup;

event = virDomainEventTunableNewFromObj(vm, eventParams, eventNparams); + eventParams = NULL; + eventNparams = 0;

ret = 0;

cleanup: virObjectEventStateQueue(driver->domainEventState, event); + if (eventParams) + virTypedParamsFree(eventParams, eventNparams); return ret; }

@@ -4683,6 +4687,8 @@ qemuDomainPinEmulator(virDomainPtr dom, goto endjob;

event = virDomainEventTunableNewFromDom(dom, eventParams, eventNparams); + eventParams = NULL; + eventNparams = 0; }

if (persistentDef) { @@ -4699,6 +4705,8 @@ qemuDomainPinEmulator(virDomainPtr dom, qemuDomainObjEndJob(vm);

cleanup: + if (eventParams) + virTypedParamsFree(eventParams, eventNparams); virObjectEventStateQueue(driver->domainEventState, event); virDomainObjEndAPI(&vm); return ret; @@ -5080,6 +5088,8 @@ qemuDomainPinIOThread(virDomainPtr dom, goto endjob;

event = virDomainEventTunableNewFromDom(dom, eventParams, eventNparams); + eventParams = NULL; + eventNparams = 0; }

if (persistentDef) { @@ -5105,6 +5115,8 @@ qemuDomainPinIOThread(virDomainPtr dom, qemuDomainObjEndJob(vm);

cleanup: + if (eventParams) + virTypedParamsFree(eventParams, eventNparams); virObjectEventStateQueue(driver->domainEventState, event); virDomainObjEndAPI(&vm); return ret;