Re: [libvirt] [PATCH 2/3] virnetsocket: Resolve Coverity RESOURCE_LEAK

Friday, 22 August 2014

On 22.08.2014 17:28, John Ferlan wrote:
...
 Since '1b807f92d' - Coverity complains that in the error
paths of
 both virFork() and virProcessWait() that the 'passfd' will not be closed

 Signed-off-by: John Ferlan <jferlan(a)redhat.com&gt;
 ---
   src/rpc/virnetsocket.c | 8 ++++++--
   1 file changed, 6 insertions(+), 2 deletions(-)

 diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
 index f913365..ce908fa 100644
 --- a/src/rpc/virnetsocket.c
 +++ b/src/rpc/virnetsocket.c
 @@ -593,8 +593,10 @@ int virNetSocketNewConnectUNIX(const char *path,
            * behaviour on sockets according to POSIX, so it doesn't
            * work outside Linux.
            */
 -        if ((pid = virFork()) < 0)
 +        if ((pid = virFork()) < 0) {
 +            VIR_FORCE_CLOSE(passfd);
               goto error;
 +        }

           if (pid == 0) {
               umask(0077);
 @@ -604,8 +606,10 @@ int virNetSocketNewConnectUNIX(const char *path,
               _exit(EXIT_SUCCESS);
           }

 -        if (virProcessWait(pid, &status, false) < 0)
 +        if (virProcessWait(pid, &status, false) < 0) {
 +            VIR_FORCE_CLOSE(passfd);
               goto error;
 +        }

           if (status != EXIT_SUCCESS) {
               /*

Unfortunately not enough context is shown to express myself, so I'll paste interesting
knobs from the function:

        if (listen(passfd, 0) < 0) {
             virReportSystemError(errno, "%s",
                                  _("Failed to listen on socket that's about
"
                                    "to be passed to the daemon"));
             goto error;
         }

         if (connect(fd, &remoteAddr.data.sa, remoteAddr.len) < 0) {
             virReportSystemError(errno, _("Failed to connect socket to
'%s'"),
                                  path);
             goto error;
         }

         if (virNetSocketForkDaemon(binary, passfd) < 0)
             goto error;
     }

     localAddr.len = sizeof(localAddr.data);
     if (getsockname(fd, &localAddr.data.sa, &localAddr.len) < 0) {
         virReportSystemError(errno, "%s", _("Unable to get local socket
name"));
         goto error;
     }

     if (!(*retsock = virNetSocketNew(&localAddr, &remoteAddr, true, fd, -1, 0)))
         goto error;

     return 0;

  error:
     VIR_FREE(buf);
     VIR_FORCE_CLOSE(fd);
     if (spawnDaemon)
         unlink(path);
     return -1;
 }

Here, if any of listen() or connect() fail, the control continues on the error label and
the @passfd is leaked again.
virNetSocketForkDaemon() is different - it closes passfd on failure. So I suggest moving
VIR_FORCE_CLOSE() under the error label.

Michal

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Re: [libvirt] [PATCH 2/3] virnetsocket: Resolve Coverity RESOURCE_LEAK