>On 09/26/2017 03:54 PM, ZhiPeng Lu wrote:
>> In learnIPAddressThread()the @inetaddr may be leaked.
>>
> Signed-off-by: ZhiPeng Lu <lu.zhipeng@xxxxxxxxxx>
> ---
> src/nwfilter/nwfilter_learnipaddr.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/src/nwfilter/nwfilter_learnipaddr.c b/src/nwfilter/nwfilter_learnipaddr.c
> index cfd92d9..5dc212e 100644
> --- a/src/nwfilter/nwfilter_learnipaddr.c
> +++ b/src/nwfilter/nwfilter_learnipaddr.c
> @@ -625,6 +625,7 @@ learnIPAddressThread(void *arg)
> if (virNWFilterIPAddrMapAddIPAddr(req->ifname, inetaddr) < 0) {
>> VIR_ERROR(_("Failed to add IP address %s to IP address "
>> "cache for interface %s"), inetaddr, req->ifname);
>> + VIR_FREE(inetaddr);
>> }
>>
>> ret = virNWFilterInstantiateFilterLate(req->driver,
>> @@ -636,7 +637,8 @@ learnIPAddressThread(void *arg)
>> req->filtername,
>> req->filterparams);
>> VIR_DEBUG("Result from applying firewall rules on "
>> - "%s with IP addr %s : %d", req->ifname, inetaddr, ret);
>> + "%s with IP addr %s : %d", req->ifname, NULLSTR(inetaddr), ret);> +
>Still not quite right... VIR_FREE() only happens if
>virNWFilterIPAddrMapAddIPAddr() < 0.
>Not sure what the purpose of a VIR_FREE in the upper condition and then
>NULLSTR() below would be... We're still calling
>virNWFilterInstantiateFilterLate regardless and still want the VIR_DEBUG
>printed.
>Perhaps just a VIR_FREE() after the VIR_DEBUG would seem to be
>sufficient since there's no escape clause. The VIR_ERROR may help us
>understand why/if ret != 0 though... I didn't put much thought into that
>though.
we can't free inetaddr if virNWFilterIPAddrMapAddIPAddr() ==0 because it is used by ipAddressMap.
So i free inetaddr only if virNWFilterIPAddrMapAddIPAddr < 0.
I will add a variable to save the return value of virNWFilterIPAddrMapAddIPAddr.
Free inetaddr if virNWFilterIPAddrMapAddIPAddr< 0 after VIR_ERROR print.
为了让您的VPlat虚拟机故障和docker故障得到高效的处理,请上报故障到: $VPlat技术支持。
芦志朋 luzhipeng
IT开发工程师 IT Development
Engineer
操作系统产品部/中心研究院/系统产品 OS Product Dept./Central R&D Institute/System Product
 |  四川省成都市天府大道中段800号 E: lu.zhipeng@xxxxxxxxxx www.zte.com.cn |
On 09/26/2017 03:54 PM, ZhiPeng Lu wrote:
> In learnIPAddressThread()the @inetaddr may be leaked.
>
> Signed-off-by: ZhiPeng Lu <lu.zhipeng@xxxxxxxxxx>
> ---
> src/nwfilter/nwfilter_learnipaddr.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/src/nwfilter/nwfilter_learnipaddr.c b/src/nwfilter/nwfilter_learnipaddr.c
> index cfd92d9..5dc212e 100644
> --- a/src/nwfilter/nwfilter_learnipaddr.c
> +++ b/src/nwfilter/nwfilter_learnipaddr.c
> @@ -625,6 +625,7 @@ learnIPAddressThread(void *arg)
> if (virNWFilterIPAddrMapAddIPAddr(req->ifname, inetaddr) < 0) {
> VIR_ERROR(_("Failed to add IP address %s to IP address "
> "cache for interface %s"), inetaddr, req->ifname);
> + VIR_FREE(inetaddr);
> }
>
> ret = virNWFilterInstantiateFilterLate(req->driver,
> @@ -636,7 +637,8 @@ learnIPAddressThread(void *arg)
> req->filtername,
> req->filterparams);
> VIR_DEBUG("Result from applying firewall rules on "
> - "%s with IP addr %s : %d", req->ifname, inetaddr, ret);
> + "%s with IP addr %s : %d", req->ifname, NULLSTR(inetaddr), ret);> +
Still not quite right... VIR_FREE() only happens if
virNWFilterIPAddrMapAddIPAddr() < 0.
Not sure what the purpose of a VIR_FREE in the upper condition and then
NULLSTR() below would be... We're still calling
virNWFilterInstantiateFilterLate regardless and still want the VIR_DEBUG
printed.
Perhaps just a VIR_FREE() after the VIR_DEBUG would seem to be
sufficient since there's no escape clause. The VIR_ERROR may help us
understand why/if ret != 0 though... I didn't put much thought into that
though.
John
> }
> } else {
> if (showError)
>
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
