At 07/01/2011 07:36 AM, Eric Blake Write:
> Detected by Coverity. The leak is on an error path, but I'm not
> sure whether that path is likely to be triggered in practice.
>
> * src/rpc/virnetserverservice.c (virNetServerServiceAccept): Plug
> leak.
> ---
> src/rpc/virnetserverservice.c | 1 +
> 1 files changed, 1 insertions(+), 0 deletions(-)
>
> diff --git a/src/rpc/virnetserverservice.c b/src/rpc/virnetserverservice.c
> index e84f72c..fcd783c 100644
> --- a/src/rpc/virnetserverservice.c
> +++ b/src/rpc/virnetserverservice.c
> @@ -83,6 +83,7 @@ cleanup:
>
> error:
> virNetSocketFree(clientsock);
> + virNetServerClientFree(client);
If svc->dispatchFunc is NULL, we will goto here to do cleanup. Unfortunately,
client->sock is clientsock and it will be freed again in virNetServerClientFree().
It may cause libvirtd crashed.
If svc->dispatchFunc() failed, we close and free client. But we only free client here,
not close it here. Do we need to close it here?
I think the cleanup code should like this:
if (client) {
virNetServerClientClose(client);
virNetServerClientFree(client);
} else {
virNetSocketFree(clientsock);
}
> }
>
>
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list