On Mon, Sep 19, 2011 at 04:04:04PM +0800, Daniel Veillard wrote:
> On Sun, Sep 18, 2011 at 09:37:22AM -0500, Adam Litke wrote:
> Hum, I wonder if remoteRelayDomainEventBlockJob shouldn't strdup the
> path string instead of using it directly in the
> remote_domain_event_block_job_msg block. As a result since we now
> free the datapointed by the xdr message within
> remoteDispatchDomainEventSend() , this errors wasn't shown before but
> leads to a double free now.
>
> BTW it seems we don't check all allocations in the xdr code (on purpose
> ?) for example make_nonnull_domain() doesn't check a strdup.
>
> Could you check the following patch ?
Yep, this seems to fix the problem (and an extra check with valgrind shows no
memory leaks. Although I haven't verified it, the functions:
remoteRelayDomainEventIOError
remoteRelayDomainEventIOErrorReason
remoteRelayDomainEventGraphics
appear to have the same problem as well.
>
> diff --git a/daemon/remote.c b/daemon/remote.c
> index 38bbb10..1d9156c 100644
> --- a/daemon/remote.c
> +++ b/daemon/remote.c
> @@ -356,7 +356,11 @@ static int remoteRelayDomainEventBlockJob(virConnectPtr conn ATTRIBUTE_UNUSED,
> /* build return data */
> memset(&data, 0, sizeof data);
> make_nonnull_domain(&data.dom, dom);
> - data.path = (char*)path;
> + data.path = strdup(path);
> + if (data.path == NULL) {
> + virReportOOMError();
> + return -1;
> + }
> data.type = type;
> data.status = status;
Tested-by: Adam Litke <agl@xxxxxxxxxx>
--
Adam Litke <agl@xxxxxxxxxx>
IBM Linux Technology Center
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list