Detected by Coverity. waitpid() can leak resources if it fails with
EINTR, so it should never be used without checking return status.
* src/lxc/lxc_container.c (lxcContainerAvailable): Use safer
virWaitPid.
---
src/lxc/lxc_container.c | 5 ++---
1 files changed, 2 insertions(+), 3 deletions(-)
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index e9891f7..06ccf7e 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -1229,7 +1229,6 @@ int lxcContainerAvailable(int features)
int cpid;
char *childStack;
char *stack;
- int childStatus;
if (features & LXC_CONTAINER_FEATURE_USER)
flags |= CLONE_NEWUSER;
@@ -1251,8 +1250,8 @@ int lxcContainerAvailable(int features)
VIR_DEBUG("clone call returned %s, container support is not enabled",
virStrerror(errno, ebuf, sizeof ebuf));
return -1;
- } else {
- waitpid(cpid, &childStatus, 0);
+ } else if (virPidWait(cpid, NULL) < 0) {
+ return -1;
}
VIR_DEBUG("Mounted all filesystems");
--
1.7.4.4
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list