On 10/18/2012 08:21 AM, Guannan Ren wrote:
>>> +++ b/src/qemu/qemu_command.c
>>> @@ -170,6 +170,11 @@ qemuPhysIfaceConnect(virDomainDefPtr def,
>>> vmop, driver->stateDir,
>>> virDomainNetGetActualBandwidth(net));
>>> if (rc >= 0) {
>>> + if (virSecurityManagerSetTapFDLabel(driver->securityManager,
>>> + def, rc) < 0) {
>>> + VIR_FORCE_CLOSE(rc);
>>> + return -1;
>>> + }
>>> virDomainAuditNetDevice(def, net, res_ifname, true);
>>> VIR_FREE(net->ifname);
>> Looks like you leak net->ifname on error, not to mention that you are
>> skipping out on an audit point. I think you need to fix up the logic
>> here to avoid leaks on failure to relabel the fd.
>>
> In case of failure of relabel, I leaked char *res_ifname.
> Shall we need to do the audit on failure of tapfd relabelling?
> I don't think it is necessary to do it, is it?
Looking closer, this code currently only audits on success: if rc < 0,
then it skips the audit point [I'm not sure if it should also be
auditing on failure, but fixing that should be in a separate patch]. So
for this patch, I think you can also skip the audit point if the relabel
fails, because then you are treating rc as < 0; but you DO need to clean
up the memory that got allocated along the way.
--
Eric Blake eblake@xxxxxxxxxx +1-919-301-3266
Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list