From: "Daniel P. Berrange" <berrange@xxxxxxxxxx>
If virDBusMessageIterEncode hits an OOM condition it often
leaks the memory associated with the dbus iterator object
Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx>
---
src/util/virdbus.c | 24 +++++++++++++++++++++---
1 file changed, 21 insertions(+), 3 deletions(-)
diff --git a/src/util/virdbus.c b/src/util/virdbus.c
index a2c4b4e..60ff574 100644
--- a/src/util/virdbus.c
+++ b/src/util/virdbus.c
@@ -601,8 +601,10 @@ virDBusMessageIterEncode(DBusMessageIter *rootiter,
goto cleanup;
if (virDBusTypeStackPush(&stack, &nstack,
iter, types,
- nstruct, narray) < 0)
+ nstruct, narray) < 0) {
+ VIR_FREE(newiter);
goto cleanup;
+ }
VIR_FREE(contsig);
iter = newiter;
newiter = NULL;
@@ -625,8 +627,10 @@ virDBusMessageIterEncode(DBusMessageIter *rootiter,
goto cleanup;
if (virDBusTypeStackPush(&stack, &nstack,
iter, types,
- nstruct, narray) < 0)
+ nstruct, narray) < 0) {
+ VIR_FREE(newiter);
goto cleanup;
+ }
iter = newiter;
newiter = NULL;
types = vsig;
@@ -657,8 +661,10 @@ virDBusMessageIterEncode(DBusMessageIter *rootiter,
if (virDBusTypeStackPush(&stack, &nstack,
iter, types,
- nstruct, narray) < 0)
+ nstruct, narray) < 0) {
+ VIR_FREE(newiter);
goto cleanup;
+ }
VIR_FREE(contsig);
iter = newiter;
newiter = NULL;
@@ -678,6 +684,18 @@ virDBusMessageIterEncode(DBusMessageIter *rootiter,
ret = 0;
cleanup:
+ while (nstack > 0) {
+ DBusMessageIter *thisiter = iter;
+ VIR_DEBUG("Popping iter=%p", iter);
+ if (virDBusTypeStackPop(&stack, &nstack, &iter,
+ &types, &nstruct, &narray) < 0)
+ goto cleanup;
+ VIR_DEBUG("Popped iter=%p", iter);
+
+ if (thisiter != rootiter)
+ VIR_FREE(thisiter);
+ }
+
virDBusTypeStackFree(&stack, &nstack);
VIR_FREE(contsig);
VIR_FREE(newiter);
--
1.8.3.1
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list