On Mon, Feb 05, 2018 at 03:22:31PM +0200, Leon Romanovsky wrote:
> On Thu, Feb 01, 2018 at 02:05:08PM -0600, Steve Wise wrote:
> > Hey Leon,
>
> <...>
>
> >
> > > +static int res_qp_parse_cb(const struct nlmsghdr *nlh, void *data)
> > > +{
>
> <...>
>
> > > +
> > > + mnl_attr_for_each_nested(nla_entry, nla_table) {
> > > + struct nlattr *nla_line[RDMA_NLDEV_ATTR_MAX] = {};
> > > + uint32_t lqpn, rqpn = 0, rq_psn = 0, sq_psn;
> > > + uint8_t type, state, path_mig_state = 0;
> > > + uint32_t port = 0, pid = 0;
> > > + char *comm = NULL;
>
> <...>
>
> > > +
> > > + if (rd_check_is_filtered(rd, "pid", pid))
> > > + continue;
> >
> > Is comm leaked here when ATTR_RES_PID is present?
> >
> >
> > > +
> > > + if (nla_line[RDMA_NLDEV_ATTR_RES_KERN_NAME])
> > > + /* discard const from mnl_attr_get_str */
> > > + comm = (char
> > > *)mnl_attr_get_str(nla_line[RDMA_NLDEV_ATTR_RES_KERN_NAME]);
> >
> > And also here if the kernel ever passes up both PID and KERN_NAME (which it
> > isn't supposed to).
>
> Yes, you are right, and the bad thing that I prepared everything to call
> free() unconditionally by setting comm to be NULL.
Stephen, David,
How do you want me to proceed?
The actual change is pretty minor:
diff --git a/rdma/res.c b/rdma/res.c
index 2a63e712..31d0c4a7 100644
--- a/rdma/res.c
+++ b/rdma/res.c
@@ -395,8 +395,10 @@ static int res_qp_parse_cb(const struct nlmsghdr *nlh, void *data)
comm = get_task_name(pid);
}
- if (rd_check_is_filtered(rd, "pid", pid))
+ if (rd_check_is_filtered(rd, "pid", pid)) {
+ free(comm);
continue;
+ }
if (nla_line[RDMA_NLDEV_ATTR_RES_KERN_NAME])
/* discard const from mnl_attr_get_str */
@@ -420,8 +422,7 @@ static int res_qp_parse_cb(const struct nlmsghdr *nlh, void *data)
print_pid(rd, pid);
print_comm(rd, comm, nla_line);
- if (nla_line[RDMA_NLDEV_ATTR_RES_PID])
- free(comm);
+ free(comm);
if (rd->json_output)
jsonw_end_array(rd->jw);
>
> Thanks
>
> >
> >
> > Steve.
> >
Attachment:
signature.asc
Description: PGP signature
