[CRIU] [PATCH] sk-unix: Fix memory leak on error path
Cyrill Gorcunov
gorcunov at openvz.org
Tue Aug 4 02:29:40 PDT 2015
Dynamically allocated @name doesn't release
if error happened.
| ** CID 129898: (RESOURCE_LEAK)
| /sk-unix.c: 505 in unix_process_name()
| /sk-unix.c: 509 in unix_process_name()
| /sk-unix.c: 519 in unix_process_name()
Signed-off-by: Cyrill Gorcunov <gorcunov at openvz.org>
---
sk-unix.c | 27 ++++++++++++++++++---------
1 file changed, 18 insertions(+), 9 deletions(-)
diff --git a/sk-unix.c b/sk-unix.c
index 7a9972864e6e..ac6b69ab7d20 100644
--- a/sk-unix.c
+++ b/sk-unix.c
@@ -476,8 +476,8 @@ const struct fdtype_ops unix_dump_ops = {
*/
static int unix_process_name(struct unix_sk_desc *d, const struct unix_diag_msg *m, struct rtattr **tb)
{
+ int len, ret;
char *name;
- int len;
len = RTA_PAYLOAD(tb[UNIX_DIAG_NAME]);
name = xmalloc(len + 1);
@@ -501,12 +501,16 @@ static int unix_process_name(struct unix_sk_desc *d, const struct unix_diag_msg
}
ns = lookup_ns_by_id(root_item->ids->mnt_ns_id, &mnt_ns_desc);
- if (!ns)
- return -ENOENT;
+ if (!ns) {
+ ret = -ENOENT;
+ goto out;
+ }
mntns_root = mntns_get_root_fd(ns);
- if (mntns_root < 0)
- return -ENOENT;
+ if (mntns_root < 0) {
+ ret = -ENOENT;
+ goto out;
+ }
uv = RTA_DATA(tb[UNIX_DIAG_VFS]);
if (name[0] != '/') {
@@ -515,8 +519,10 @@ static int unix_process_name(struct unix_sk_desc *d, const struct unix_diag_msg
* dump attempt.
*/
rel_name_desc_t *rel_name = xzalloc(sizeof(*rel_name));
- if (!rel_name)
- return -ENOMEM;
+ if (!rel_name) {
+ ret = -ENOMEM;
+ goto out;
+ }
rel_name->udiag_vfs_dev = uv->udiag_vfs_dev;
rel_name->udiag_vfs_ino = uv->udiag_vfs_ino;
@@ -565,9 +571,12 @@ postprone:
d->name = name;
return 0;
-skip:
+out:
xfree(name);
- return 1;
+ return ret;
+skip:
+ ret = 1;
+ goto out;
}
static int unix_collect_one(const struct unix_diag_msg *m,
--
2.4.3
More information about the CRIU
mailing list