Re: [PATCH v2] qemu-nbd: Fix a memleak in nbd_client_thread()
On 2020/12/8 21:41, Vladimir Sementsov-Ogievskiy wrote:
> 03.12.2020 16:58, Alex Chen wrote:
>> When the qio_channel_socket_connect_sync() fails
>> we should goto 'out_socket' label to free the 'sioc' instead of
>> goto 'out' label.
>> In addition, there's a lot of redundant code in the successful branch
>> and the error branch, optimize it.
>>
>> Reported-by: Euler Robot
>> Signed-off-by: Alex Chen
>> Signed-off-by: Eric Blake
>> ---
>> qemu-nbd.c | 38 +++---
>> 1 file changed, 15 insertions(+), 23 deletions(-)
>>
>> diff --git a/qemu-nbd.c b/qemu-nbd.c
>> index a7075c5419..9583ee1af6 100644
>> --- a/qemu-nbd.c
>> +++ b/qemu-nbd.c
>> @@ -265,8 +265,8 @@ static void *nbd_client_thread(void *arg)
>> char *device = arg;
>> NBDExportInfo info = { .request_sizes = false, .name = g_strdup("") };
>> QIOChannelSocket *sioc;
>> -int fd;
>> -int ret;
>> +int fd = -1;
>> +int ret = EXIT_FAILURE;
>> pthread_t show_parts_thread;
>> Error *local_error = NULL;
>> @@ -278,26 +278,24 @@ static void *nbd_client_thread(void *arg)
>> goto out;
>> }
>> -ret = nbd_receive_negotiate(NULL, QIO_CHANNEL(sioc),
>> -NULL, NULL, NULL, , _error);
>> -if (ret < 0) {
>> +if (nbd_receive_negotiate(NULL, QIO_CHANNEL(sioc),
>> + NULL, NULL, NULL, , _error) < 0) {
>> if (local_error) {
>> error_report_err(local_error);
>> }
>> -goto out_socket;
>> +goto out;
>> }
>> fd = open(device, O_RDWR);
>> if (fd < 0) {
>> /* Linux-only, we can use %m in printf. */
>> error_report("Failed to open %s: %m", device);
>> -goto out_socket;
>> +goto out;
>> }
>> -ret = nbd_init(fd, sioc, , _error);
>> -if (ret < 0) {
>> +if (nbd_init(fd, sioc, , _error) < 0) {
>> error_report_err(local_error);
>> -goto out_fd;
>> +goto out;
>> }
>> /* update partition table */
>> @@ -311,24 +309,18 @@ static void *nbd_client_thread(void *arg)
>> dup2(STDOUT_FILENO, STDERR_FILENO);
>> }
>> -ret = nbd_client(fd);
>> -if (ret) {
>> -goto out_fd;
>> +if (nbd_client(fd) == 0) {
>> +ret = EXIT_SUCCESS;
>
> It's not obvious that nbd_client() returns 0 on success, it calls ioctl(),
> which may return something positive in theory..
>
> So, with s/==/>=/, or with just
>
> if (nbd_client(fd) < 0) {
> goto out;
> }
>
> ret = EXIT_SUCCESS;
>
>
> (which is good common pattern I think)
>
> :
>
Thanks for your review, I will fix it and send patch v3.
Thanks,
Alex
Re: [PATCH v2] qemu-nbd: Fix a memleak in nbd_client_thread()
03.12.2020 16:58, Alex Chen wrote:
When the qio_channel_socket_connect_sync() fails
we should goto 'out_socket' label to free the 'sioc' instead of
goto 'out' label.
In addition, there's a lot of redundant code in the successful branch
and the error branch, optimize it.
Reported-by: Euler Robot
Signed-off-by: Alex Chen
Signed-off-by: Eric Blake
---
qemu-nbd.c | 38 +++---
1 file changed, 15 insertions(+), 23 deletions(-)
diff --git a/qemu-nbd.c b/qemu-nbd.c
index a7075c5419..9583ee1af6 100644
--- a/qemu-nbd.c
+++ b/qemu-nbd.c
@@ -265,8 +265,8 @@ static void *nbd_client_thread(void *arg)
char *device = arg;
NBDExportInfo info = { .request_sizes = false, .name = g_strdup("") };
QIOChannelSocket *sioc;
-int fd;
-int ret;
+int fd = -1;
+int ret = EXIT_FAILURE;
pthread_t show_parts_thread;
Error *local_error = NULL;
@@ -278,26 +278,24 @@ static void *nbd_client_thread(void *arg)
goto out;
}
-ret = nbd_receive_negotiate(NULL, QIO_CHANNEL(sioc),
-NULL, NULL, NULL, , _error);
-if (ret < 0) {
+if (nbd_receive_negotiate(NULL, QIO_CHANNEL(sioc),
+ NULL, NULL, NULL, , _error) < 0) {
if (local_error) {
error_report_err(local_error);
}
-goto out_socket;
+goto out;
}
fd = open(device, O_RDWR);
if (fd < 0) {
/* Linux-only, we can use %m in printf. */
error_report("Failed to open %s: %m", device);
-goto out_socket;
+goto out;
}
-ret = nbd_init(fd, sioc, , _error);
-if (ret < 0) {
+if (nbd_init(fd, sioc, , _error) < 0) {
error_report_err(local_error);
-goto out_fd;
+goto out;
}
/* update partition table */
@@ -311,24 +309,18 @@ static void *nbd_client_thread(void *arg)
dup2(STDOUT_FILENO, STDERR_FILENO);
}
-ret = nbd_client(fd);
-if (ret) {
-goto out_fd;
+if (nbd_client(fd) == 0) {
+ret = EXIT_SUCCESS;
It's not obvious that nbd_client() returns 0 on success, it calls ioctl(),
which may return something positive in theory..
So, with s/==/>=/, or with just
if (nbd_client(fd) < 0) {
goto out;
}
ret = EXIT_SUCCESS;
(which is good common pattern I think)
:
Reviewed-by: Vladimir Sementsov-Ogievskiy
--
Best regards,
Vladimir
[PATCH v2] qemu-nbd: Fix a memleak in nbd_client_thread()
When the qio_channel_socket_connect_sync() fails
we should goto 'out_socket' label to free the 'sioc' instead of
goto 'out' label.
In addition, there's a lot of redundant code in the successful branch
and the error branch, optimize it.
Reported-by: Euler Robot
Signed-off-by: Alex Chen
Signed-off-by: Eric Blake
---
qemu-nbd.c | 38 +++---
1 file changed, 15 insertions(+), 23 deletions(-)
diff --git a/qemu-nbd.c b/qemu-nbd.c
index a7075c5419..9583ee1af6 100644
--- a/qemu-nbd.c
+++ b/qemu-nbd.c
@@ -265,8 +265,8 @@ static void *nbd_client_thread(void *arg)
char *device = arg;
NBDExportInfo info = { .request_sizes = false, .name = g_strdup("") };
QIOChannelSocket *sioc;
-int fd;
-int ret;
+int fd = -1;
+int ret = EXIT_FAILURE;
pthread_t show_parts_thread;
Error *local_error = NULL;
@@ -278,26 +278,24 @@ static void *nbd_client_thread(void *arg)
goto out;
}
-ret = nbd_receive_negotiate(NULL, QIO_CHANNEL(sioc),
-NULL, NULL, NULL, , _error);
-if (ret < 0) {
+if (nbd_receive_negotiate(NULL, QIO_CHANNEL(sioc),
+ NULL, NULL, NULL, , _error) < 0) {
if (local_error) {
error_report_err(local_error);
}
-goto out_socket;
+goto out;
}
fd = open(device, O_RDWR);
if (fd < 0) {
/* Linux-only, we can use %m in printf. */
error_report("Failed to open %s: %m", device);
-goto out_socket;
+goto out;
}
-ret = nbd_init(fd, sioc, , _error);
-if (ret < 0) {
+if (nbd_init(fd, sioc, , _error) < 0) {
error_report_err(local_error);
-goto out_fd;
+goto out;
}
/* update partition table */
@@ -311,24 +309,18 @@ static void *nbd_client_thread(void *arg)
dup2(STDOUT_FILENO, STDERR_FILENO);
}
-ret = nbd_client(fd);
-if (ret) {
-goto out_fd;
+if (nbd_client(fd) == 0) {
+ret = EXIT_SUCCESS;
}
-close(fd);
-object_unref(OBJECT(sioc));
-g_free(info.name);
-kill(getpid(), SIGTERM);
-return (void *) EXIT_SUCCESS;
-out_fd:
-close(fd);
-out_socket:
+ out:
+if (fd >= 0) {
+close(fd);
+}
object_unref(OBJECT(sioc));
-out:
g_free(info.name);
kill(getpid(), SIGTERM);
-return (void *) EXIT_FAILURE;
+return (void *) (intptr_t) ret;
}
#endif /* HAVE_NBD_DEVICE */
--
2.19.1
