diff mbox

[08/16] btrfs-progs: fix resource leak in scrub_start()

Message ID 1383779755-18228-9-git-send-email-sandeen@redhat.com (mailing list archive)
State Superseded, archived
Headers show

Commit Message

Eric Sandeen Nov. 6, 2013, 11:15 p.m. UTC 
In the "nothing to resume" case we return directly and leak
several bits of memory; goto out to free them properly.

Resolves-Coverity-CID: 1125934
Resolves-Coverity-CID: 1125935
Resolves-Coverity-CID: 1125936
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
---
 cmds-scrub.c |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

Comments

Wang Shilong Nov. 7, 2013, 1:48 a.m. UTC | #1 
Hi Eric,

On 11/07/2013 07:15 AM, Eric Sandeen wrote:
> In the "nothing to resume" case we return directly and leak
> several bits of memory; goto out to free them properly.
>
> Resolves-Coverity-CID: 1125934
> Resolves-Coverity-CID: 1125935
> Resolves-Coverity-CID: 1125936
> Signed-off-by: Eric Sandeen <sandeen@redhat.com>
> ---
>   cmds-scrub.c |    3 ++-
>   1 files changed, 2 insertions(+), 1 deletions(-)
>
> diff --git a/cmds-scrub.c b/cmds-scrub.c
> index 605af45..5f3eade 100644
> --- a/cmds-scrub.c
> +++ b/cmds-scrub.c
> @@ -1261,7 +1261,8 @@ static int scrub_start(int argc, char **argv, int resume)
>   		if (!do_quiet)
>   			printf("scrub: nothing to resume for %s, fsid %s\n",
>   			       path, fsid);
> -		return 2;
> +		err = 2;
> +		goto out;
Thanks for tracking this problem, but
i intend to return 2 in such case originally.
return '!err' will revert to return 1 rather than 2.

Thanks,
Wang
>   	}
>   
>   	ret = prg_fd = socket(AF_UNIX, SOCK_STREAM, 0);

--
To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Wang Shilong Nov. 7, 2013, 1:50 a.m. UTC | #2 
On 11/07/2013 09:48 AM, Wang Shilong wrote:
> Hi Eric,
>
> On 11/07/2013 07:15 AM, Eric Sandeen wrote:
>> In the "nothing to resume" case we return directly and leak
>> several bits of memory; goto out to free them properly.
>>
>> Resolves-Coverity-CID: 1125934
>> Resolves-Coverity-CID: 1125935
>> Resolves-Coverity-CID: 1125936
>> Signed-off-by: Eric Sandeen <sandeen@redhat.com>
>> ---
>>   cmds-scrub.c |    3 ++-
>>   1 files changed, 2 insertions(+), 1 deletions(-)
>>
>> diff --git a/cmds-scrub.c b/cmds-scrub.c
>> index 605af45..5f3eade 100644
>> --- a/cmds-scrub.c
>> +++ b/cmds-scrub.c
>> @@ -1261,7 +1261,8 @@ static int scrub_start(int argc, char **argv, 
>> int resume)
>>           if (!do_quiet)
>>               printf("scrub: nothing to resume for %s, fsid %s\n",
>>                      path, fsid);
>> -        return 2;
>> +        err = 2;
>> +        goto out;
> Thanks for tracking this problem, but
> i intend to return 2 in such case originally.
> return '!err' will revert to return 1 rather than 2.
see label out:

if (err)
     return 1

>
> Thanks,
> Wang
>>       }
>>         ret = prg_fd = socket(AF_UNIX, SOCK_STREAM, 0);
>
> -- 
> To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>

--
To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Eric Sandeen Nov. 7, 2013, 3:46 a.m. UTC | #3 
On 11/6/13, 7:50 PM, Wang Shilong wrote:
> On 11/07/2013 09:48 AM, Wang Shilong wrote:
>> Hi Eric,
>>
>> On 11/07/2013 07:15 AM, Eric Sandeen wrote:
>>> In the "nothing to resume" case we return directly and leak
>>> several bits of memory; goto out to free them properly.
>>>
>>> Resolves-Coverity-CID: 1125934
>>> Resolves-Coverity-CID: 1125935
>>> Resolves-Coverity-CID: 1125936
>>> Signed-off-by: Eric Sandeen <sandeen@redhat.com>
>>> ---
>>>   cmds-scrub.c |    3 ++-
>>>   1 files changed, 2 insertions(+), 1 deletions(-)
>>>
>>> diff --git a/cmds-scrub.c b/cmds-scrub.c
>>> index 605af45..5f3eade 100644
>>> --- a/cmds-scrub.c
>>> +++ b/cmds-scrub.c
>>> @@ -1261,7 +1261,8 @@ static int scrub_start(int argc, char **argv, int resume)
>>>           if (!do_quiet)
>>>               printf("scrub: nothing to resume for %s, fsid %s\n",
>>>                      path, fsid);
>>> -        return 2;
>>> +        err = 2;
>>> +        goto out;
>> Thanks for tracking this problem, but
>> i intend to return 2 in such case originally.
>> return '!err' will revert to return 1 rather than 2.
> see label out:
> 
> if (err)
>     return 1
> 

Ah, whoops.  Ok, well we still need to fix the leak.  

I just expected that setting err & going to out would return err ;)

So probably:

if (err)
   return err;

will work.

I'll send a V2.

Thanks for catching it on review!

-Eric

--
To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Wang Shilong Nov. 7, 2013, 5:06 a.m. UTC | #4 
On 11/07/2013 11:46 AM, Eric Sandeen wrote:
> On 11/6/13, 7:50 PM, Wang Shilong wrote:
>> On 11/07/2013 09:48 AM, Wang Shilong wrote:
>>> Hi Eric,
>>>
>>> On 11/07/2013 07:15 AM, Eric Sandeen wrote:
>>>> In the "nothing to resume" case we return directly and leak
>>>> several bits of memory; goto out to free them properly.
>>>>
>>>> Resolves-Coverity-CID: 1125934
>>>> Resolves-Coverity-CID: 1125935
>>>> Resolves-Coverity-CID: 1125936
>>>> Signed-off-by: Eric Sandeen <sandeen@redhat.com>
>>>> ---
>>>>    cmds-scrub.c |    3 ++-
>>>>    1 files changed, 2 insertions(+), 1 deletions(-)
>>>>
>>>> diff --git a/cmds-scrub.c b/cmds-scrub.c
>>>> index 605af45..5f3eade 100644
>>>> --- a/cmds-scrub.c
>>>> +++ b/cmds-scrub.c
>>>> @@ -1261,7 +1261,8 @@ static int scrub_start(int argc, char **argv, int resume)
>>>>            if (!do_quiet)
>>>>                printf("scrub: nothing to resume for %s, fsid %s\n",
>>>>                       path, fsid);
>>>> -        return 2;
>>>> +        err = 2;
>>>> +        goto out;
>>> Thanks for tracking this problem, but
>>> i intend to return 2 in such case originally.
>>> return '!err' will revert to return 1 rather than 2.
>> see label out:
>>
>> if (err)
>>      return 1
>>
> Ah, whoops.  Ok, well we still need to fix the leak.
>
> I just expected that setting err & going to out would return err ;)
>
> So probably:
>
> if (err)
>     return err;
No, we can't.
maybe add a flag, something like:

flag = 0;

/*  we set flag here for a special case */
if (!do_quient)
     printf....
flag = 2;


then in label
out:
...
/* this happen if nothing resume */
     if (flag)
         return flag
/* syntax or other error happens */
     if (err)
         return 1

Previously, 'err' can be an casual positive numbers or error number.
However, we define that we return 1 if syntax error happens.

Thanks,
Wang
>
> will work.
>
> I'll send a V2.
>
> Thanks for catching it on review!
>
> -Eric
>
>


--
To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
diff mbox

Patch

diff --git a/cmds-scrub.c b/cmds-scrub.c
index 605af45..5f3eade 100644
--- a/cmds-scrub.c
+++ b/cmds-scrub.c
@@ -1261,7 +1261,8 @@  static int scrub_start(int argc, char **argv, int resume)
 		if (!do_quiet)
 			printf("scrub: nothing to resume for %s, fsid %s\n",
 			       path, fsid);
-		return 2;
+		err = 2;
+		goto out;
 	}
 
 	ret = prg_fd = socket(AF_UNIX, SOCK_STREAM, 0);